Prosím o kontrolu logu Vyřešeno

[Mous]

mam problém s IE7 pořád se mi spouští a vypíná jestli nenašel něco vtom smyslu i HiJackThis?
LOG http://uloz.to/1128921/hijackthis.log

[Reklama]

[jaro3]

Příště vlož log z hJT přímo sem.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Toto otestuj na Virustotal
C:\WINDOWS\system32\sH6Mue1r.exe
Vlož sem pak výsledek, zítra..

[Mous]

Tady ten Virustotal:
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.0.0.73 2009.01.06 -
AhnLab-V3 2009.1.6.3 2009.01.06 -
AntiVir 7.9.0.45 2009.01.05 -
Authentium 5.1.0.4 2009.01.05 -
Avast 4.8.1281.0 2009.01.06 Win32:Ups
AVG 8.0.0.199 2009.01.06 -
BitDefender 7.2 2009.01.06 -
CAT-QuickHeal 10.00 2009.01.06 -
ClamAV 0.94.1 2009.01.06 -
Comodo 878 2009.01.05 -
DrWeb 4.44.0.09170 2009.01.06 -
eTrust-Vet 31.6.6293 2009.01.06 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.05 -
F-Secure 8.0.14470.0 2009.01.06 -
Fortinet 3.117.0.0 2009.01.06 -
GData 19 2009.01.06 Win32:Ups
Ikarus T3.1.1.45.0 2009.01.06 -
K7AntiVirus 7.10.578 2009.01.06 -
Kaspersky 7.0.0.125 2009.01.06 Trojan.Win32.Agent.bekv
McAfee 5486 2009.01.05 -
McAfee+Artemis 5486 2009.01.05 -
Microsoft 1.4205 2009.01.06 -
NOD32 3742 2009.01.06 -
Norman 5.80.02 2009.01.02 -
Panda 9.0.0.4 2009.01.06 -
PCTools 4.4.2.0 2009.01.06 -
Prevx1 V2 2009.01.06 Cloaked Malware
Rising 21.11.12.00 2009.01.06 -
SecureWeb-Gateway 6.7.6 2009.01.06 Trojan.LooksLike.Agent.aylb
Sophos 4.37.0 2009.01.06 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2009.01.06 Backdoor.Trojan
TheHacker 6.3.1.4.205 2009.01.05 -
TrendMicr 8.700.0.1004 2009.01.06 TROJ_AGENT.DAOZ
VBA32 3.12.8.10 2009.01.05 -
ViRobot 2009.1.6.1546 2009.01.06 Spyware.Agent.Do.77824.N
VirusBuster 4.5.11.0 2009.01.05 -
Tady ten MAlwerebytes:Malwarebytes' Anti-Malware 1.32
Verze databáze: 1624
Windows 5.1.2600 Service Pack 2

6.1.2009 15:20:17
mbam-log-2009-01-06 (15-20-14).txt

Typ skenu: Rychlý sken
Objektu skenováno: 70641
Uplynulý cas: 10 minute(s), 32 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 1
Infikované klíce registru: 121
Infikované hodnoty registru: 10
Infikované položky dat registru: 10
Infikované složky: 10
Infikované soubory: 51

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
C:\Program Files\Live_TV\tbLiv1.dll (Adware.Agent) -> No action taken.

Infikované klíce registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9bff62cc-31b6-340d-94ad-b370cbbfd352} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9bff62cc-31b6-340d-94ad-b370cbbfd352} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{5d2631e5-8696-7543-50b2-f674cd4308eb} (Trojan.Fakealert) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eec73ea5-1367-49d1-93f4-ca1d8c22e9f9} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e476937a-d80b-39cf-86b8-068d6f59e8b9} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8a80aa56-7f80-32ce-9f5b-632adf091a38} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9bff62cc-31b6-340d-94ad-b370cbbfd352} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\media project (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ms antispyware 2009 5.7 (Rogue.MSAntiSpyware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Rapid Antivirus (Rogue.RapidAntivirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Live_TV (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> No action taken.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{eec73ea5-1367-49d1-93f4-ca1d8c22e9f9} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> No action taken.

Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kduei.exe -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1b4f951b-8bdf-4ba2-865a-de34dc94cebf}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3e3a0489-a657-4d80-b420-f2995fa1ce80}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{85bbe1eb-5c26-4739-99f3-bef0894f1b58}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1b4f951b-8bdf-4ba2-865a-de34dc94cebf}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3e3a0489-a657-4d80-b420-f2995fa1ce80}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{85bbe1eb-5c26-4739-99f3-bef0894f1b58}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1b4f951b-8bdf-4ba2-865a-de34dc94cebf}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3e3a0489-a657-4d80-b420-f2995fa1ce80}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{85bbe1eb-5c26-4739-99f3-bef0894f1b58}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.113.108,85.255.112.10 -> No action taken.

Infikované složky:
C:\Program Files\Live_TV (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\RadioPlayer (Adware.Agent) -> No action taken.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\NetProject (Trojan.Zlob) -> No action taken.

Infikované soubory:
C:\WINDOWS\system32\xel88277.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kduei.exe (Rootkit.DNSChanger.H) -> No action taken.
C:\Program Files\Live_TV\tbLiv1.dll (Adware.Agent) -> No action taken.
C:\WINDOWS\system32\el88277.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qnkfqvs.dll (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\Mous\Local Settings\Temporary Internet Files\Content.IE5\EMFATKA5\main[1].exe (Rogue.MSantispyware) -> No action taken.
C:\Program Files\Live_TV\INSTALL.LOG (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\LanguagePack.xml (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\LocalSettings.txt (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\tbLiv0.dll (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\tbLive.dll (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\toolbar.cfg (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\UNWISE.EXE (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\update.xml (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> No action taken.
C:\Program Files\Live_TV\RadioPlayer\User_Media_List.xml (Adware.Agent) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Cache\00993456 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Cache\00A382D3.jpg (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Cache\00BD9B6D (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\007045E1.urr (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0097736C.urr (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\009A28A9.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00A0012E.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00A1516C.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00A3AC06.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00BE9BA7.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00C2225D.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00C3D02C.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\f3wallpp.bmp (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\wrkparam.lst (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135\00A3AC06.jpg (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\009B0916.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\NetProject\uninst.exe (Trojan.Zlob) -> No action taken.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\sH6Mue1r.exe.a_a (Trojan.Agent) -> No action taken.
C:\Program Files\KB27913.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BMab2774b4.xml (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BMab2774b4.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> No action taken.
C:\Program Files\setup.exe (Rogue.Installer) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\Microsoft\ipdll.dll (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Mous\Local Settings\Temp\zs0.exe (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Mous\Local Settings\Temp\~tmpd.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Mous\Local Settings\Temp\~tmpe.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\Mous\Oblíbené položky\Online Security Test.url (Rogue.Link) -> No action taken.

/odstraněny kódy. memphisto

[jaro3]

Nedávej logy do code, tam patří jen script.
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log
Odinstaluj potom : MyWebSearch

Poté:
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu-(po restartu drž klávesu F8)- (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....

[Mous]

Po spuštění SDfixu se dělo to co má ale ted v normálním režimu se to asi seklo ale podle procesů to běží píše to že nemůže otevřít nějaké soubory asi to vypnu a s kusým to znova.

[Mous]

tohle to píše asi už hodinu a nic, co stim ma dělat?
posílám screan http://uloz.to/1132504/error.bmp

[jaro3]

log nevyjel?
Zkus si zde
http://uloz.to/1086026/Tools.zip

stáhnout některé prográmky co by se nám mohly hodit.
Rozbal si archiv do svého adresáře. Soubory jsou záměrně pojmenované jinak než původní v návodech, tak se nediv.
Zkus pak spustit.
itr - viz. návod na RSIT
buss - viz. návod na DDS
viewtopic.php?f=70&t=34644&start=1

SR - viz. návod na Silent Runners
viewtopic.php?f=70&t=25550&start=64
VerTer - viz. návod na ComboFix
viewtopic.php?f=47&t=32104&start=5
pokud ti některý pojede, tak sem vlož z něho log.

[Mous]

první část logu:

System Report
*************

Run on 2009-01-06 at 20:58

Microsoft Windows XP [Verze 5.1.2600]

Current user is an administrator

Running Processes:

\SystemRoot\System32\smss.exe [756]
\??\C:\WINDOWS\system32\csrss.exe [844]
\??\C:\WINDOWS\system32\winlogon.exe [868]
C:\WINDOWS\system32\services.exe [912]
C:\WINDOWS\system32\lsass.exe [924]
C:\WINDOWS\system32\svchost.exe [1080]
C:\WINDOWS\system32\svchost.exe [1136]
C:\WINDOWS\System32\svchost.exe [1380]
C:\WINDOWS\system32\svchost.exe [1420]
C:\WINDOWS\system32\svchost.exe [1540]
C:\WINDOWS\system32\svchost.exe [1660]
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [1888]
C:\WINDOWS\system32\spoolsv.exe [1976]
C:\WINDOWS\Explorer.EXE [552]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [772]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [780]
C:\WINDOWS\SOUNDMAN.EXE [788]
C:\Program Files\Manison Softworks\WifiMon\wifimon.exe [816]
C:\Program Files\Comodo\Firewall\CPF.exe [832]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [840]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [992]
C:\Program Files\Cyberlink\Shared Files\brs.exe [1184]
C:\WINDOWS\system32\PuXpMan2.exe [1200]
C:\Program Files\Notebook Hardware Control\nhc.exe [1208]
C:\WINDOWS\system32\RUNDLL32.EXE [1220]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [1244]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [1256]
C:\WINDOWS\system32\ctfmon.exe [1548]
C:\WINDOWS\ATKKBService.exe [1812]
C:\Program Files\Comodo\Firewall\cmdagent.exe [1864]
C:\Program Files\DAEMON Tools\daemon.exe [1896]
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [256]
C:\WINDOWS\system32\nvsvc32.exe [388]
C:\WINDOWS\system32\PnkBstrA.exe [968]
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [664]
C:\Documents and Settings\Mous\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [692]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe [724]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [740]
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2400]
C:\WINDOWS\system32\svchost.exe [2412]
C:\Program Files\Hamachi\hamachi.exe [2664]
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2744]
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2868]
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [3104]
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe [2384]
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe [3576]
C:\WINDOWS\System32\alg.exe [3616]
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [3956]
C:\WINDOWS\system32\wuauclt.exe [2760]
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [3160]
C:\WINDOWS\system32\wscntfy.exe [440]


Drivers - Running:

