PC-HELP.CZ

Dobrý den , chtěl bych požádat o kontrolu logu.Zdá se mi , že mám něco s pc .Když se chci připojit přes steam na nějakou hru , tak mi to pokaždé zamrzne a musím to vypnout ve správci.Zkoušel jsem přeinstalovat i hru(cs 1.6) , pročistit CCleanerem a pořád nic.Předem díky

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:37, on 30.11.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RefreshLock.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
D:\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: RefreshLock.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Stáhnout s IDM - D:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - D:\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - D:\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6933 bytes

Tak to dávám do topu jestli přece jenom někdo neví.Prostě mi zlobí cs občas nejde založit ani LAN server v offline modu .Funguje to jenom pokud zakážu připojení k síti , ale vůbec nevím proč.Celkem mě to už štve ..

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Když tady nebudu zastoupí mě memphisto.

Tady je ten log

Malwarebytes' Anti-Malware 1.33
Verze databáze: 1658
Windows 6.0.6001 Service Pack 1

16.1.2009 12:12:59
mbam-log-2009-01-16 (12-12-54).txt

Typ skenu: Rychlý sken
Objektu skenováno: 49980
Uplynulý cas: 3 minute(s), 59 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
C:\Windows\rundll16.exe (Fake.Dropped.Malware) -> No action taken.
C:\Windows\System32\vcmgcd32.dll (Trojan.Agent) -> No action taken.
C:\Windows\System32\systems.txt (Trojan.Vundo) -> No action taken.
C:\Windows\logo1_.exe (Worm.Viking) -> No action taken.

Jen zbytky z MWAVU..
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log + nový log z HJT.
A napiš zda máš vistu 32 nebo 64bit.

Tak sem dávám oba logy.Mám vistu 32b.Díky moc za tvuj čas

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:41, on 16.1.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MagicTune Premium\GammaTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Internet Download Manager\IEMonitor.exe
C:\Program Files\QIP\qip.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [IDMan] C:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: GammaTray.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe




--
End of file - 8746 bytes


Malwarebytes' Anti-Malware 1.33
Verze databáze: 1658
Windows 6.0.6001 Service Pack 1

16.1.2009 16:57:39
mbam-log-2009-01-16 (16-57-39).txt

Typ skenu: Rychlý sken
Objektu skenováno: 49787
Uplynulý cas: 4 minute(s), 20 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
C:\Windows\rundll16.exe (Fake.Dropped.Malware) -> Delete on reboot.
C:\Windows\System32\vcmgcd32.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\systems.txt (Trojan.Vundo) -> Delete on reboot.
C:\Windows\logo1_.exe (Worm.Viking) -> Delete on reboot.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:


vyčisti systém CCleanerem
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.

Zkontroluj si DirectX ( Start-spustit-napiš dxdiag) pokud tam máš napsáno nalezeny problémy -dej opravit.
Zkus kontrolu RAM Memtestem , HDD.
Když to nepomůže:
Vypni rez. ochranu u Aviry.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Hm nevím co se stalo , ale vše už jak se zdá funguje - pro jistotu dodávám ten log .Memtest a kontrola hdd asi nebude potřeba díky moc.Musím to poslat na dvakrát ...

ComboFix 09-01-15.01 - Rubydlo 2009-01-16 17:31:08.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1250.1.1029.18.3582.2661 [GMT 1:00]
Spuštěný z: c:\users\Rubydlo\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\btcore.dll
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49575a2c.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49575c58.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49577971.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49577af5.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49578244.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495a452f.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495a4f99.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495a6c22.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495becbe.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495d32b7.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495d33a3.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495f460a.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\495fb1d0.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49624453.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\496259d5.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49637d62.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49637e79.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4963866c.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4963875c.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4964e70f.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49663ffd.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49687099.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\49687166.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4968e111.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4969de8b.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4969e074.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\496a4a46.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\496b4331.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\496c981e.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\496db625.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\496e06b1.torrent
c:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\497065ff.torrent
c:\program files\FlashGet Network\FlashGet universal\btwrap.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.exe
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose - 2008.12.28 11.50.48.log
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\FGVer.dll
c:\program files\FlashGet Network\FlashGet universal\flashget.exe
c:\program files\FlashGet Network\FlashGet universal\gt.exe
c:\program files\FlashGet Network\FlashGet universal\hashgen.dll
c:\program files\FlashGet Network\FlashGet universal\Help\license.txt
c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
c:\program files\FlashGet Network\FlashGet universal\libupnp.dll
c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_0.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_1.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_2.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_3.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_4.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_5.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_6.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_7.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_8.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\1B3EF552BAFE02C1A4A5E83C9B1FC7EB55273651_9.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_0.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_1.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_2.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_3.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_4.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_5.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_6.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_7.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_8.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\59E649D7AF10EEB82FE4E155E48B09394F93EBA7_9.jpg
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\storage.dll
c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
c:\program files\FlashGet Network\FlashGet universal\transaction - 2008.12.28 11.50.48.log
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\program files\FlashGet Network\FlashGet universal\uninst.exe
c:\program files\FlashGet Network\FlashGet universal\zlib.dll
c:\users\Rubydlo\AppData\Roaming\BITS
c:\users\Rubydlo\AppData\Roaming\BITS\BITS.ini
c:\users\Rubydlo\AppData\Roaming\BITS\DHTTable.dat
c:\users\Rubydlo\AppData\Roaming\BITS\ProxyList.ini
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081030170321.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081030170321.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081030170321.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081030170321.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081030170321.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031153404.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031153404.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031153404.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031153404.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031153404.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031153404.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031154416.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031154416.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031154416.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031154416.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031154416.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081031154416.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081107162939.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081107162939.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081107162939.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081107162939.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081107162939.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081107162939.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081117093403.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081117093403.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081117093403.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081117093403.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081117093403.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081117093403.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081122191308.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081122191308.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081122191308.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081122191308.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081122191308.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123143854.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123143854.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123143854.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123143854.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123144629.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123144629.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123144629.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123144629.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123144629.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145240.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145240.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145240.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145240.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145240.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145348.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145348.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145348.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145348.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145348.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123145348.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150019.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150019.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150019.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150019.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150019.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150019.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150714.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150714.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150714.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150714.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123150714.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123151546.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123151546.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123151546.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123151546.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123151546.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123151546.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123153846.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123153846.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123153846.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123153846.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081123153846.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124171056.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124171056.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124171056.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124171056.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124171056.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124171056.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172035.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172035.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172035.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172035.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172035.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172324.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172324.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172324.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172324.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081124172324.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228115124.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228115124.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228115124.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228115124.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228115124.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228120040.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228120040.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228120040.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228120040.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228120040.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228140449.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228140449.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228140449.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228140449.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228140449.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228141117.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228141117.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228141117.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228141117.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228141117.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228144228.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228144228.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228144228.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228144228.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228144228.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081228144228.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230165839.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230165839.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230165839.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230165839.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230165839.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230174305.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230174305.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230174305.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230174305.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230194450.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230194450.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230194450.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230194450.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081230194450.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20081231230550.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101110500.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101110500.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101110500.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101110500.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101110500.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101221639.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101221639.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101221639.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101221639.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101221639.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101221639.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101222035.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101222035.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101222035.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101222035.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101222035.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090101222035.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103120338.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103120338.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103120338.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103120338.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103120338.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103194328.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103194328.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103194328.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103194328.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103194328.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090103194328.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105183307.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105183307.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105183307.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105183307.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105183307.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105200453.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105200453.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105200453.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105200453.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105200453.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090105200453.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106164850.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106164850.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106164850.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106164850.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106164850.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106164850.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106165329.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106165329.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106165329.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106165329.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106172724.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106172724.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106172724.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106172724.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106172724.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106173124.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106173124.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106173124.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106173124.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090106173124.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090107183159.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090107183159.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090107183159.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090107183159.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090107183159.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090108190341.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090108190341.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090108190341.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090108190341.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090108190341.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105537.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105537.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105537.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105537.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105537.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105902.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105902.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105902.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105902.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110105902.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110185529.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110185529.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110185529.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110185529.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090110185529.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111125659.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111125659.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111125659.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111125659.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111130508.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111130508.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111130508.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111130508.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111130508.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111193848.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111193848.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111193848.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111193848.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111193848.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111193848.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111203638.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111203638.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111203638.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111203638.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090111203638.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090112141841.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090112141841.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090112141841.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090112141841.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090113143318.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090113143318.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090113143318.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090113143318.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090113143318.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114105341.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114105341.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114105341.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114105341.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114105341.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114163721.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114163721.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114163721.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114163721.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090114163721.torrent.seeds
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090116114831.torrent
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090116114831.torrent.~tmp
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090116114831.torrent.bits
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090116114831.torrent.filelist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090116114831.torrent.hybridlist
c:\users\Rubydlo\AppData\Roaming\BITS\Torrent\20090116114831.torrent.seeds