ACPI
AFD
ALCXWDM
Arp1394
asuskbnt
atapi
atksgt
audstub
Beep
Cdfs
Cdrom
CmdMon
Disk
dmio
dmload
eamon
easdrv
EIO
epfwtdir
Fdc
Fips
Flpydisk
FltMgr
Ftdisk
GEARAspiWDM
Gpc
hamachi
HTTP
i8042prt
imagedrv
imagesrv
Imapi
Inspect
IpNat
IPSec
irda
IRENUM
irsir
isapnp
Kbdclass
KSecDD
lirsgt
mnmdd
Mouclass
MountMgr
MRxDAV
MRxSmb
Msfs
mssmbios
Mup
ncfvsbus
NDIS
NdisTapi
Ndisuio
NdisWan
NDProxy
NetBIOS
NetBT
nhcDriverDevice
NIC1394
Npfs
Ntfs
Null
nv
NVENETFD
nvnetbus
ohci1394
Parport
PartMgr
ParVdm
PCI
PCIIde
pcouffin
PptpMiniport
Processor
PSched
Ptilink
PxHelp20
RasAcd
Rasirda
Rasl2tp
RasPppoe
Raspti
Rdbss
RDPCDD
rdpdr
redbook
Secdrv
serenum
Serial
sfdrv01
sfhlp02
sfsync02
sfvfs02
sptd
sr
Srv
swenum
sysaudio
Tcpip
TermDD
Update
usbehci
usbhub
usbohci
VgaSave
Video3D
VolSnap
Wanarp
wdmaud
WudfPf
{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}


Drivers - Stopped:

Abiosdsk
abp480n5
ACPIEC
Ad-Watch
Ad-Watch
Ad-Watch
adpu160m
aec
Aha154x
aic78u2
aic78xx
AliIde
amsint
asc
asc3350p
asc3550
AsyncMac
Atdisk
Atmarpc
cbidf2k
cd20xrnt
Cdaudio
Changer
CmdIde
Cpqarray
dac960nt
dmboot
DMusic
dpti2o
drmkaud
EagleNT
Fastfat
hidusb
hpn
i2omgmt
i2omp
ini910u
IntelIde
Ip6Fw
IpFilterDriver
IpInIp
kbdhid
kmixer
lbrtfdc
Maplom
Modem
mouhid
mraid35x
MSKSSRV
MSPCLOCK
MSPQM
nm
nmwcd
nmwcdc
NwlnkFlt
NwlnkFwd
pccsmcfd
PCIDump
Pcmcia
PDCOMP
PDFRAME
PDRELI
PDRFRAME
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
RDPWD
SANDRA
Sfloppy
Simbad
Sparrow
splitter
swmidi
symc810
symc8xx
sym_hi
sym_u3
TDPIPE
TDTCP
TosIde
Udfs
ultra
upperdev
usbaudio
usbccgp
usbser
UsbserFilt
USBSTOR
ViaIde
Wdf01000
WDICA
WLAN
WS2IFSL
WudfRd


Services - Running:

aawservice
ALG
ATKKeyboardService
AudioSrv
BITS
Browser
clr_optimization_v2.0.50727_32
CmdAgent
CryptSvc
DcomLaunch
Dhcp
dmserver
Dnscache
ekrn
ERSvc
Eventlog
EventSystem
FastUserSwitchingCompatibility
helpsvc
HidServ
Irmon
lanmanserver
lanmanworkstation
LmHosts
Netman
Nla
NVSvc
PlugPlay
PnkBstrA
PolicyAgent
ProtectedStorage
RasMan
RemoteRegistry
RpcSs
SamSs
Schedule
seclogon
SENS
ServiceLayer
SharedAccess
ShellHWDetection
Spooler
srservice
SSDPSRV
StarWindService
stisvc
TapiSrv
TermService
Themes
TrkWks
W32Time
WebClient
winmgmt
wscsvc
wuauserv
WudfSvc
WZCSVC


Services - Stopped:

Aasnunsns
Adobe
Alerter
AppMgmt
aspnet_state
CiSvc
ClipSrv
COMSysApp
dmadmin
EhttpSrv
FAH@C
FAH@C
FontCache3.0.0.0
HTTPFilter
IDriverT
idsvc
ImapiService
iPod
Messenger
Microsoft
mnmsrvc
MSDTC
MSIServer
MySQL
NBService
NetDDE
NetDDEdsdm
Netlogon
NetTcpPortSharing
NMIndexingService
NtLmSsp
NtmsSvc
odserv
ose
RasAuto
RDSessMgr
RemoteAccess
RpcLocator
RSVP
SCardSvr
sfrem02
SwPrv
SysmonLog
TlntSvr
upnphost
UPS
usprserv
UTSCSI
VSS
WmdmPmSN
Wmi
WmiApSrv
WMPNetworkSvc
xmlprov


Files Created/Modified - 60 Days:


C:\

6 Jan 2009 20.52.54 1 610 612 736 A.SH. "C:\pagefile.sys"


C:\WINDOWS\

6 Jan 2009 20.52.56 2 048 A.S.. "C:\WINDOWS\bootstat.dat"
6 Jan 2009 20.46.00 53 248 A.... "C:\WINDOWS\PSEXESVC.EXE"
19 Dec 2008 23.52.56 84 129 A.... "C:\WINDOWS\War3Unin.dat"
6 Jan 2009 20.46.02 110 A.... "C:\WINDOWS\ERDNT\CFrecovery.bat"
6 Jan 2009 20.39.26 389 632 A.... "C:\WINDOWS\system32\CF14827.exe"
6 Jan 2009 20.40.44 389 632 A.... "C:\WINDOWS\system32\CF15085.exe"
6 Dec 2008 23.37.02 56 A..H. "C:\WINDOWS\system32\ezsidmv.dat"
12 Nov 2008 21.17.44 79 324 A.... "C:\WINDOWS\system32\perfc005.dat"
12 Nov 2008 21.17.44 68 404 A.... "C:\WINDOWS\system32\perfc009.dat"
12 Nov 2008 21.17.44 432 454 A.... "C:\WINDOWS\system32\perfh005.dat"
12 Nov 2008 21.17.44 435 760 A.... "C:\WINDOWS\system32\perfh009.dat"
5 Jan 2009 19.16.38 77 824 A.... "C:\WINDOWS\system32\sH6Mue1r.exe"
5 Jan 2009 14.56.36 61 440 A.... "C:\WINDOWS\system32\svch?st.exe"
11 Dec 2008 21.37.44 42 320 A.... "C:\WINDOWS\system32\xfcodec.dll"
6 Jan 2009 20.53.00 6 A..H. "C:\WINDOWS\Tasks\SA.DAT"
6 Jan 2009 20.56.10 0 A.... "C:\WINDOWS\temp\scs11.tmp"
4 Jan 2009 18.41.46 15 504 A.... "C:\WINDOWS\system32\drivers\mbam.sys"
4 Jan 2009 18.41.50 38 496 A.... "C:\WINDOWS\system32\drivers\mbamswissarmy.sys"
6 Jan 2009 20.54.14 22 528 A.... "C:\WINDOWS\system32\drivers\nhcDriver.sys"
8 Nov 2008 11.13.48 84 661 A.... "C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe"
6 Jan 2009 20.41.40 159 744 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000001\NTUSER.DAT"
6 Jan 2009 20.41.40 8 192 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000002\UsrClass.dat"
6 Jan 2009 20.41.40 159 744 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000003\NTUSER.DAT"
6 Jan 2009 20.41.40 8 192 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000004\UsrClass.dat"
6 Jan 2009 20.41.40 10 637 312 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000005\NTUSER.DAT"
6 Jan 2009 20.41.40 339 968 A.... "C:\WINDOWS\ERDNT\Hiv-backup\Users\00000006\UsrClass.dat"


C:\Program Files\

27 Nov 2008 23.02.04 59 371 A.... "C:\Program Files\7-Zip\Uninstall.exe"
15 Nov 2008 16.33.26 8 101 A.... "C:\Program Files\Any Audio Converter\unins000.dat"
15 Nov 2008 16.33.16 684 377 A.... "C:\Program Files\Any Audio Converter\unins000.exe"
3 Dec 2008 15.57.36 2 338 816 A.... "C:\Program Files\Fallout 3\FahCore_78.exe"
29 Nov 2008 13.35.50 2 138 112 A.... "C:\Program Files\Fallout 3\FahCore_7c.exe"
30 Nov 2008 22.36.14 2 396 160 A.... "C:\Program Files\Fallout 3\FahCore_81.exe"
1 Dec 2008 14.32.34 1 683 456 A.... "C:\Program Files\Fallout 3\FahCore_82.exe"
27 Nov 2008 20.35.54 1 520 A.... "C:\Program Files\Fallout 3\MyFolding.html"
11 Dec 2008 15.31.04 7 168 A.... "C:\Program Files\Fallout 3\queue.dat"
26 Dec 2008 16.08.44 40 708 A.... "C:\Program Files\hhtlpbtlwtft\Scan.dll"
30 Dec 2008 4.36.38 3 981 678 A.... "C:\Program Files\Knytt Stories\Knytt Stories.exe"
30 Dec 2008 4.36.40 747 714 A.... "C:\Program Files\Knytt Stories\Level Editor.exe"
25 Dec 2008 22.40.26 1 077 904 A.... "C:\Program Files\Kopie - WoW\BackgroundDownloader.exe"
25 Dec 2008 22.40.26 225 936 A.... "C:\Program Files\Kopie - WoW\Battle.net.dll"
25 Dec 2008 22.40.32 1 039 728 A.... "C:\Program Files\Kopie - WoW\dbghelp.dll"
25 Dec 2008 22.40.26 413 696 A.... "C:\Program Files\Kopie - WoW\DivxDecoder.dll"
25 Dec 2008 22.40.32 372 736 A.... "C:\Program Files\Kopie - WoW\ijl15.dll"
25 Dec 2008 22.40.28 2 421 392 A.... "C:\Program Files\Kopie - WoW\Launcher.exe"
25 Dec 2008 22.40.34 626 688 A.... "C:\Program Files\Kopie - WoW\msvcr80.dll"
25 Dec 2008 22.40.28 889 488 A.... "C:\Program Files\Kopie - WoW\Repair.exe"
25 Dec 2008 23.29.52 40 708 A.... "C:\Program Files\Kopie - WoW\Scan.dll"
25 Dec 2008 22.40.34 245 408 A.... "C:\Program Files\Kopie - WoW\unicows.dll"
25 Dec 2008 22.40.32 9 506 960 A.... "C:\Program Files\Kopie - WoW\WoW.exe"
25 Dec 2008 22.40.32 220 816 A.... "C:\Program Files\Kopie - WoW\WowError.exe"
4 Jan 2009 18.41.46 380 048 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe"
4 Jan 2009 18.41.44 73 360 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll"
4 Jan 2009 18.41.46 1 269 392 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
4 Jan 2009 18.41.46 73 360 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll"
4 Jan 2009 18.41.48 399 504 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe"
4 Jan 2009 18.41.48 170 640 A.... "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
4 Jan 2009 18.41.48 44 688 A.... "C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll"
6 Jan 2009 15.08.42 8 868 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.dat"
6 Jan 2009 15.08.22 688 784 A.... "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
4 Jan 2009 18.41.50 77 968 A.... "C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll"
24 Dec 2008 16.43.00 17 400 A.... "C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll"
24 Dec 2008 16.43.02 185 848 A.... "C:\Program Files\Mozilla Firefox\crashreporter.exe"
24 Dec 2008 16.43.02 307 704 A.... "C:\Program Files\Mozilla Firefox\firefox.exe"
24 Dec 2008 16.43.02 233 472 A.... "C:\Program Files\Mozilla Firefox\freebl3.dll"
24 Dec 2008 16.43.02 696 824 A.... "C:\Program Files\Mozilla Firefox\js3250.dll"
24 Dec 2008 16.43.02 710 136 A.... "C:\Program Files\Mozilla Firefox\mozcrt19.dll"
24 Dec 2008 16.43.02 198 136 A.... "C:\Program Files\Mozilla Firefox\nspr4.dll"
24 Dec 2008 16.43.02 718 328 A.... "C:\Program Files\Mozilla Firefox\nss3.dll"
24 Dec 2008 16.43.02 288 248 A.... "C:\Program Files\Mozilla Firefox\nssckbi.dll"
24 Dec 2008 16.43.02 103 928 A.... "C:\Program Files\Mozilla Firefox\nssdbm3.dll"
24 Dec 2008 16.43.02 87 544 A.... "C:\Program Files\Mozilla Firefox\nssutil3.dll"
24 Dec 2008 16.43.02 20 472 A.... "C:\Program Files\Mozilla Firefox\plc4.dll"
24 Dec 2008 16.43.02 17 400 A.... "C:\Program Files\Mozilla Firefox\plds4.dll"
24 Dec 2008 16.43.02 103 928 A.... "C:\Program Files\Mozilla Firefox\smime3.dll"
24 Dec 2008 16.43.04 151 552 A.... "C:\Program Files\Mozilla Firefox\softokn3.dll"
24 Dec 2008 16.43.04 395 768 A.... "C:\Program Files\Mozilla Firefox\sqlite3.dll"
24 Dec 2008 16.43.04 136 696 A.... "C:\Program Files\Mozilla Firefox\ssl3.dll"
24 Dec 2008 16.43.04 242 168 A.... "C:\Program Files\Mozilla Firefox\updater.exe"
24 Dec 2008 16.43.04 17 912 A.... "C:\Program Files\Mozilla Firefox\xpcom.dll"
24 Dec 2008 16.43.22 9 742 840 A.... "C:\Program Files\Mozilla Firefox\xul.dll"
24 Dec 2008 15.25.32 1 722 A.... "C:\Program Files\Scorpions WinCheater\unins001.dat"
24 Dec 2008 15.25.14 673 280 A.... "C:\Program Files\Scorpions WinCheater\unins001.exe"
19 Dec 2008 23.34.30 40 024 A.... "C:\Program Files\Warcraft III\bncache.dat"
19 Dec 2008 23.52.44 417 792 A.... "C:\Program Files\Warcraft III\BNUpdate.exe"
11 Dec 2008 21.37.44 845 136 A.... "C:\Program Files\Xfire\dgcapi.dll"
3 Dec 2008 23.18.20 561 152 A.... "C:\Program Files\Xfire\dmspvenc.exe"
11 Dec 2008 21.37.44 5 211 472 A.... "C:\Program Files\Xfire\icons.dll"
11 Dec 2008 21.37.46 98 128 A.... "C:\Program Files\Xfire\xfire_lang_zh_tw.dll"
11 Dec 2008 21.37.46 781 136 A.... "C:\Program Files\Xfire\xfire_toucan_35250.dll"
11 Dec 2008 21.37.44 144 720 A.... "C:\Program Files\Xfire\xfire_lang_it.dll"
11 Dec 2008 21.37.44 111 440 A.... "C:\Program Files\Xfire\xfire_lang_ja.dll"
11 Dec 2008 21.37.44 143 696 A.... "C:\Program Files\Xfire\xfire_lang_hu.dll"
11 Dec 2008 21.37.44 149 840 A.... "C:\Program Files\Xfire\xfire_lang_fr.dll"
11 Dec 2008 21.37.44 107 344 A.... "C:\Program Files\Xfire\xfire_lang_ko.dll"
11 Dec 2008 21.37.46 137 552 A.... "C:\Program Files\Xfire\xfire_lang_no.dll"
11 Dec 2008 21.37.46 142 160 A.... "C:\Program Files\Xfire\xfire_lang_pl.dll"
11 Dec 2008 21.37.46 141 648 A.... "C:\Program Files\Xfire\xfire_lang_nl.dll"
11 Dec 2008 21.37.46 146 256 A.... "C:\Program Files\Xfire\xfire_lang_pt.dll"
11 Dec 2008 21.37.46 132 432 A.... "C:\Program Files\Xfire\xfire_lang_us.dll"
11 Dec 2008 21.37.46 99 152 A.... "C:\Program Files\Xfire\xfire_lang_zh.dll"
11 Dec 2008 21.37.46 138 576 A.... "C:\Program Files\Xfire\xfire_lang_sv.dll"
11 Dec 2008 21.37.44 42 320 A.... "C:\Program Files\Xfire\xfcodec.dll"
11 Dec 2008 21.24.04 925 696 A.... "C:\Program Files\Xfire\xfencoder.exe"
11 Dec 2008 21.37.40 2 990 416 A.... "C:\Program Files\Xfire\xfire.exe"
11 Dec 2008 21.37.42 256 336 A.... "C:\Program Files\Xfire\xfire64.exe"
11 Dec 2008 21.37.44 132 432 A.... "C:\Program Files\Xfire\xfire_lang_1337.dll"
11 Dec 2008 21.37.42 74 576 A.... "C:\Program Files\Xfire\xfire_exception.exe"
11 Dec 2008 21.37.44 137 040 A.... "C:\Program Files\Xfire\xfire_lang_da.dll"
11 Dec 2008 21.37.44 147 280 A.... "C:\Program Files\Xfire\xfire_lang_de.dll"
11 Dec 2008 21.37.44 147 280 A.... "C:\Program Files\Xfire\xfire_lang_es.dll"
7 Nov 2008 14.31.38 1 942 864 A...R "C:\Program Files\Common Files\Skype\Skype4COM.dll"
5 Jan 2009 18.00.34 90 870 A.... "C:\Program Files\Comodo\Registry Cleaner\CRCGM.dat"
5 Jan 2009 17.40.52 169 A.... "C:\Program Files\Comodo\Registry Cleaner\ismscrc.exe"
2 Jan 2009 23.48.24 335 460 A.... "C:\Program Files\ESET\ESET NOD32 Antivirus\em001_32.dat"
6 Jan 2009 19.10.02 14 465 805 A.... "C:\Program Files\ESET\ESET NOD32 Antivirus\em002_32.dat"
7 Nov 2008 16.38.06 220 335 A.... "C:\Program Files\ESET\ESET NOD32 Antivirus\em003_32.dat"
3 Dec 2008 20.19.58 438 015 A.... "C:\Program Files\ESET\ESET NOD32 Antivirus\em004_32.dat"
9 Dec 2008 17.04.40 46 673 A.... "C:\Program Files\ESET\ESET NOD32 Antivirus\em005_32.dat"
6 Jan 2009 19.09.54 195 A.... "C:\Program Files\ESET\ESET NOD32 Antivirus\mod_comp.dat"
11 Dec 2008 15.31.04 20 900 A.... "C:\Program Files\Fallout 3\work\wudata_02.dat"
6 Jan 2009 20.53.38 512 A.... "C:\Program Files\Fallout 3\work\wuinfo_02.dat"
1 Dec 2008 17.09.14 368 640 A.... "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\_setup.dll"
25 Dec 2008 23.25.30 51 883 A.... "C:\Program Files\Kopie - WoW\Logs\Wrath of the Lich King Install Log.html"
24 Dec 2008 16.43.02 23 032 A.... "C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll"
24 Dec 2008 16.43.02 134 648 A.... "C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll"
24 Dec 2008 16.43.02 65 528 A.... "C:\Program Files\Mozilla Firefox\plugins\npnul32.dll"
24 Dec 2008 16.43.04 510 032 A.... "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
17 Nov 2008 19.18.54 1 171 456 A.... "C:\Program Files\ProxyShell\ProxyShell Hide IP\ErrorReport.exe"
13 Dec 2008 19.23.52 2 519 040 A.... "C:\Program Files\ProxyShell\ProxyShell Hide IP\proxyshell.exe"
16 Dec 2008 18.09.28 3 023 A.... "C:\Program Files\ProxyShell\ProxyShell Hide IP\unins000.dat"
16 Dec 2008 18.09.18 695 578 A.... "C:\Program Files\ProxyShell\ProxyShell Hide IP\unins000.exe"
7 Nov 2008 14.31.38 21 633 320 A...R "C:\Program Files\Skype\Phone\Skype.exe"
7 Nov 2008 14.31.40 3 279 816 A...R "C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll"
7 Nov 2008 14.31.40 76 744 A...R "C:\Program Files\Skype\Plugin Manager\skypePM.exe"
7 Nov 2008 14.31.40 17 864 A...R "C:\Program Files\Skype\Plugin Manager\spmServices.dll"
3 Jan 2009 13.16.30 5 242 880 A.... "C:\Program Files\STRONG (Mous)\Settings\HashData.dat"
7 Nov 2008 15.42.10 21 689 232 A.... "C:\Program Files\Xfire\downloads\3328.dat"
17 Dec 2008 14.13.56 108 637 A.... "C:\Program Files\Xfire\downloads\xfire_games_20081216.zip"
11 Dec 2008 21.37.28 342 249 A.... "C:\Program Files\Xfire\skins\Xfire.zip"
5 Dec 2008 21.07.16 72 034 A.... "C:\Program Files\Xfire\sounds\defaults.zip"
5 Dec 2008 20.03.44 7 308 A.... "C:\Program Files\Xfire\templates\about.tmpl"
3 Dec 2008 23.18.44 468 A.... "C:\Program Files\Xfire\templates\addfriend.tmpl"
3 Dec 2008 23.18.44 669 A.... "C:\Program Files\Xfire\templates\clanreminder.tmpl"
3 Dec 2008 23.18.44 8 424 A.... "C:\Program Files\Xfire\templates\post_game_screenshots.tmpl"
3 Dec 2008 23.18.44 24 963 A.... "C:\Program Files\Xfire\templates\registration.tmpl"
12 Dec 2008 16.54.14 16 384 A.... "C:\Program Files\Electronic Arts\Red Alert 3\patches\00000001.dat"
26 Nov 2008 18.02.46 32 768 A.... "C:\Program Files\Electronic Arts\Red Alert 3\patches\00000002.dat"
30 Dec 2008 4.36.22 881 312 A.... "C:\Program Files\Knytt Stories\3rd Party Tools\KSManager\Knytt Stories Manager.exe"
25 Dec 2008 22.40.34 8 813 A.... "C:\Program Files\Kopie - WoW\Data\enGB\connection-help.html"
25 Dec 2008 22.40.34 27 939 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Credits.html"
25 Dec 2008 22.40.34 38 621 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Credits_BC.html"
25 Dec 2008 22.40.34 76 826 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Credits_LK.html"
25 Dec 2008 21.58.46 22 644 A.... "C:\Program Files\Kopie - WoW\Data\enGB\eula.html"
25 Dec 2008 22.40.34 2 670 A.... "C:\Program Files\Kopie - WoW\Data\enGB\termination.html"
25 Dec 2008 22.40.34 53 754 A.... "C:\Program Files\Kopie - WoW\Data\enGB\tos.html"
21 Dec 2008 1.49.14 634 880 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\elementskill.dll"
21 Dec 2008 1.56.22 5 496 832 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\elementclient.exe"
21 Dec 2008 1.49.12 622 592 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\elementlocalize.exe"
3 Dec 2008 23.18.44 609 A.... "C:\Program Files\Xfire\templates\infoview\blank.tmpl"
3 Dec 2008 23.18.44 615 A.... "C:\Program Files\Xfire\templates\infoview\buddycat.tmpl"