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-12-16 do 2009-01-16 )))))))))))))))))))))))))))))))
.

2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Malwarebytes
2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\programdata\Malwarebytes
2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-16 12:07 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-16 12:07 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-15 19:59 . 2007-03-06 13:15 1,059,112 --a------ c:\windows\System32\drivers\nvmfdx32.sys
2009-01-14 17:31 . 2009-01-16 17:05 <DIR> d-------- c:\program files\Common Files\Steam
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\SUPERAntiSpyware.com
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\users\All Users\SUPERAntiSpyware.com
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\programdata\SUPERAntiSpyware.com
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-13 19:00 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2009-01-13 18:43 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll
2009-01-13 18:43 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll
2009-01-13 18:43 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe
2009-01-13 18:41 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2009-01-13 18:41 . 2008-08-02 02:01 625,152 --a------ c:\windows\System32\drivers\dxgkrnl.sys
2009-01-13 18:41 . 2008-06-26 04:29 565,248 --a------ c:\windows\System32\emdmgmt.dll
2009-01-13 18:41 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll
2009-01-13 18:41 . 2008-05-20 03:07 148,480 --a------ c:\windows\System32\drivers\nwifi.sys
2009-01-13 18:41 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2009-01-13 18:41 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll
2009-01-13 18:41 . 2008-06-26 04:29 45,056 --a------ c:\windows\System32\dataclen.dll
2009-01-13 18:41 . 2008-08-02 04:26 36,864 --a------ c:\windows\System32\cdd.dll
2009-01-13 18:40 . 2008-05-08 22:59 430,080 --a------ c:\windows\System32\vbscript.dll
2009-01-13 18:40 . 2008-05-08 22:59 180,224 --a------ c:\windows\System32\scrobj.dll
2009-01-13 18:40 . 2008-05-08 22:59 172,032 --a------ c:\windows\System32\scrrun.dll
2009-01-13 18:40 . 2008-05-08 22:59 155,648 --a------ c:\windows\System32\wscript.exe
2009-01-13 18:40 . 2008-05-08 22:58 135,168 --a------ c:\windows\System32\wshom.ocx
2009-01-13 18:40 . 2008-05-08 22:58 135,168 --a------ c:\windows\System32\cscript.exe
2009-01-13 18:40 . 2008-05-08 22:59 90,112 --a------ c:\windows\System32\wshext.dll
2009-01-09 15:53 . 2009-01-09 15:53 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\DAEMON Tools Pro
2009-01-09 15:52 . 2009-01-09 15:53 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\DAEMON Tools Lite
2009-01-09 15:52 . 2009-01-09 15:52 <DIR> d-------- c:\users\All Users\DAEMON Tools Lite
2009-01-09 15:52 . 2009-01-09 15:52 <DIR> d-------- c:\programdata\DAEMON Tools Lite
2009-01-09 15:52 . 2009-01-09 15:52 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-01-08 15:28 . 2009-01-14 17:36 <DIR> d-------- c:\program files\cstrike
2009-01-04 15:26 . 2009-01-04 15:26 <DIR> d-------- c:\program files\PDFCreator Toolbar
2009-01-04 15:26 . 2009-01-04 15:26 253,139 --a------ c:\windows\PDFCreator_Toolbar_Uninstaller_3368.exe
2009-01-04 15:25 . 2009-01-04 15:28 <DIR> d-------- c:\program files\PDFCreator
2009-01-04 15:25 . 2004-03-09 01:00 662,288 --a------ c:\windows\System32\MSCOMCT2.OCX
2009-01-04 15:25 . 1998-06-24 01:00 137,000 --a------ c:\windows\System32\MSMAPI32.OCX
2009-01-04 15:25 . 2001-10-28 17:42 116,224 --a------ c:\windows\System32\pdfcmnnt.dll
2009-01-04 15:25 . 1998-07-06 01:00 23,552 --a------ c:\windows\System32\MSMPIDE.DLL
2008-12-31 13:01 . 2008-12-31 13:01 <DIR> d-------- c:\users\All Users\ATI
2008-12-31 13:01 . 2008-12-31 13:01 <DIR> d-------- c:\programdata\ATI
2008-12-31 13:00 . 2008-12-31 13:01 <DIR> d-------- c:\program files\ATI Technologies
2008-12-31 12:44 . 2008-12-31 12:44 <DIR> d-------- C:\ATI2
2008-12-31 12:41 . 2008-12-31 12:41 <DIR> d-------- c:\program files\SEC
2008-12-31 12:24 . 2008-12-31 12:24 <DIR> d-------- C:\ATI
2008-12-30 17:39 . 2008-12-30 17:39 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Convivea
2008-12-30 17:39 . 2008-12-30 17:39 <DIR> d-------- c:\program files\Bit Che
2008-12-30 17:13 . 2008-12-30 17:14 <DIR> d-------- c:\program files\The KMPlayer
2008-12-30 13:22 . 2008-12-30 13:22 <DIR> d-------- c:\program files\Common Files\ATI Technologies
2008-12-30 12:56 . 2008-12-30 13:26 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Folding@home-gpu
2008-12-30 12:56 . 2008-12-30 12:56 <DIR> d-------- c:\program files\Folding@home
2008-12-30 12:24 . 2008-12-30 12:24 <DIR> d-------- c:\program files\MagicTune Premium
2008-12-30 12:24 . 2006-08-28 17:12 13,312 --a------ c:\windows\System32\drivers\MTictwl.sys
2008-12-29 19:22 . 2007-06-04 05:24 1,087,216 --a------ c:\windows\System32\zpeng24.dll
2008-12-29 19:21 . 2008-12-29 19:21 <DIR> d-------- c:\users\All Users\CheckPoint
2008-12-29 19:21 . 2008-12-29 19:21 <DIR> d-------- c:\programdata\CheckPoint
2008-12-29 19:21 . 2007-06-04 05:28 270,488 --a------ c:\windows\System32\drivers\vsdatant.sys
2008-12-29 19:12 . 2008-12-29 19:07 262,144 --a------ c:\program files\Uninstall Spy Blocker.dll
2008-12-29 19:04 . 2008-12-29 19:35 <DIR> d-------- c:\windows\System32\ZoneLabs
2008-12-29 19:04 . 2008-12-29 19:04 <DIR> d-------- c:\program files\Zone Labs
2008-12-29 15:01 . 2008-12-29 15:01 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Desktopicon
2008-12-29 14:55 . 2008-12-29 14:55 <DIR> d-------- c:\program files\DsNET Corp
2008-12-29 14:55 . 2004-03-09 00:00 124,688 --a------ c:\windows\System32\MSWINSCK.OCX
2008-12-29 14:02 . 2008-12-29 14:02 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Media Player Classic
2008-12-29 13:26 . 2008-12-29 13:26 <DIR> d-------- c:\program files\Common Files\Microsoft Games
2008-12-28 17:14 . 2008-12-28 17:14 <DIR> d-------- c:\program files\Electronic Arts
2008-12-27 11:32 . 2008-12-27 11:32 <DIR> d-------- c:\program files\CCleaner
2008-12-26 15:55 . 2008-12-26 15:55 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Thinstall
2008-12-26 11:46 . 2008-12-01 20:53 3,256,320 --a------ c:\windows\System32\amdcaldd.dll
2008-12-26 11:46 . 2008-12-01 20:56 57,344 --a------ c:\windows\System32\amdcalrt.dll
2008-12-26 11:46 . 2008-12-01 20:56 53,248 --a------ c:\windows\System32\amdcalcl.dll
2008-12-23 09:41 . 2008-05-02 02:38 301,656 --a------ c:\windows\System32\BtCoreIf.dll
2008-12-23 09:40 . 2008-12-23 09:41 <DIR> d-------- c:\program files\Common Files\Logishrd
2008-12-21 18:26 . 2008-12-21 18:26 <DIR> d-------- c:\windows\Sun
2008-12-19 22:10 . 2008-12-19 22:10 603,904 --a------ c:\windows\System32\TUProgSt.exe
2008-12-19 21:45 . 2009-01-10 11:50 350 --a------ c:\windows\RefreshLock.ini
2008-12-19 13:37 . 2008-11-09 10:24 241,664 --a------ c:\program files\Uninstall Ask Toolbar.dll
2008-12-18 17:30 . 2008-12-18 18:46 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\SecondLife
2008-12-18 17:30 . 2008-12-18 17:30 24 --a------ C:\url_history.xml