3 Dec 2008 23.18.44 2 760 A.... "C:\Program Files\Xfire\templates\infoview\channel.tmpl"
3 Dec 2008 23.18.44 1 329 A.... "C:\Program Files\Xfire\templates\infoview\chatroom.tmpl"
3 Dec 2008 23.18.44 1 538 A.... "C:\Program Files\Xfire\templates\infoview\chat_rooms_help.tmpl"
3 Dec 2008 23.18.44 1 929 A.... "C:\Program Files\Xfire\templates\infoview\clan.tmpl"
3 Dec 2008 23.18.44 1 795 A.... "C:\Program Files\Xfire\templates\infoview\customgroup.tmpl"
3 Dec 2008 23.18.44 3 034 A.... "C:\Program Files\Xfire\templates\infoview\downloadnewest.tmpl"
3 Dec 2008 23.18.44 1 105 A.... "C:\Program Files\Xfire\templates\infoview\downloadhelp.tmpl"
3 Dec 2008 23.18.44 561 A.... "C:\Program Files\Xfire\templates\infoview\downloadcat.tmpl"
3 Dec 2008 23.18.44 4 421 A.... "C:\Program Files\Xfire\templates\infoview\downloadtop10.tmpl"
3 Dec 2008 23.18.44 4 687 A.... "C:\Program Files\Xfire\templates\infoview\downloadallchannels.tmpl"
3 Dec 2008 23.18.44 758 A.... "C:\Program Files\Xfire\templates\infoview\downloadpatches.tmpl"
3 Dec 2008 23.18.44 515 A.... "C:\Program Files\Xfire\templates\infoview\downloadactive.tmpl"
3 Dec 2008 23.18.44 5 970 A.... "C:\Program Files\Xfire\templates\infoview\download.tmpl"
3 Dec 2008 23.18.44 876 A.... "C:\Program Files\Xfire\templates\infoview\download_header.tmpl"
3 Dec 2008 23.18.44 595 A.... "C:\Program Files\Xfire\templates\infoview\download_pac_info.tmpl"
3 Dec 2008 23.18.44 1 607 A.... "C:\Program Files\Xfire\templates\infoview\download_styles.tmpl"
3 Dec 2008 23.18.44 5 703 A.... "C:\Program Files\Xfire\templates\infoview\filter.tmpl"
3 Dec 2008 23.18.44 5 931 A.... "C:\Program Files\Xfire\templates\infoview\friends.tmpl"
3 Dec 2008 23.18.44 2 457 A.... "C:\Program Files\Xfire\templates\infoview\login.tmpl"
3 Dec 2008 23.18.44 663 A.... "C:\Program Files\Xfire\templates\infoview\offline.tmpl"
3 Dec 2008 23.18.44 4 874 A.... "C:\Program Files\Xfire\templates\infoview\screenshot.tmpl"
3 Dec 2008 23.18.44 2 709 A.... "C:\Program Files\Xfire\templates\infoview\screenshot_cat.tmpl"
3 Dec 2008 23.18.44 1 107 A.... "C:\Program Files\Xfire\templates\infoview\screenshots_help.tmpl"
3 Dec 2008 23.18.44 957 A.... "C:\Program Files\Xfire\templates\infoview\screenshot_header.tmpl"
3 Dec 2008 23.18.44 8 639 A.... "C:\Program Files\Xfire\templates\infoview\server.tmpl"
3 Dec 2008 23.18.44 615 A.... "C:\Program Files\Xfire\templates\infoview\servercat.tmpl"
3 Dec 2008 23.18.44 1 408 A.... "C:\Program Files\Xfire\templates\infoview\style.tmpl"
3 Dec 2008 23.18.44 631 A.... "C:\Program Files\Xfire\templates\infoview\systemmsg.tmpl"
3 Dec 2008 23.18.44 6 099 A.... "C:\Program Files\Xfire\templates\infoview\user.tmpl"
3 Dec 2008 23.18.44 949 A.... "C:\Program Files\Xfire\templates\infoview\videos_help.tmpl"
3 Dec 2008 23.18.44 1 598 A.... "C:\Program Files\Xfire\templates\infoview\video_header.tmpl"
3 Dec 2008 23.18.44 2 376 A.... "C:\Program Files\Xfire\templates\infoview\video.tmpl"
25 Dec 2008 21.58.46 1 657 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe.html"
21 Dec 2008 1.57.12 937 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\BBSPages\temp1.htm"
21 Dec 2008 1.48.28 30 676 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\data\domain.data"
21 Dec 2008 1.48.44 24 914 036 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\data\elements.data"
21 Dec 2008 1.48.28 277 184 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\data\gshop.data"
21 Dec 2008 1.49.10 36 048 797 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\data\tasks.data"
21 Dec 2008 1.48.44 18 756 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\element\data\task_npc.data"
3 Dec 2008 23.18.44 3 139 A.... "C:\Program Files\Xfire\templates\infoview\bf2\game_bf2.tmpl"
3 Dec 2008 23.18.44 17 953 A.... "C:\Program Files\Xfire\templates\infoview\bf2\game_bf2_js.tmpl"
3 Dec 2008 23.18.44 6 208 A.... "C:\Program Files\Xfire\templates\infoview\codmp\game_codmp.tmpl"
3 Dec 2008 23.18.44 8 240 A.... "C:\Program Files\Xfire\templates\infoview\codmp\game_codmp_js.tmpl"
3 Dec 2008 23.18.44 5 989 A.... "C:\Program Files\Xfire\templates\infoview\coduomp\game_coduomp.tmpl"
3 Dec 2008 23.18.44 8 136 A.... "C:\Program Files\Xfire\templates\infoview\coduomp\game_coduomp_js.tmpl"
3 Dec 2008 23.18.44 4 258 A.... "C:\Program Files\Xfire\templates\infoview\cs\game_cs.tmpl"
3 Dec 2008 23.18.44 8 844 A.... "C:\Program Files\Xfire\templates\infoview\cs\game_cs_js.tmpl"
3 Dec 2008 23.18.44 4 266 A.... "C:\Program Files\Xfire\templates\infoview\css\game_css.tmpl"
3 Dec 2008 23.18.44 10 640 A.... "C:\Program Files\Xfire\templates\infoview\css\game_css_js.tmpl"
3 Dec 2008 23.18.44 6 593 A.... "C:\Program Files\Xfire\templates\infoview\ut2k4\game_ut2k4.tmpl"
3 Dec 2008 23.18.44 9 931 A.... "C:\Program Files\Xfire\templates\infoview\ut2k4\game_ut2k4_js.tmpl"
3 Dec 2008 23.18.44 11 713 A.... "C:\Program Files\Xfire\templates\infoview\wow\game_wow.tmpl"
25 Dec 2008 21.58.46 733 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\BSpacer.html"
25 Dec 2008 21.58.46 306 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\CSpacer.html"
25 Dec 2008 21.58.46 1 322 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\Greeting.html"
25 Dec 2008 21.58.46 1 638 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\Index.html"
25 Dec 2008 21.58.46 335 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\LBorder.html"
25 Dec 2008 21.58.46 1 944 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\Nav.html"
25 Dec 2008 21.58.46 346 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\RBorder.html"
25 Dec 2008 21.58.46 1 379 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\Requirements.html"
25 Dec 2008 21.58.46 776 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\Splash.html"
25 Dec 2008 21.58.46 2 716 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Layout\TBorder.html"
25 Dec 2008 21.58.46 1 300 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(Mac)Foreword.html"
25 Dec 2008 21.58.46 1 386 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(Mac)Installation.html"
25 Dec 2008 21.58.46 1 242 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(Mac)Patching.html"
25 Dec 2008 21.58.46 2 155 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(Mac)ReadMeMenu.html"
25 Dec 2008 21.58.46 2 145 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(Mac)SystemRequirements.html"
25 Dec 2008 21.58.46 1 700 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(Mac)Uninstall.html"
25 Dec 2008 21.58.46 1 300 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(PC)Foreword.html"
25 Dec 2008 21.58.46 1 783 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(PC)Installation.html"
25 Dec 2008 21.58.46 1 240 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(PC)Patching.html"
25 Dec 2008 21.58.46 2 155 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(PC)ReadMeMenu.html"
25 Dec 2008 21.58.46 2 444 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(PC)SystemRequirements.html"
25 Dec 2008 21.58.46 2 078 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\(PC)Uninstall.html"
25 Dec 2008 21.58.46 15 683 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\BasicCommands.html"
25 Dec 2008 21.58.46 1 692 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\CharacterNaming.html"
25 Dec 2008 21.58.46 22 644 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\EULA.html"
25 Dec 2008 21.58.46 3 853 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\GettingStarted.html"
25 Dec 2008 21.58.46 1 141 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\ManualErrata.html"
25 Dec 2008 21.58.46 2 892 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\ReadMe\RealmSelection.html"
25 Dec 2008 21.58.46 3 704 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\(Mac)SupportMenu.html"
25 Dec 2008 21.58.46 2 992 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\(Mac)TechnicalSupport.html"
25 Dec 2008 21.58.46 3 707 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\(PC)SupportMenu.html"
25 Dec 2008 21.58.46 5 339 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\(PC)TechnicalSupport.html"
25 Dec 2008 21.58.46 3 748 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\AccountAdministration.html"
25 Dec 2008 21.58.46 3 473 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\BlizzardInsider.html"
25 Dec 2008 21.58.46 3 473 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\Employment.html"
25 Dec 2008 21.58.46 3 473 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\GameSupport.html"
25 Dec 2008 21.58.46 1 179 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\GameSuggestions.html"
25 Dec 2008 21.58.46 2 891 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Support\Password.html"
25 Dec 2008 21.58.46 1 509 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)AudioProblems.html"
25 Dec 2008 21.58.46 3 026 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html"
25 Dec 2008 21.58.46 6 441 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)ConnectionLoginProblems.html"
25 Dec 2008 21.58.46 2 459 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)GameplayProblems.html"
25 Dec 2008 21.58.46 1 000 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)Install.html"
25 Dec 2008 21.58.46 4 667 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)PreventiveMaintenance.html"
25 Dec 2008 21.58.46 5 218 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)StartupProblems.html"
25 Dec 2008 21.58.46 2 122 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)TroubleshootingMenu.html"
25 Dec 2008 21.58.46 7 205 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(Mac)VideoProblems.html"
25 Dec 2008 21.58.46 4 591 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)AudioProblems.html"
25 Dec 2008 21.58.46 4 261 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html"
25 Dec 2008 21.58.46 6 089 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)ConnectionLoginProblems.html"
25 Dec 2008 21.58.46 2 458 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)GameplayProblems.html"
25 Dec 2008 21.58.46 2 277 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)Install.html"
25 Dec 2008 21.58.46 7 808 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)PreventiveMaintenance.html"
25 Dec 2008 21.58.46 5 282 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)StartupProblems.html"
25 Dec 2008 21.58.46 2 099 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)TroubleshootingMenu.html"
25 Dec 2008 21.58.46 8 431 A.... "C:\Program Files\Kopie - WoW\Data\enGB\Documentation\Troubleshooting\(PC)VideoProblems.html"
21 Dec 2008 1.46.14 18 A.... "C:\Program Files\Perfect World Entertainment\Perfect World International\config\launcher\check\ń“•+ŃÝ÷ď.bat"
30 Nov 2008 20.09.20 4 601 A.... "C:\Program Files\ICQ6 cz\services\icqXtraz\ver1\content\game_center\index4.html"
30 Nov 2008 20.09.20 619 A.... "C:\Program Files\ICQ6 cz\services\icqXtraz\ver1\content\game_center\lobby_banner.html"
27 Nov 2008 19.40.54 55 445 A.... "C:\Program Files\ICQ6 cz\services\icqXtraz\ver1\content\random_service\random_service5.zip"
24 Dec 2008 15.03.26 37 495 A.... "C:\Program Files\ICQ6 cz\services\icqXtraz\ver1\content\zlango\content.zip"
24 Dec 2008 15.03.46 70 837 A.... "C:\Program Files\ICQ6 cz\services\icqXtraz\ver1\theme\zlango\images.zip"