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-16 16:33 --------- d-----w c:\users\Rubydlo\AppData\Roaming\DMCache
2009-01-13 19:23 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-01-13 18:49 --------- d-----w c:\program files\Windows Mail
2009-01-13 18:08 --------- d-----w c:\programdata\Microsoft Help
2009-01-09 14:53 --------- d-----w c:\users\Rubydlo\AppData\Roaming\DAEMON Tools
2009-01-09 14:52 --------- d-----w c:\program files\DAEMON Tools Toolbar
2009-01-08 19:20 --------- d-----w c:\program files\Astonsoft
2009-01-04 13:59 --------- d-----w c:\program files\OpenOffice.org 3
2008-12-31 11:41 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-30 12:21 --------- d-----w c:\program files\ATI
2008-12-29 18:21 --------- d-----w c:\programdata\CheckPoint
2008-12-29 18:18 --------- d---a-w c:\programdata\TEMP
2008-12-29 11:18 --------- d-----w c:\program files\Rockstar Games
2008-12-28 10:48 --------- d-----w c:\program files\FlashGet
2008-12-23 08:41 --------- d-----w c:\program files\Common Files\Logitech
2008-12-19 21:20 --------- d-----w c:\program files\QIP
2008-12-19 21:09 --------- d-sh--w c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-14 10:24 --------- d-----w c:\program files\GOM
2008-12-13 10:04 --------- d-----w c:\program files\MSBuild
2008-12-13 10:04 --------- d-----w c:\program files\Microsoft Works
2008-12-13 10:00 --------- d-----w c:\program files\Microsoft.NET
2008-12-13 09:58 --------- d-----w c:\program files\Microsoft Visual Studio 8
2008-12-09 14:37 --------- d-----w c:\users\Rubydlo\AppData\Roaming\ICQ
2008-12-09 14:37 --------- d-----w c:\programdata\ICQ
2008-12-09 14:37 --------- d-----w c:\program files\ICQ6Toolbar
2008-12-09 14:19 --------- d-----w c:\program files\Sunbelt Software
2008-12-09 14:08 --------- d-----w c:\users\Rubydlo\AppData\Roaming\QIP
2008-12-08 19:51 --------- d-----w c:\programdata\MailFrontier
2008-12-08 16:47 --------- d-----w c:\program files\Google
2008-12-07 09:34 1,390,730 ----a-w c:\windows\System32\AutoPartNt.exe
2008-12-05 20:11 --------- d-----w c:\program files\Microsoft Games for Windows - LIVE
2008-12-05 19:14 174 --sha-w c:\program files\desktop.ini
2008-12-05 19:05 --------- d-----w c:\program files\Windows Sidebar
2008-12-05 19:05 --------- d-----w c:\program files\Windows Photo Gallery
2008-12-05 19:05 --------- d-----w c:\program files\Windows Journal
2008-12-05 19:05 --------- d-----w c:\program files\Windows Defender
2008-12-05 19:05 --------- d-----w c:\program files\Windows Collaboration
2008-12-05 19:05 --------- d-----w c:\program files\Windows Calendar
2008-12-05 18:48 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-12-05 18:47 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-12-05 18:11 47,560 ----a-w c:\windows\System32\SPReview.exe
2008-12-05 18:11 152,576 ----a-w c:\windows\System32\SPWizUI.dll
2008-12-05 16:15 --------- d-----w c:\programdata\Acronis
2008-12-05 14:41 114,048 ----a-w c:\windows\system32\drivers\snapman.sys
2008-11-29 20:53 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2008-11-29 20:53 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-11-29 20:53 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2008-11-29 20:52 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2008-11-29 20:50 2,048 ----a-w c:\windows\System32\msxml3r.dll
2008-11-29 20:50 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2008-11-29 20:49 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2008-11-29 20:49 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2008-11-29 20:49 347,136 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2008-11-29 20:49 --------- d-----w c:\program files\Windows Live
2008-11-29 20:48 443,392 ----a-w c:\windows\System32\win32spl.dll
2008-11-29 20:48 37,888 ----a-w c:\windows\System32\printcom.dll
2008-11-29 20:48 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-11-29 20:46 2,048 ----a-w c:\windows\System32\msxml6r.dll
2008-11-29 20:46 1,334,272 ----a-w c:\windows\System32\msxml6.dll
2008-11-29 18:36 --------- d-----w c:\program files\Trend Micro
2008-11-29 14:24 --------- d-----w c:\users\Rubydlo\AppData\Roaming\IDM
2008-11-29 09:23 626,688 ----a-w c:\windows\System32\msvcr80.dll
2008-11-29 09:23 548,864 ----a-w c:\windows\System32\msvcp80.dll
2008-11-29 09:23 28,672 ----a-w c:\windows\System32\eEmpty.exe
2008-11-29 09:23 --------- d-----w c:\programdata\MicroWorld
2008-11-28 12:28 --------- d-----w c:\users\Rubydlo\AppData\Roaming\TuneUp Software
2008-11-28 12:27 --------- d-----w c:\programdata\TuneUp Software
2008-11-26 15:19 --------- d-----w c:\programdata\Avira
2008-11-26 15:19 --------- d-----w c:\program files\Avira
2008-11-25 14:08 --------- d-----w c:\users\Rubydlo\AppData\Roaming\FlashGet
2008-11-24 20:33 --------- d-----w c:\programdata\Yahoo! Companion
2008-11-24 18:14 --------- d-----w c:\users\Rubydlo\AppData\Roaming\Ventrilo
2008-11-24 18:13 --------- d-----w c:\program files\VentriloMIX
2008-11-20 16:01 --------- d-----w c:\program files\IObit
2008-11-19 18:41 516,096 ----a-w c:\windows\UN32.EXE
2008-11-17 12:02 --------- d-----w c:\users\Rubydlo\AppData\Roaming\Zoner
2008-11-16 13:56 --------- d-----w c:\program files\Seznam DVD
2008-11-14 18:54 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-11-14 18:54 43,544 ----a-w c:\windows\System32\wups2.dll
2008-11-14 18:54 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-11-14 18:54 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-11-14 18:53 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-11-14 18:53 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-11-14 18:53 34,328 ----a-w c:\windows\System32\wups.dll
2008-11-14 18:52 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-11-14 18:52 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-11-14 14:53 410,976 ----a-w c:\windows\System32\deploytk.dll
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-28 16:41 14,303,392 ----a-w c:\windows\System32\xlive.dll