Files with hidden attributes:

Mon 7 Jan 2008 352 A..H. --- "C:\WINDOWS\nod32fixtemdono.reg"
Fri 23 May 2008 12,373,672 A..H. --- "C:\Downloads\Software\WoW-2.4.1.8125-to-2.4.2.8278-enGB-patch.exe"
Mon 4 Jun 2007 56 A.SHR --- "C:\WINDOWS\system32\4DE33A8182.sys"
Mon 4 Jun 2007 1,890 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Thu 16 Aug 2007 52,224 ..SHR --- "C:\Program Files\Selteco\Flash Designer 5\Setup.exe"
Sat 22 Nov 2008 5,762 ...HR --- "C:\Documents and Settings\Mous\Data aplikacˇ\SecuROM\UserData\securom_v7_01.bak"


Program Folders:

C:\Program Files\

1-abc
1C
7-Zip
Activision
Adobe
Age Of Empires 2 & The Conquerors Expansion - Full Game - [HUSSEY]
AGEIA Technologies
Ahead
AIDA32 - Enterprise System Information
Alcohol Soft
AnakreoN
Any Audio Converter
AOL
Ashampoo
ASUS
ASUSTeK
Avant Browser
AVG
AWPR
Bethesda Softworks
BitLord
BLUEBYTE
Call of Duty
Centauri
Cloud
Codemasters
Common Files
Comodo
ComPlus Applications
Cool Record Edit Deluxe
Cucusoft
CyberLink
DAEMON Tools
DAEMON Tools SearchBar
Data
Diablo II
DIFX
DivX
Doom 3
Dreamcatcher
EasyPHP 2.0b1
Eidos Interactive
ElcomSoft
Electronic Arts
eMule
ESET
Eusing Free Registry Cleaner
Evers Realm list
Fallout 3
Flagship Studios
FLV Player
Folder Lock
fonts
Fragment
Fraps
Free Download Manager
FreshDevices
Fuk
GALA-NET
GamePark
Google
gPotato.eu
Guild Wars
Hamachi
hhtlpbtlwtft
Christmasville
ICQ FORCE
ICQ6
ICQ6 cz
InstallShield Installation Information
InterActual
Internet Explorer
iPod
iTunes
Java
JLC's Software
JoWooD
Knytt Stories
Kopie - STRONG (Mous)
Kopie - STRONG+
Kopie - WoW
Kopie (2) - STRONG (Mous)
Kwyshell
Lavasoft
LeechGet 2007
Macromedia
Malwarebytes' Anti-Malware
Manison Softworks
Medvěd Míša ve vesmíru
Messenger
Metin2_TESTER
microsoft frontpage
Microsoft Games
Microsoft Kalkulačka+
Microsoft Office
Microsoft SDKs
Microsoft Silverlight
Microsoft Visual Studio
Microsoft Visual Studio 9.0
Microsoft Works
Microsoft.NET
Midway Home Entertainment
Movie Maker
Mozilla Firefox
Mozilla Thunderbird
MSBuild
MSECache
MSN Gaming Zone
MSXML 4.0
MSXML 6.0
MySQL
Neiger
Nero
NetMeeting
Network Stumbler
New Folder
Nokia
Notebook Hardware Control
Online Services
Online TV Player 4
Opera
Outlook Express
PC Connectivity Solution
PC Inspector File Recovery
Perfect World Entertainment
Pět kouzelných amuletů
Pet Soccer
Phenomedia AG
PHP
PoxNora
ProxyShell
Prvocisla
QuickTime
RADVideo
Readon Technology
Real Desktop
Reality Pump
Red Alert 2
Reference Assemblies
ReflexiveArcade
RTFaceDetect
Řež
Scorpions WinCheater
Selteco
SiSoftware
Sjboy Emulator
Skype
SlySoft
Smart Projects
SnadBoy's Revelation v2
Starcraft
Stardock
STRONG (Mous)
STRONG+
Sweet Home 3D
SystemRequirementsLab
Teamspeak2_RC2
The Creative Assembly
THQ
TrackMania Sunrise
Ubisoft
Uninstall Information
VAIOXP
Valusoft
Ventrilo
VideoLAN
VoipCheapCom
VSO
Warcraft III
Webteh
WhatsRunning
WifiMon 1.0.16
WinAVI Video Converter
Windows Journal Viewer
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WinRAR
xerox
Xfire
xi-626
XMark 7.0
ZangoToolbar
Zero G Registry
ZIO Interactive
zzz
Žabka Kuňkalka na Kouzelné louce

C:\Program Files\Common Files\

Adobe
Adobe Systems Shared
Ahead
Blizzard Entertainment
CyberLink
DESIGNER
DirectX
INCA Shared
InstallShield
Java
Macromedia
Merge Modules
Microsoft Shared
MSSoap
Nokia
ODBC
Panda Software
PCSuite
Services
Skype
SpeechEngines
Stardock
System
Wise Installation Wizard

[Mous]

Druhá část logu:

Add/Remove Programs:

1-abc.net Hard Drive Washer (Remove only)
XMark 7.0
Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
7-Zip 4.60 beta
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)
Active Security Monitor 2.0.0.18
Adobe Flash Player ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS2
Adobe Shockwave Player
Advanced Windows Password Recovery
AIDA32 v3.80
ALADDIN NASIRAS REVENGE
Any Audio Converter 1.0.1
Ashampoo PowerUP XP Platinum 2.20
Asterisk Key 8.3
Avant Browser (remove only)
Berušky II
Bink and Smacker
BitLord 1.1
BSPlayer
Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.
Call of Duty
Ferda - CDROMEK číslo 39
COMODO Firewall Pro
Cool Edit 96
Cool Record Edit Deluxe
Cucusoft MPEG/MOV/RM/DivX/AVI to VCD/DVD/SVCD Converter Lite 7.
EasyPHP 2.0b1
eMule
Microsoft Office Enterprise 2007
Eusing Free Registry Cleaner
Fallout 3
Flash Designer 5 (5.0.22.
FLV Player
Fraps (remove only)
Free Download Manager 2.5
Game Maker 6.1A
GamePark
Guild Wars
Hamachi 1.0.3.0
HijackThis 2.0.2
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
igLoader
DOOM 3: Resurrection of Evil
ASUS SmartDoctor
ASUS Video Security
CyberLink PowerDVD 8
ASUS GameFace Live
Call of Duty - United Offensive
Call of Duty(R) 4 - Modern Warfare(TM)
Doom 3
EA Download Manager
ASUS Utilities
InterActual Player
JLC's Internet TV
Oprava Hotfix systému Windows XP číslo KB873339
Oprava Hotfix systému Windows XP číslo KB885836
Oprava Hotfix systému Windows XP číslo KB886185
Oprava Hotfix systému Windows XP číslo KB887472
Oprava Hotfix systému Windows XP číslo KB888302
Aktualizace zabezpečení systému Windows XP (KB890046)
Oprava Hotfix systému Windows XP číslo KB890859
Oprava Hotfix systému Windows XP číslo KB891781
Aktualizace zabezpečení systému Windows XP (KB893756)
Windows Installer 3.1 (KB893803)
Aktualizace systému Windows XP (KB894391)
Aktualizace zabezpečení systému Windows XP (KB896358)
Aktualizace zabezpečení systému Windows XP (KB896423)
Aktualizace zabezpečení systému Windows XP (KB896428)
Aktualizace systému Windows XP (KB898461)
Aktualizace zabezpečení systému Windows XP (KB899587)
Aktualizace zabezpečení systému Windows XP (KB899591)
Aktualizace systému Windows XP (KB900485)
Aktualizace zabezpečení systému Windows XP (KB900725)
Aktualizace zabezpečení systému Windows XP (KB901017)
Aktualizace zabezpečení systému Windows XP (KB901214)
Aktualizace zabezpečení systému Windows XP (KB902400)
Aktualizace zabezpečení systému Windows XP (KB904706)
Aktualizace zabezpečení systému Windows XP (KB905414)
Aktualizace zabezpečení systému Windows XP (KB905749)
Aktualizace zabezpečení systému Windows XP (KB908519)
Aktualizace systému Windows XP (KB908531)
Aktualizace systému Windows XP (KB910437)
Aktualizace systému Windows XP (KB911280)
Aktualizace zabezpečení systému Windows XP (KB911562)
Aktualizace zabezpečení aplikace Windows Media Player (KB911564)
Aktualizace zabezpečení systému Windows XP (KB911927)
Aktualizace zabezpečení systému Windows XP (KB913580)
Aktualizace zabezpečení systému Windows XP (KB914388)
Aktualizace zabezpečení systému Windows XP (KB914389)
Hotfix for Windows XP (KB915865)
Aktualizace systému Windows XP (KB916595)
Aktualizace zabezpečení systému Windows XP (KB917344)
Aktualizace zabezpečení systému Windows XP (KB917422)
Aktualizace zabezpečení systému Windows XP (KB917953)
Aktualizace zabezpečení systému Windows XP (KB918118)
Aktualizace zabezpečení systému Windows XP (KB918439)
Aktualizace zabezpečení systému Windows XP (KB919007)
Aktualizace zabezpečení systému Windows XP (KB920213)
Aktualizace zabezpečení systému Windows XP (KB920670)
Aktualizace zabezpečení systému Windows XP (KB920683)
Aktualizace zabezpečení systému Windows XP (KB920685)
Aktualizace systému Windows XP (KB920872)
Aktualizace zabezpečení systému Windows XP (KB921503)
Aktualizace systému Windows XP (KB922582)
Aktualizace zabezpečení systému Windows XP (KB922819)
Aktualizace zabezpečení systému Windows XP (KB923191)
Aktualizace zabezpečení systému Windows XP (KB923414)
Aktualizace zabezpečení systému Windows XP (KB923694)
Aktualizace zabezpečení systému Windows XP (KB923789)
Aktualizace zabezpečení systému Windows XP (KB923980)
Aktualizace zabezpečení systému Windows XP (KB924191)
Aktualizace zabezpečení systému Windows XP (KB924270)
Aktualizace zabezpečení systému Windows XP (KB924496)
Aktualizace zabezpečení systému Windows XP (KB924667)
Aktualizace zabezpečení aplikace Windows Media Player 6.4 (KB925398)
Aktualizace systému Windows XP (KB925720)
Aktualizace zabezpečení systému Windows XP (KB925902)
Hotfix for Windows XP (KB926239)
Aktualizace zabezpečení systému Windows XP (KB926255)
Aktualizace zabezpečení systému Windows XP (KB926436)
Aktualizace zabezpečení systému Windows XP (KB927779)
Aktualizace zabezpečení systému Windows XP (KB927802)
Aktualizace systému Windows XP (KB927891)
Aktualizace zabezpečení systému Windows XP (KB928255)
Aktualizace zabezpečení systému Windows XP (KB928843)
Aktualizace zabezpečení systému Windows XP (KB929123)
Hotfix for Windows Media Format 11 SDK (KB929399)
Aktualizace zabezpečení systému Windows XP (KB929969)
Aktualizace zabezpečení systému Windows XP (KB930178)
Aktualizace systému Windows XP (KB930916)
Aktualizace zabezpečení systému Windows XP (KB931261)
Aktualizace zabezpečení systému Windows XP (KB931768)
Aktualizace zabezpečení systému Windows XP (KB931784)
Aktualizace systému Windows XP (KB931836)
Aktualizace zabezpečení systému Windows XP (KB932168)
Aktualizace systému Windows XP (KB932823-v3)
Aktualizace systému Windows XP (KB933360)
Aktualizace zabezpečení systému Windows XP (KB933566)
Aktualizace zabezpečení systému Windows XP (KB933729)
Aktualizace zabezpečení systému Windows XP (KB935839)
Aktualizace zabezpečení systému Windows XP (KB935840)
Aktualizace zabezpečení systému Windows XP (KB936021)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782)
Aktualizace zabezpečení systému Windows XP (KB937143)
Aktualizace zabezpečení systému Windows XP (KB937894)
Aktualizace zabezpečení systému Windows XP (KB938127)
Aktualizace zabezpečení systému Windows XP (KB938464)
Aktualizace systému Windows XP (KB938828)
Aktualizace zabezpečení systému Windows XP (KB938829)
Aktualizace zabezpečení systému Windows XP (KB939653)
Oprava hotfix aplikace Windows Media Player 11 (KB939683)
Aktualizace zabezpečení systému Windows XP (KB941202)
Aktualizace zabezpečení systému Windows XP (KB941568)
Aktualizace zabezpečení produktu Windows XP (KB941569)
Aktualizace zabezpečení systému Windows XP (KB941644)
Aktualizace zabezpečení systému Windows XP (KB941693)
Aktualizace systému Windows XP (KB942763)
Aktualizace systému Windows XP (KB942840)
Aktualizace zabezpečení systému Windows XP (KB943055)
Aktualizace zabezpečení systému Windows XP (KB943460)
Aktualizace zabezpečení systému Windows XP (KB943485)
Aktualizace zabezpečení systému Windows XP (KB944533)
Aktualizace zabezpečení systému Windows XP (KB944653)
Aktualizace zabezpečení systému Windows XP (KB945553)
Aktualizace zabezpečení systému Windows XP (KB946026)
Aktualizace zabezpečení systému Windows XP (KB946648)
Aktualizace zabezpečení systému Windows XP (KB948590)
Aktualizace zabezpečení systému Windows XP (KB948881)
Aktualizace zabezpečení systému Windows XP (KB950749)
Aktualizace zabezpečení systému Windows XP (KB950762)
Aktualizace zabezpečení systému Windows XP (KB950974)
Aktualizace zabezpečení systému Windows XP (KB951066)
Aktualizace systému Windows XP (KB951072-v2)
Aktualizace zabezpečení systému Windows XP (KB951376-v2)
Aktualizace zabezpečení systému Windows XP (KB951698)
Aktualizace zabezpečení systému Windows XP (KB951748)
Oprava Hotfix systému Windows XP (KB952287)
Aktualizace zabezpečení systému Windows XP (KB952954)
Aktualizace zabezpečení systému Windows XP (KB953839)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)
Live TV Toolbar
Macromedia Flash 8 Pro CZ
Malwarebytes' Anti-Malware
Medvěd Míša ve vesmíru
Microsoft .NET Framework 3.5
Microsoft Visual C++ 2008 Express Edition - ENU
Mozilla Firefox (3.0.5)
Mozilla Thunderbird (2.0.0.9)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft National Language Support Downlevel APIs
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
Nokia Connectivity Framework 1.2
Nokia PC Suite
Notebook Hardware Control 2.0 Pre-Release-06
NVIDIA Drivers
ObjectDock
Opera
PC Translator
Pet Soccer
Prison Tycoon (remove only)
Proactive System Password Recovery (remove only)
ProxyShell Hide IP 3.0.1
Pět kouzelných amuletů
Real Desktop 1.32a Light
Command & Conquer Red Alert 2
Řež
RTFaceDetect
Ruske / Ukrajinske foneticke klavesnice pro WIN 2000/XP 1.3
Scorpions WinCheater
Adobe Flash Player 9 ActiveX
SiSoftware Sandra Professional 2004 (Jagged Online Ltd Edition)
Sjboy Beta4
SnadBoy's Revelation v2
Software Development Kit for Nokia 6131 NFC 1.1
Starcraft
Sweet Home 3D version 1.2
System Requirements Lab
TeamSpeak 2 RC2
TrackMania Sunrise Extreme 1.5.0
Total Commander (Remove or Repair)
VideoLAN VLC media player 0.8.6c
VoipCheapCom
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
What's Running 2.2
Windows Imaging Component
WifiMon
WinAVI Video Converter
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR
Windows Media Format 11 runtime
Windows Media Player 11
Worms Armageddon - New Edition
Microsoft User-Mode Driver Framework Feature Pack 1.5
Xfire (remove only)
XML Paper Specification Shared Components Pack 1.0
Zoo Tycoon: Complete Collection
Zoo Tycoon 2
Nokia Software Updater
DOOM 3: Resurrection of Evil
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
MSXML 6.0 Parser (KB933579)
ASUS SmartDoctor
ASUS Video Security
AutoUpdate
PC Connectivity Solution
Google Earth
LCP 5.04
DVD Suite
MSVC80_x86
Adobe Photoshop CS2
Mercenaries 2: World in Flames(tm)
Command & Conquer™ Red Alert™ 3
Nokia Flashing Cable Driver
The Battle for Middle-earth (tm) II
Microsoft .NET Framework 3.0 Service Pack 1
Macromedia Flash 8
CyberLink PowerDVD 8
Google Toolbar for Firefox
Microsoft .NET Framework 3.5
ASUS Enhanced Display Driver
Java(TM) 6 Update 4
NFS[Beta]
Přídav
Readon Free Internet TV and Online Radio 1.1.0.0
Microsoft Windows Journal Viewer
Nero 7 Premium
iTunes
Macromedia Extension Manager
neroxml
Skype™ 3.8
ICQ6
PowerDVD
ASUS GameFace Live
Iron Man
Microsoft Visual C++ 2005 Redistributable
Adobe Stock Photos 1.0
Ventrilo Client
Archlord Episode 3
Špión - Strašidelný dům
DivX Codec
Zune Desktop Theme
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Microsoft Silverlight
Install(US)2
DivX Player
Macromedia Flash 8 Video Encoder
Assassin's Creed
Adobe Common File Installer
Microsoft Software Update for Web Folders (Czech) 12
Microsoft Office Access MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Excel MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office PowerPoint MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Publisher MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Outlook MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Word MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Proof (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Proof (German) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Proof (English) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Proof (Slovak) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Proofing (Czech) 2007
Microsoft Office Enterprise 2007
Security Update for 2007 Microsoft Office System (KB951596)
Update for Microsoft Office Outlook 2007 (KB952142)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for Microsoft Office system 2007 (KB951808)
Update for Outlook 2007 Junk Email Filter (kb956080)
Update for Office 2007 (KB946691)
Security Update for Microsoft Office Word 2007 (KB950113)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Microsoft Office InfoPath MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Shared MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office OneNote MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
Microsoft Office Groove MUI (Czech) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Games for Windows - LIVE Redistributable
AGEIA PhysX v7.11.13
Fallout 3
Google SketchUp 6
COMODO Registry Cleaner 1.0.12.16
SPORE™
Malý špión
Hellgate: London
Call of Duty - United Offensive
ESET NOD32 Antivirus
Microsoft Kalkulačka+
Adobe Reader 8.1.3
Command & Conquer 3
DivX Converter
Google SketchUp 6
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Managed DirectX (1126)
Microsoft .NET Framework 2.0 Service Pack 1
DivX Web Player
Adobe Bridge 1.0
Apple Software Update
ICQ FORCE by ad4
PowerProducer
The Lord of the Rings, The Rise of the Witch-king
VAIOXP
ConvertXtoDVD 2.2.3.258
QuickTime
MSXML 4.0 SP2 (KB936181)
Frontlines: Fuel of War
Nokia Connectivity Cable Driver
Microsoft Visual C++ 2008 Express Edition - ENU
Nokia PC Suite
Ad-Aware 2007
Call of Duty(R) 4 - Modern Warfare(TM)
Adobe Help Center 1.0
MySQL Server 5.0
Battlefield 2142
Doom 3
EA Download Manager
PHP 5.2.1
ASUS Utilities
Sousedé z pekla 2
Death Track: Resurrection Demo
Doom 3
Čeština na program Game Maker 6.1 CZ
Žabka Kuňkalka na Kouzelné louce
Advanced Archive Password Recovery
Google Chrome
mpowerplayer
Warcraft III: All Products