2008-10-28 16:41 13,643,936 ----a-w c:\windows\System32\xlivefnt.dll
2008-10-27 09:04 70,992 ----a-w c:\windows\System32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\System32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\System32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\System32\X3DAudio1_5.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\internet download manager\IDMan.exe" [2008-12-05 2606512]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GammaTray.lnk - c:\program files\MagicTune Premium\GammaTray.exe [2008-12-30 36864]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-23 805392]
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2008-12-31 49220]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dock.lnk]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dock.lnk
backup=c:\windows\pss\Dock.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home-gpu.lnk]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home-gpu.lnk
backup=c:\windows\pss\Folding@home-gpu.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lsass.exe]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lsass.exe
backup=c:\windows\pss\lsass.exe.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RefreshLock.exe]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RefreshLock.exe
backup=c:\windows\pss\RefreshLock.exe.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
--a------ 2008-05-02 11:59 307200 c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2008-12-05 18:58 2606512 c:\internet download manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-08-29 17:11 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-12-22 11:05 1830128 c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2008-01-18 23:33 202240 c:\program files\Windows Media Player\wmpnscfg.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{513A796E-8E78-4560-9CCB-AC1CA1FAAFD7}c:\\program files\\qip\\qip.exe"= UDP:c:\program files\qip\qip.exe:Quiet Internet Pager
"UDP Query User{65EA48F8-351C-4D34-BC4B-2CC089D76240}c:\\program files\\qip\\qip.exe"= TCP:c:\program files\qip\qip.exe:Quiet Internet Pager
"TCP Query User{BB17A5FD-4711-40D0-8B99-A6BFAFF29241}c:\\program files\\qip\\qip.exe"= UDP:c:\program files\qip\qip.exe:Quiet Internet Pager
"UDP Query User{89BD209E-2763-4075-9435-2CA34B78A22D}c:\\program files\\qip\\qip.exe"= TCP:c:\program files\qip\qip.exe:Quiet Internet Pager
"TCP Query User{30232E83-5C74-43CE-BC05-65615D7B2752}c:\\program files\\gigabyte\\@bios\\gwflash.exe"= UDP:c:\program files\gigabyte\@bios\gwflash.exe:@BIOS Application
"UDP Query User{230AE6B9-167B-40CC-9B3F-B4EBE9408B15}c:\\program files\\gigabyte\\@bios\\gwflash.exe"= TCP:c:\program files\gigabyte\@bios\gwflash.exe:@BIOS Application
"{8AF19C18-2216-454F-9613-45E4920D0019}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{D53CA652-1625-41CF-BFAA-7325BF8D49E4}c:\\program files\\trillian\\trillian.exe"= UDP:c:\program files\trillian\trillian.exe:Trillian
"UDP Query User{FE6E45C5-CB79-45F1-9F2F-E47004675F58}c:\\program files\\trillian\\trillian.exe"= TCP:c:\program files\trillian\trillian.exe:Trillian
"TCP Query User{5A507DB5-7D96-4687-BC11-31440128B24F}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{2CD9EA24-C525-4F30-9EB8-23CEA74B5CF5}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{24ECF6B8-034F-4907-9A43-863EA31831A1}d:\\downloading\\sdc221\\strongdc.exe"= UDP:d:\downloading\sdc221\strongdc.exe:StrongDC++
"UDP Query User{D3A22D23-3F55-4C79-B4BA-7E359C4ACBCF}d:\\downloading\\sdc221\\strongdc.exe"= TCP:d:\downloading\sdc221\strongdc.exe:StrongDC++
"{49B2D398-5739-406F-866A-E3CCE4EFE018}"= UDP:d:\r-gta4\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{77FE3665-7361-4A3E-91AE-D73F4662A7E4}"= TCP:d:\r-gta4\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"TCP Query User{43500543-93CF-486E-8775-D0087D0E8F94}c:\\program files\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{04BBEC8A-A0A0-49E2-873A-75E62EB9C257}c:\\program files\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"{3569D2DD-0513-41EC-9FF6-0298C15C8741}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{D2D15DEF-CEBA-45A5-9048-F36F41C0EB38}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{A2A3A280-E9D4-40AD-9758-7D6A0E980FF7}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C2636338-5D19-4519-884F-54562D98BD83}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2EAC3419-8A85-4BBF-B7F6-BD9FFB72921C}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{CCD7CF00-376C-4B88-B3E9-4C3C24DC2B0F}c:\\program files\\flashget network\\flashget universal\\flashget.exe"= UDP:c:\program files\flashget network\flashget universal\flashget.exe:flashget
"UDP Query User{B1D6925A-708D-42AB-9DD1-ECB15439AA20}c:\\program files\\flashget network\\flashget universal\\flashget.exe"= TCP:c:\program files\flashget network\flashget universal\flashget.exe:flashget
"TCP Query User{6924E48D-577A-4D67-BB39-600B99871300}c:\\stahovani\\sdc221\\strongdc.exe"= UDP:c:\stahovani\sdc221\strongdc.exe:StrongDC++
"UDP Query User{5416A3D8-E320-49A4-8FCA-5C4292B2889A}c:\\stahovani\\sdc221\\strongdc.exe"= TCP:c:\stahovani\sdc221\strongdc.exe:StrongDC++
"TCP Query User{8D41CE05-416D-4150-BF20-8EEA404BB705}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= UDP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{7A31E2DF-A731-4C35-924E-75A12EC4B7EE}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= TCP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{868E2457-0021-4D65-A7F9-BC0F81E71AA7}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= UDP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{AB71437E-E520-4181-81B1-2E9131DEA855}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= TCP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\FlashGet.exe"= c:\program files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdate.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdateEx.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx

R1 PSched;Plánovač paketů technologie QoS;c:\windows\System32\drivers\pacer.sys [2009-01-13 72192]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]
R4 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-11-26 68865]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]
S4 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service;"c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe" --> c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c69d528-de52-11dd-8461-001d7d921a4b}]
\shell\AutoRun\command - F:\RZRSETUP.EXE
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-Steam - c:\program files\steam\steam.exe


.
------- Doplňkový sken -------
.
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\internet download manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\internet download manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\internet download manager\IEGetAll.htm
FF - ProfilePath - c:\users\Rubydlo\AppData\Roaming\Mozilla\Firefox\Profiles\oemf6re7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/ig
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\users\Rubydlo\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Rubydlo\AppData\Roaming\Mozilla\Firefox\Profiles\oemf6re7.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 17:33:44
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2009-01-16 17:35:42
ComboFix-quarantined-files.txt 2009-01-16 16:35:41

Před spuštěním: Volných bajtů: 26 022 608 896
Po spuštění: Volných bajtů: 25,978,740,736

895 --- E O F --- 2009-01-13 18:08:37

No , ten Combofix s tím zatočil...
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Přidávám oba logy.... Ještě jednou díky za tvůj čas

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:32:48, on 16.1.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MagicTune Premium\GammaTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\QIP\qip.exe
D:\STEAM\Steam.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [IDMan] C:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: GammaTray.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7376 bytes




ComboFix 09-01-15.01 - Rubydlo 2009-01-16 18:28:15.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1250.1.1029.18.3582.2500 [GMT 1:00]
Spuštěný z: c:\users\Rubydlo\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Rubydlo\Desktop\CFScript.txt

FILE ::
c:\windows\UN32.EXE
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\UN32.EXE

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-12-16 do 2009-01-16 )))))))))))))))))))))))))))))))
.

2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Malwarebytes
2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\programdata\Malwarebytes
2009-01-16 12:07 . 2009-01-16 12:07 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-16 12:07 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-16 12:07 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-01-15 19:59 . 2007-03-06 13:15 1,059,112 --a------ c:\windows\System32\drivers\nvmfdx32.sys
2009-01-14 17:31 . 2009-01-16 17:39 <DIR> d-------- c:\program files\Common Files\Steam
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\SUPERAntiSpyware.com
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\users\All Users\SUPERAntiSpyware.com
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\programdata\SUPERAntiSpyware.com
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-01-13 20:10 . 2009-01-13 20:10 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-13 19:00 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2009-01-13 18:43 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll
2009-01-13 18:43 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll
2009-01-13 18:43 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe
2009-01-13 18:41 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2009-01-13 18:41 . 2008-08-02 02:01 625,152 --a------ c:\windows\System32\drivers\dxgkrnl.sys
2009-01-13 18:41 . 2008-06-26 04:29 565,248 --a------ c:\windows\System32\emdmgmt.dll
2009-01-13 18:41 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll
2009-01-13 18:41 . 2008-05-20 03:07 148,480 --a------ c:\windows\System32\drivers\nwifi.sys
2009-01-13 18:41 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2009-01-13 18:41 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll
2009-01-13 18:41 . 2008-06-26 04:29 45,056 --a------ c:\windows\System32\dataclen.dll
2009-01-13 18:41 . 2008-08-02 04:26 36,864 --a------ c:\windows\System32\cdd.dll
2009-01-13 18:40 . 2008-05-08 22:59 430,080 --a------ c:\windows\System32\vbscript.dll
2009-01-13 18:40 . 2008-05-08 22:59 180,224 --a------ c:\windows\System32\scrobj.dll
2009-01-13 18:40 . 2008-05-08 22:59 172,032 --a------ c:\windows\System32\scrrun.dll
2009-01-13 18:40 . 2008-05-08 22:59 155,648 --a------ c:\windows\System32\wscript.exe
2009-01-13 18:40 . 2008-05-08 22:58 135,168 --a------ c:\windows\System32\wshom.ocx
2009-01-13 18:40 . 2008-05-08 22:58 135,168 --a------ c:\windows\System32\cscript.exe
2009-01-13 18:40 . 2008-05-08 22:59 90,112 --a------ c:\windows\System32\wshext.dll
2009-01-09 15:53 . 2009-01-09 15:53 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\DAEMON Tools Pro
2009-01-09 15:52 . 2009-01-09 15:53 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\DAEMON Tools Lite
2009-01-09 15:52 . 2009-01-09 15:52 <DIR> d-------- c:\users\All Users\DAEMON Tools Lite
2009-01-09 15:52 . 2009-01-09 15:52 <DIR> d-------- c:\programdata\DAEMON Tools Lite
2009-01-09 15:52 . 2009-01-09 15:52 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-01-08 15:28 . 2009-01-14 17:36 <DIR> d-------- c:\program files\cstrike
2009-01-04 15:26 . 2009-01-04 15:26 <DIR> d-------- c:\program files\PDFCreator Toolbar
2009-01-04 15:26 . 2009-01-04 15:26 253,139 --a------ c:\windows\PDFCreator_Toolbar_Uninstaller_3368.exe
2009-01-04 15:25 . 2009-01-04 15:28 <DIR> d-------- c:\program files\PDFCreator
2009-01-04 15:25 . 2004-03-09 01:00 662,288 --a------ c:\windows\System32\MSCOMCT2.OCX
2009-01-04 15:25 . 1998-06-24 01:00 137,000 --a------ c:\windows\System32\MSMAPI32.OCX
2009-01-04 15:25 . 2001-10-28 17:42 116,224 --a------ c:\windows\System32\pdfcmnnt.dll
2009-01-04 15:25 . 1998-07-06 01:00 23,552 --a------ c:\windows\System32\MSMPIDE.DLL
2008-12-31 13:01 . 2008-12-31 13:01 <DIR> d-------- c:\users\All Users\ATI
2008-12-31 13:01 . 2008-12-31 13:01 <DIR> d-------- c:\programdata\ATI
2008-12-31 13:00 . 2008-12-31 13:01 <DIR> d-------- c:\program files\ATI Technologies
2008-12-31 12:44 . 2008-12-31 12:44 <DIR> d-------- C:\ATI2
2008-12-31 12:41 . 2008-12-31 12:41 <DIR> d-------- c:\program files\SEC
2008-12-31 12:24 . 2008-12-31 12:24 <DIR> d-------- C:\ATI
2008-12-30 17:39 . 2008-12-30 17:39 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Convivea
2008-12-30 17:39 . 2008-12-30 17:39 <DIR> d-------- c:\program files\Bit Che
2008-12-30 17:13 . 2008-12-30 17:14 <DIR> d-------- c:\program files\The KMPlayer
2008-12-30 13:22 . 2008-12-30 13:22 <DIR> d-------- c:\program files\Common Files\ATI Technologies
2008-12-30 12:56 . 2008-12-30 13:26 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Folding@home-gpu
2008-12-30 12:56 . 2008-12-30 12:56 <DIR> d-------- c:\program files\Folding@home
2008-12-30 12:24 . 2008-12-30 12:24 <DIR> d-------- c:\program files\MagicTune Premium
2008-12-30 12:24 . 2006-08-28 17:12 13,312 --a------ c:\windows\System32\drivers\MTictwl.sys
2008-12-29 19:22 . 2007-06-04 05:24 1,087,216 --a------ c:\windows\System32\zpeng24.dll
2008-12-29 19:21 . 2008-12-29 19:21 <DIR> d-------- c:\users\All Users\CheckPoint
2008-12-29 19:21 . 2008-12-29 19:21 <DIR> d-------- c:\programdata\CheckPoint
2008-12-29 19:21 . 2007-06-04 05:28 270,488 --a------ c:\windows\System32\drivers\vsdatant.sys
2008-12-29 19:12 . 2008-12-29 19:07 262,144 --a------ c:\program files\Uninstall Spy Blocker.dll
2008-12-29 19:04 . 2008-12-29 19:35 <DIR> d-------- c:\windows\System32\ZoneLabs
2008-12-29 19:04 . 2008-12-29 19:04 <DIR> d-------- c:\program files\Zone Labs
2008-12-29 15:01 . 2008-12-29 15:01 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Desktopicon
2008-12-29 14:55 . 2008-12-29 14:55 <DIR> d-------- c:\program files\DsNET Corp
2008-12-29 14:55 . 2004-03-09 00:00 124,688 --a------ c:\windows\System32\MSWINSCK.OCX
2008-12-29 14:02 . 2008-12-29 14:02 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Media Player Classic
2008-12-29 13:26 . 2008-12-29 13:26 <DIR> d-------- c:\program files\Common Files\Microsoft Games
2008-12-28 17:14 . 2008-12-28 17:14 <DIR> d-------- c:\program files\Electronic Arts
2008-12-27 11:32 . 2008-12-27 11:32 <DIR> d-------- c:\program files\CCleaner
2008-12-26 15:55 . 2008-12-26 15:55 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\Thinstall
2008-12-26 11:46 . 2008-12-01 20:53 3,256,320 --a------ c:\windows\System32\amdcaldd.dll
2008-12-26 11:46 . 2008-12-01 20:56 57,344 --a------ c:\windows\System32\amdcalrt.dll
2008-12-26 11:46 . 2008-12-01 20:56 53,248 --a------ c:\windows\System32\amdcalcl.dll
2008-12-23 09:41 . 2008-05-02 02:38 301,656 --a------ c:\windows\System32\BtCoreIf.dll
2008-12-23 09:40 . 2008-12-23 09:41 <DIR> d-------- c:\program files\Common Files\Logishrd
2008-12-21 18:26 . 2008-12-21 18:26 <DIR> d-------- c:\windows\Sun
2008-12-19 22:10 . 2008-12-19 22:10 603,904 --a------ c:\windows\System32\TUProgSt.exe
2008-12-19 21:45 . 2009-01-10 11:50 350 --a------ c:\windows\RefreshLock.ini
2008-12-19 13:37 . 2008-11-09 10:24 241,664 --a------ c:\program files\Uninstall Ask Toolbar.dll
2008-12-18 17:30 . 2008-12-18 18:46 <DIR> d-------- c:\users\Rubydlo\AppData\Roaming\SecondLife
2008-12-18 17:30 . 2008-12-18 17:30 24 --a------ C:\url_history.xml