Run Values:

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"LanguageShortcut"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""
"SoundMan"="SOUNDMAN.EXE"
"WifiMon"="C:\\Program Files\\Manison Softworks\\WifiMon\\wifimon.exe"
"COMODO Firewall Pro"="\"C:\\Program Files\\Comodo\\Firewall\\CPF.exe\" /background"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_04\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"RemoteControl8"="\"C:\\Program Files\\CyberLink\\PowerDVD8\\PDVD8Serv.exe\""
"PDVD8LanguageShortcut"="\"C:\\Program Files\\CyberLink\\PowerDVD8\\Language\\Language.exe\""
"BDRegion"="C:\\Program Files\\Cyberlink\\Shared Files\\brs.exe"
"mspwr"="C:\\WINDOWS\\system32\\PuXpMan2.exe"
"NotebookHardwareControl"="\"C:\\Program Files\\Notebook Hardware Control\\nhc.exe\" -quiet"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"egui"="\"C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\egui.exe\" /hide /waitservice"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"SDFix"="C:\\SDFix\\RunThis.bat /second"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"Free Download Manager"="\"C:\\Program Files\\Free Download Manager\\fdm.exe\" -autorun"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"OEXPRESS"="C:\\Documents and Settings\\All Users\\Data aplikací\\LangSoft\\OETRN.EXE"
"WEBTRAN"=""
"Google Update"="\"C:\\Documents and Settings\\Mous\\Local Settings\\Data aplikací\\Google\\Update\\GoogleUpdate.exe\" /c"
"Nokia.PCSync"="\"C:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSync2.exe\" /NoDialog"
"PC Suite Tray"="\"C:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AutorunsDisabled]
"ASUS SmartDoctor"="C:\\Program Files\\ASUS\\SmartDoctor\\\\SmartDoctor.exe /start"


Bot Check:

SERVICE_NAME: wscsvc
DISPLAY_NAME : Centrum zabezpe
START_TYPE : 2 AUTO_START

SERVICE_NAME: sharedaccess
DISPLAY_NAME : Brána Firewall / Sdílení p
START_TYPE : 2 AUTO_START

SERVICE_NAME: wuauserv
DISPLAY_NAME : Automatické aktualizace
START_TYPE : 2 AUTO_START

SERVICE_NAME: srservice
DISPLAY_NAME : Slu
START_TYPE : 2 AUTO_START

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="Y"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"WaitToKillServiceTimeout"="20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SFCDisable"=dword:00000000
"Shell"="Explorer.exe"
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions]
"Approved"=dword:00000001



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"TransportBindName"="\\Device\\"


ShellExecuteHooks:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook"



Environment:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment
ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe
Path REG_EXPAND_SZ %systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\PHP;C:\PROGRAM FILES\COMMON FILES\ADOBE\AGL;C:\Program Files\QuickTime\QTSystem;C:\Program Files\VAIOXP\Libraries
windir REG_EXPAND_SZ %SystemRoot%
OS REG_SZ Windows_NT
PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
TEMP REG_EXPAND_SZ %SystemRoot%\TEMP
TMP REG_EXPAND_SZ %SystemRoot%\TEMP
VS90COMNTOOLS REG_SZ C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\
CLASSPATH REG_SZ .;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
QTJAVA REG_SZ C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
HellgateEnv REG_SZ C:\Program Files\Flagship Studios\Hellgate London\
PHPRC REG_SZ C:\Program Files\PHP\

SecurityProviders:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Authentication Packages:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0


Subsystem Startup:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"Windows"="%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16"


Midi Drivers:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midi"="wdmaud.drv"
"midi1"="wdmaud.drv"


Non-Default IFEO Debugger:


Non-Default Installed Components:


Non-Default Safeboot Minimal:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\psexesvc
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\wdf01000.sys
<NO NAME> REG_SZ Driver


File Associations:


[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\cmdfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\htafile\shell\open\command]
@="C:\\WINDOWS\\system32\\mshta.exe \"%1\" %*"

[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"

[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"

[HKEY_CLASSES_ROOT\regedit\shell\open\command]
@="regedit.exe %1"

[HKEY_CLASSES_ROOT\regfile\shell\open\command]
@="regedit.exe \"%1\""

[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"

[HKEY_CLASSES_ROOT\txtfile\shell\open\command]
@="%SystemRoot%\system32\NOTEPAD.EXE %1"


Finished!

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

sc config PSEXESVC start= disabled
sc stop PSEXESVC
sc delete PSEXESVC

ulož si ho na plochu jako-název remove.bat a ulož ho jako typ všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.Otevře se Dosovské okno a zavře. Restartuj comp.

Poté:
Stahni si Avanger
do něj podle navodu:
zadej prikaz z kodu:

Kód: Vybrat vše

Files to delete:
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\system32\sH6Mue1r.exe
C:\WINDOWS\system32\svch?st.exe
C:\WINDOWS\temp\scs11.tmp

po restartu sem dej log z avengeru

potom:
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Budeme pokračovat zítra.

[Mous]

Lolg a avengeru:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\PSEXESVC.EXE" deleted successfully.
File "C:\WINDOWS\system32\sH6Mue1r.exe" deleted successfully.

Error: could not open file "C:\WINDOWS\system32\svch?st.exe"
Deletion of file "C:\WINDOWS\system32\svch?st.exe" failed!
Status: 0xc0000033 (STATUS_OBJECT_NAME_INVALID)
--> an object cannot have this name


Error: file "C:\WINDOWS\temp\scs11.tmp" not found!
Deletion of file "C:\WINDOWS\temp\scs11.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.

[Mous]

Log z combo fix:

ComboFix 09-01-06.02 - Mous 2009-01-07 15:08:01.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.2047.1520 [GMT 1:00]
Spuštěný z: c:\documents and settings\Mous\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Mous\Data aplikací\inst.exe
c:\documents and settings\Mous\Local Settings\Temporary Internet Files\SLOVA.WAV
c:\windows\system32\_000111_.tmp.dll
c:\windows\system32\aenxafdj.ini
c:\windows\system32\ajcotsol.ini
c:\windows\system32\axhxuadv.ini
c:\windows\system32\aybrbfub.ini
c:\windows\system32\BReWErS.dll
c:\windows\system32\cocuaids.ini
c:\windows\system32\crbgwhqc.ini
c:\windows\system32\eadxfyba.ini
c:\windows\system32\gnslmgqn.ini
c:\windows\system32\hlubogwl.ini
c:\windows\system32\icyodisk.ini
c:\windows\system32\ikrabmnq.ini
c:\windows\system32\jjtnthdw.ini
c:\windows\system32\jmbdyfmu.ini
c:\windows\system32\jnpooujp.ini
c:\windows\system32\jvyrsutu.ini
c:\windows\system32\kvgquhkf.ini
c:\windows\system32\ldnifgwh.ini
c:\windows\system32\libpswtb.ini
c:\windows\system32\nafoqsen.ini
c:\windows\system32\newbvwpg.ini
c:\windows\system32\nfjqdkxc.ini
c:\windows\system32\obqrfwcj.ini
c:\windows\system32\oomuupqs.ini
c:\windows\system32\pdtnisno.ini
c:\windows\system32\plpfhcai.ini
c:\windows\system32\pwayknee.ini
c:\windows\system32\qbptbteb.ini
c:\windows\system32\qiehdoed.ini
c:\windows\system32\rarrlewe.ini
c:\windows\system32\raxkgvxk.ini
c:\windows\system32\sqxyxbkc.ini
c:\windows\system32\ttsrbmhf.ini
c:\windows\system32\UTSCSI.EXE
c:\windows\system32\wqvrlmiq.ini
c:\windows\system32\xhxltbtg.ini
c:\windows\system32\xjjcosfd.ini
c:\windows\system32\xxyHiRqr.ini
c:\windows\system32\xxyHiRqr.ini2
c:\windows\system32\yxxkqlsy.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-12-07 do 2009-01-07 )))))))))))))))))))))))))))))))
.