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-16 17:29 --------- d-----w c:\users\Rubydlo\AppData\Roaming\DMCache
2009-01-13 19:23 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-01-13 18:49 --------- d-----w c:\program files\Windows Mail
2009-01-13 18:08 --------- d-----w c:\programdata\Microsoft Help
2009-01-09 14:53 --------- d-----w c:\users\Rubydlo\AppData\Roaming\DAEMON Tools
2009-01-09 14:52 --------- d-----w c:\program files\DAEMON Tools Toolbar
2009-01-08 19:20 --------- d-----w c:\program files\Astonsoft
2009-01-04 13:59 --------- d-----w c:\program files\OpenOffice.org 3
2008-12-31 11:41 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-30 12:21 --------- d-----w c:\program files\ATI
2008-12-29 18:21 --------- d-----w c:\programdata\CheckPoint
2008-12-29 18:18 --------- d---a-w c:\programdata\TEMP
2008-12-29 11:18 --------- d-----w c:\program files\Rockstar Games
2008-12-28 10:48 --------- d-----w c:\program files\FlashGet
2008-12-23 08:41 --------- d-----w c:\program files\Common Files\Logitech
2008-12-19 21:20 --------- d-----w c:\program files\QIP
2008-12-19 21:09 --------- d-sh--w c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-14 10:24 --------- d-----w c:\program files\GOM
2008-12-13 10:04 --------- d-----w c:\program files\MSBuild
2008-12-13 10:04 --------- d-----w c:\program files\Microsoft Works
2008-12-13 10:00 --------- d-----w c:\program files\Microsoft.NET
2008-12-13 09:58 --------- d-----w c:\program files\Microsoft Visual Studio 8
2008-12-09 14:37 --------- d-----w c:\users\Rubydlo\AppData\Roaming\ICQ
2008-12-09 14:37 --------- d-----w c:\programdata\ICQ
2008-12-09 14:37 --------- d-----w c:\program files\ICQ6Toolbar
2008-12-09 14:19 --------- d-----w c:\program files\Sunbelt Software
2008-12-09 14:08 --------- d-----w c:\users\Rubydlo\AppData\Roaming\QIP
2008-12-08 19:51 --------- d-----w c:\programdata\MailFrontier
2008-12-08 16:47 --------- d-----w c:\program files\Google
2008-12-07 09:34 1,390,730 ----a-w c:\windows\System32\AutoPartNt.exe
2008-12-05 20:11 --------- d-----w c:\program files\Microsoft Games for Windows - LIVE
2008-12-05 19:14 174 --sha-w c:\program files\desktop.ini
2008-12-05 19:05 --------- d-----w c:\program files\Windows Sidebar
2008-12-05 19:05 --------- d-----w c:\program files\Windows Photo Gallery
2008-12-05 19:05 --------- d-----w c:\program files\Windows Journal
2008-12-05 19:05 --------- d-----w c:\program files\Windows Defender
2008-12-05 19:05 --------- d-----w c:\program files\Windows Collaboration
2008-12-05 19:05 --------- d-----w c:\program files\Windows Calendar
2008-12-05 18:48 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-12-05 18:47 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-12-05 18:11 47,560 ----a-w c:\windows\System32\SPReview.exe
2008-12-05 18:11 152,576 ----a-w c:\windows\System32\SPWizUI.dll
2008-12-05 16:15 --------- d-----w c:\programdata\Acronis
2008-12-05 14:41 114,048 ----a-w c:\windows\system32\drivers\snapman.sys
2008-11-29 20:53 94,720 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2008-11-29 20:53 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-11-29 20:53 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2008-11-29 20:52 212,480 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2008-11-29 20:50 2,048 ----a-w c:\windows\System32\msxml3r.dll
2008-11-29 20:50 1,191,936 ----a-w c:\windows\System32\msxml3.dll
2008-11-29 20:49 712,704 ----a-w c:\windows\System32\WindowsCodecs.dll
2008-11-29 20:49 425,472 ----a-w c:\windows\System32\PhotoMetadataHandler.dll
2008-11-29 20:49 347,136 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2008-11-29 20:49 --------- d-----w c:\program files\Windows Live
2008-11-29 20:48 443,392 ----a-w c:\windows\System32\win32spl.dll
2008-11-29 20:48 37,888 ----a-w c:\windows\System32\printcom.dll
2008-11-29 20:48 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-11-29 20:46 2,048 ----a-w c:\windows\System32\msxml6r.dll
2008-11-29 20:46 1,334,272 ----a-w c:\windows\System32\msxml6.dll
2008-11-29 18:36 --------- d-----w c:\program files\Trend Micro
2008-11-29 14:24 --------- d-----w c:\users\Rubydlo\AppData\Roaming\IDM
2008-11-29 09:23 626,688 ----a-w c:\windows\System32\msvcr80.dll
2008-11-29 09:23 548,864 ----a-w c:\windows\System32\msvcp80.dll
2008-11-29 09:23 28,672 ----a-w c:\windows\System32\eEmpty.exe
2008-11-29 09:23 --------- d-----w c:\programdata\MicroWorld
2008-11-28 12:28 --------- d-----w c:\users\Rubydlo\AppData\Roaming\TuneUp Software
2008-11-28 12:27 --------- d-----w c:\programdata\TuneUp Software
2008-11-26 15:19 --------- d-----w c:\programdata\Avira
2008-11-26 15:19 --------- d-----w c:\program files\Avira
2008-11-25 14:08 --------- d-----w c:\users\Rubydlo\AppData\Roaming\FlashGet
2008-11-24 20:33 --------- d-----w c:\programdata\Yahoo! Companion
2008-11-24 18:14 --------- d-----w c:\users\Rubydlo\AppData\Roaming\Ventrilo
2008-11-24 18:13 --------- d-----w c:\program files\VentriloMIX
2008-11-20 16:01 --------- d-----w c:\program files\IObit
2008-11-17 12:02 --------- d-----w c:\users\Rubydlo\AppData\Roaming\Zoner
2008-11-16 13:56 --------- d-----w c:\program files\Seznam DVD
2008-11-14 18:54 51,224 ----a-w c:\windows\System32\wuauclt.exe
2008-11-14 18:54 43,544 ----a-w c:\windows\System32\wups2.dll
2008-11-14 18:54 1,809,944 ----a-w c:\windows\System32\wuaueng.dll
2008-11-14 18:54 1,524,736 ----a-w c:\windows\System32\wucltux.dll
2008-11-14 18:53 83,456 ----a-w c:\windows\System32\wudriver.dll
2008-11-14 18:53 561,688 ----a-w c:\windows\System32\wuapi.dll
2008-11-14 18:53 34,328 ----a-w c:\windows\System32\wups.dll
2008-11-14 18:52 31,232 ----a-w c:\windows\System32\wuapp.exe
2008-11-14 18:52 162,064 ----a-w c:\windows\System32\wuwebv.dll
2008-11-14 14:53 410,976 ----a-w c:\windows\System32\deploytk.dll
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-28 16:41 14,303,392 ----a-w c:\windows\System32\xlive.dll
2008-10-28 16:41 13,643,936 ----a-w c:\windows\System32\xlivefnt.dll
2008-10-27 09:04 70,992 ----a-w c:\windows\System32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\System32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\System32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\System32\X3DAudio1_5.dll
2008-10-26 12:17 1,570,816 ----a-w c:\users\Rubydlo\AppData\Roaming\tsdnwin.dll
.

((((((((((((((((((((((((((((( snapshot@2009-01-16_17.34.07,17 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-16 16:01:43 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-01-16 16:34:15 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\internet download manager\IDMan.exe" [2008-12-05 2606512]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GammaTray.lnk - c:\program files\MagicTune Premium\GammaTray.exe [2008-12-30 36864]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-23 805392]
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2008-12-31 49220]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dock.lnk]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dock.lnk
backup=c:\windows\pss\Dock.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home-gpu.lnk]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home-gpu.lnk
backup=c:\windows\pss\Folding@home-gpu.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^lsass.exe]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lsass.exe
backup=c:\windows\pss\lsass.exe.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Rubydlo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RefreshLock.exe]
path=c:\users\Rubydlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RefreshLock.exe
backup=c:\windows\pss\RefreshLock.exe.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
--a------ 2008-05-02 11:59 307200 c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2008-12-05 18:58 2606512 c:\internet download manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-08-29 17:11 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-12-22 11:05 1830128 c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2008-01-18 23:33 202240 c:\program files\Windows Media Player\wmpnscfg.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{513A796E-8E78-4560-9CCB-AC1CA1FAAFD7}c:\\program files\\qip\\qip.exe"= UDP:c:\program files\qip\qip.exe:Quiet Internet Pager
"UDP Query User{65EA48F8-351C-4D34-BC4B-2CC089D76240}c:\\program files\\qip\\qip.exe"= TCP:c:\program files\qip\qip.exe:Quiet Internet Pager
"TCP Query User{BB17A5FD-4711-40D0-8B99-A6BFAFF29241}c:\\program files\\qip\\qip.exe"= UDP:c:\program files\qip\qip.exe:Quiet Internet Pager
"UDP Query User{89BD209E-2763-4075-9435-2CA34B78A22D}c:\\program files\\qip\\qip.exe"= TCP:c:\program files\qip\qip.exe:Quiet Internet Pager
"TCP Query User{30232E83-5C74-43CE-BC05-65615D7B2752}c:\\program files\\gigabyte\\@bios\\gwflash.exe"= UDP:c:\program files\gigabyte\@bios\gwflash.exe:@BIOS Application
"UDP Query User{230AE6B9-167B-40CC-9B3F-B4EBE9408B15}c:\\program files\\gigabyte\\@bios\\gwflash.exe"= TCP:c:\program files\gigabyte\@bios\gwflash.exe:@BIOS Application
"{8AF19C18-2216-454F-9613-45E4920D0019}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{D53CA652-1625-41CF-BFAA-7325BF8D49E4}c:\\program files\\trillian\\trillian.exe"= UDP:c:\program files\trillian\trillian.exe:Trillian
"UDP Query User{FE6E45C5-CB79-45F1-9F2F-E47004675F58}c:\\program files\\trillian\\trillian.exe"= TCP:c:\program files\trillian\trillian.exe:Trillian
"TCP Query User{5A507DB5-7D96-4687-BC11-31440128B24F}c:\\program files\\java\\jre6\\bin\\javaw.exe"= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{2CD9EA24-C525-4F30-9EB8-23CEA74B5CF5}c:\\program files\\java\\jre6\\bin\\javaw.exe"= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{24ECF6B8-034F-4907-9A43-863EA31831A1}d:\\downloading\\sdc221\\strongdc.exe"= UDP:d:\downloading\sdc221\strongdc.exe:StrongDC++
"UDP Query User{D3A22D23-3F55-4C79-B4BA-7E359C4ACBCF}d:\\downloading\\sdc221\\strongdc.exe"= TCP:d:\downloading\sdc221\strongdc.exe:StrongDC++
"{49B2D398-5739-406F-866A-E3CCE4EFE018}"= UDP:d:\r-gta4\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"{77FE3665-7361-4A3E-91AE-D73F4662A7E4}"= TCP:d:\r-gta4\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club
"TCP Query User{43500543-93CF-486E-8775-D0087D0E8F94}c:\\program files\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{04BBEC8A-A0A0-49E2-873A-75E62EB9C257}c:\\program files\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"{3569D2DD-0513-41EC-9FF6-0298C15C8741}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{D2D15DEF-CEBA-45A5-9048-F36F41C0EB38}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{A2A3A280-E9D4-40AD-9758-7D6A0E980FF7}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C2636338-5D19-4519-884F-54562D98BD83}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2EAC3419-8A85-4BBF-B7F6-BD9FFB72921C}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{CCD7CF00-376C-4B88-B3E9-4C3C24DC2B0F}c:\\program files\\flashget network\\flashget universal\\flashget.exe"= UDP:c:\program files\flashget network\flashget universal\flashget.exe:flashget
"UDP Query User{B1D6925A-708D-42AB-9DD1-ECB15439AA20}c:\\program files\\flashget network\\flashget universal\\flashget.exe"= TCP:c:\program files\flashget network\flashget universal\flashget.exe:flashget
"TCP Query User{6924E48D-577A-4D67-BB39-600B99871300}c:\\stahovani\\sdc221\\strongdc.exe"= UDP:c:\stahovani\sdc221\strongdc.exe:StrongDC++
"UDP Query User{5416A3D8-E320-49A4-8FCA-5C4292B2889A}c:\\stahovani\\sdc221\\strongdc.exe"= TCP:c:\stahovani\sdc221\strongdc.exe:StrongDC++
"TCP Query User{8D41CE05-416D-4150-BF20-8EEA404BB705}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= UDP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{7A31E2DF-A731-4C35-924E-75A12EC4B7EE}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= TCP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{868E2457-0021-4D65-A7F9-BC0F81E71AA7}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= UDP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{AB71437E-E520-4181-81B1-2E9131DEA855}d:\\steam\\steamapps\\medic383\\counter-strike\\hl.exe"= TCP:d:\steam\steamapps\medic383\counter-strike\hl.exe:Half-Life Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\FlashGet.exe"= c:\program files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdate.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdateEx.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx

R1 PSched;Plánovač paketů technologie QoS;c:\windows\System32\drivers\pacer.sys [2009-01-13 72192]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]
R4 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-11-26 68865]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]
S4 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service;"c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe" --> c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c69d528-de52-11dd-8461-001d7d921a4b}]
\shell\AutoRun\command - F:\RZRSETUP.EXE
.
.
------- Doplňkový sken -------
.
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\internet download manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\internet download manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\internet download manager\IEGetAll.htm
FF - ProfilePath - c:\users\Rubydlo\AppData\Roaming\Mozilla\Firefox\Profiles\oemf6re7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/ig
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\users\Rubydlo\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Rubydlo\AppData\Roaming\Mozilla\Firefox\Profiles\oemf6re7.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 18:29:33
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2009-01-16 18:31:34
ComboFix-quarantined-files.txt 2009-01-16 17:31:32
ComboFix2.txt 2009-01-16 16:35:43

Před spuštěním: Volných bajtů: 25 994 764 288
Po spuštění: Volných bajtů: 25,964,044,288

345 --- E O F --- 2009-01-13 18:08:37

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.

Máš dva antispywarové programy:
Windows Defender
Spybot -
jeden doporučuji odinstalovat.
Je to vše a nemáš zač.