2009-01-07 14:40 . 2009-01-07 14:40 <DIR> d-------- c:\program files\Common Files\PCSuite
2009-01-07 14:39 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2009-01-07 14:38 . 2009-01-07 14:38 <DIR> d-------- c:\program files\PC Connectivity Solution
2009-01-07 14:37 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2009-01-07 14:37 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2009-01-07 14:37 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2009-01-07 14:37 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2009-01-07 14:37 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-01-07 14:37 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2009-01-06 20:55 . 2009-01-07 14:19 <DIR> d-------- C:\SDFix
2009-01-06 20:40 . 2009-01-06 20:48 <DIR> d-------- C:\VerTer
2009-01-06 20:32 . 2009-01-06 20:33 <DIR> d-------- C:\rsit
2009-01-06 16:57 . 2009-01-06 16:57 <DIR> d-------- c:\windows\ERUNT
2009-01-06 15:08 . 2009-01-06 15:08 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-06 15:08 . 2009-01-06 15:08 <DIR> d-------- c:\documents and settings\Mous\Data aplikací\Malwarebytes
2009-01-06 15:08 . 2009-01-06 15:08 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-01-06 15:08 . 2009-01-04 18:41 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-06 15:08 . 2009-01-04 18:41 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-05 16:01 . 2009-01-05 16:01 <DIR> dr------- c:\documents and settings\NetworkService\Oblíbené položky
2009-01-05 16:01 . 2009-01-05 16:01 <DIR> d-------- c:\documents and settings\NetworkService\Data aplikací\LangSoft
2009-01-05 14:56 . 2004-08-17 15:49 61,440 --a------ c:\windows\system32\svchost.exe
2008-12-25 21:05 . 2008-12-25 21:05 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Blizzard
2008-12-20 16:31 . 2004-08-17 15:49 21,504 --a------ c:\windows\system32\hidserv.dll
2008-12-20 16:31 . 2004-08-17 15:49 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2008-12-20 16:31 . 2004-08-17 15:45 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys
2008-12-20 16:31 . 2004-08-17 15:45 14,848 --a--c--- c:\windows\system32\dllcache\kbdhid.sys
2008-12-20 16:21 . 2003-01-01 00:06 <DIR> d-------- c:\temp\Plocha zastup
2008-12-16 19:43 . 2008-11-18 16:52 <DIR> dr------- c:\program files\Age Of Empires 2 & The Conquerors Expansion - Full Game - [HUSSEY]
2008-12-16 18:09 . 2008-12-16 18:09 <DIR> d-------- c:\program files\ProxyShell
2008-12-15 16:15 . 2009-01-06 21:25 <DIR> d-------- c:\program files\Metin2_TESTER
2008-12-11 21:37 . 2008-12-11 21:37 42,320 --a------ c:\windows\system32\xfcodec.dll
2008-12-10 17:51 . 2008-12-10 17:51 <DIR> d-------- c:\program files\Windows Journal Viewer
2008-12-10 17:42 . 2008-12-10 17:43 <DIR> d-------- c:\program files\VAIOXP
2008-12-10 17:42 . 2008-12-10 17:42 <DIR> d-------- c:\program files\Data

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-07 14:10 --------- d-----w c:\documents and settings\Mous\Data aplikací\Hamachi
2009-01-07 14:03 --------- d-----w c:\documents and settings\Mous\Data aplikací\Xfire
2009-01-07 14:03 --------- d-----w c:\documents and settings\Mous\Data aplikací\Free Download Manager
2009-01-07 14:01 22,528 ----a-w c:\windows\system32\drivers\nhcDriver.sys
2009-01-07 14:01 --------- d-----w c:\program files\Fallout 3
2009-01-07 13:40 --------- d-----w c:\program files\Nokia
2009-01-07 13:39 --------- d-----w c:\program files\Common Files\Nokia
2009-01-07 13:36 --------- d-----w c:\documents and settings\All Users\Data aplikací\Installations
2009-01-05 18:46 --------- d-----w c:\program files\Warcraft III
2009-01-05 14:32 --------- d-----w c:\program files\Kopie - WoW
2009-01-02 17:03 --------- d-----w c:\documents and settings\Mous\Data aplikací\Skype
2009-01-02 17:01 --------- d-----w c:\documents and settings\Mous\Data aplikací\skypePM
2009-01-01 19:22 --------- d-----w c:\program files\Knytt Stories
2008-12-29 08:50 --------- d-----w c:\program files\hhtlpbtlwtft
2008-12-24 14:25 --------- d-----w c:\program files\Scorpions WinCheater
2008-12-22 15:09 --------- d-----w c:\program files\Pět kouzelných amuletů
2008-12-21 14:17 --------- d-----w c:\program files\Fraps
2008-12-17 14:58 --------- d-----w c:\documents and settings\Mous\Data aplikací\teamspeak2
2008-12-17 13:13 --------- d-----w c:\program files\Xfire
2008-12-10 16:45 --------- d-----w c:\program files\Microsoft Games
2008-12-06 22:36 --------- d-----w c:\program files\Common Files\Skype
2008-12-06 22:36 --------- d-----w c:\documents and settings\All Users\Data aplikací\Skype
2008-12-01 16:34 --------- d-----w c:\program files\Bethesda Softworks
2008-12-01 16:12 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-01 16:12 --------- d-----w c:\documents and settings\All Users\Data aplikací\Fallout3
2008-12-01 16:08 --------- d-----w c:\program files\Diablo II
2008-12-01 15:50 --------- d-----w c:\program files\Electronic Arts
2008-11-27 22:02 --------- d-----w c:\program files\7-Zip
2008-11-26 14:09 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2008-11-22 14:07 --------- d-----w c:\documents and settings\Mous\Data aplikací\Red Alert 3
2008-11-22 13:57 --------- d-----w c:\program files\PoxNora
2008-11-15 15:33 --------- d-----w c:\program files\Any Audio Converter
2008-11-12 20:56 --------- d-----w c:\program files\Common Files\Adobe
2008-11-12 20:16 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-11-12 20:16 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-11-12 20:13 --------- d-----w c:\documents and settings\All Users\Data aplikací\Nokia
2008-11-12 14:06 --------- d-----w c:\documents and settings\Mous\Data aplikací\PC Suite
2008-11-12 14:05 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-12 14:05 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-11-12 14:05 --------- d-----w c:\documents and settings\Mous\Data aplikací\Nokia
2008-11-12 14:05 --------- d-----w c:\documents and settings\All Users\Data aplikací\PC Suite
2008-11-12 14:01 --------- d-----w c:\program files\DIFX
2008-11-08 21:22 --------- d-----w c:\program files\RADVideo
2008-10-29 10:24 831,048 ----a-w c:\windows\system32\WudfUpdate_01005.dll
2008-10-27 09:04 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2008-10-10 03:52 452,440 ----a-w c:\windows\system32\d3dx10_40.dll
2008-10-10 03:52 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll
2008-10-10 03:52 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll
2008-09-01 22:32 1,935,872 ----a-w c:\program files\tvsetup.msi
2008-01-26 10:48 32 ----a-r c:\documents and settings\All Users\hash.dat
2007-11-25 19:02 22,328 ----a-w c:\documents and settings\Mous\Data aplikací\PnkBstrK.sys
2007-10-13 22:36 47,360 ----a-w c:\documents and settings\Mous\Data aplikací\pcouffin.sys
1999-04-23 22:22 12 --sha-w c:\windows\system\WININETICMP32.drv
2007-06-04 12:37 56 --sha-r c:\windows\system32\4DE33A8182.sys
2007-06-04 12:37 1,890 -csha-w c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2007-10-19 2445359]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-29 171464]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2008-02-27 26624]
"Google Update"="c:\documents and settings\Mous\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-10-23 133104]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 153136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"WifiMon"="c:\program files\Manison Softworks\WifiMon\wifimon.exe" [2005-02-07 108544]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2008-02-22 1115728]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-31 385024]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2008-03-21 91432]
"mspwr"="c:\windows\system32\PuXpMan2.exe" [2005-09-29 110592]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SDFix"="c:\sdfix\RunThis.bat" [2008-11-06 964661]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-05-17 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Mous\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-07-13 113664]
Hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2007-08-27 625952]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-04-04 3450608]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
Xfire.lnk - c:\program files\Xfire\xfire.exe [2008-12-11 2990416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0crcnat.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Avant Browser\\avant.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\STRONG+\\StrongDC.exe"=
"c:\\Program Files\\STRONG (Mous)\\StrongDC.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"c:\\Program Files\\Doom 3\\Doom3.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Call of Duty\\CoDUOMP.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\EasyPHP 2.0b1\\EasyPHP.exe"=
"c:\\Program Files\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\ICQ6 cz\\ICQ.exe"=
"c:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\THQ\\Frontlines-Fuel of War\\Binaries\\FFOW.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:80
"80:UDP"= 80:UDP:127.0.0.1
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3306:TCP"= 3306:TCP:MySQL Server

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-12-21 33800]
R3 ncfvsbus;NCF Virtual Serial Bus Enumerator;c:\windows\system32\drivers\ncfvsbus.sys [2008-09-03 25088]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-08-03 69120]
R3 Video3D;ASUS Video3D Service;c:\windows\system32\drivers\Video3D.sys [2004-07-06 44544]
R4 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [2008-02-01 16:24:04 41456]
R4 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
S3 Aasnunsns;Aasnunsns; [x]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\DRIVERS\wlanNDS.sys --> c:\windows\system32\DRIVERS\wlanNDS.sys [?]
S4 FAH@C:+DOCUME~1+Mous+LOCALS~1+Temp+Rar$EX06.625+FAH.exe;FAH@C:+DOCUME~1+Mous+LOCALS~1+Temp+Rar$EX06.625+FAH.exe;c:\docume~1\Mous\LOCALS~1\Temp\Rar$EX06.625\FAH.exe -svcstart --> c:\docume~1\Mous\LOCALS~1\Temp\Rar$EX06.625\FAH.exe -svcstart [?]
S4 FAH@C:+Program Files+Fallout 3+FAH.exe;FAH@C:+Program Files+Fallout 3+FAH.exe;c:\program files\Fallout 3\FAH.exe -svcstart --> c:\program files\Fallout 3\FAH.exe -svcstart [?]
S4 sfrem02;FrontLine Drivers Auto Removal (v2);c:\windows\system32\sfrem02.exe svc --> c:\windows\system32\sfrem02.exe svc [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{559456ce-4bcc-11dc-9ed9-806d6172696f}]
\Shell\AutoRun\command - H:\install.exe
.
Obsah adresáře 'Naplánované úlohy'

2008-09-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2009-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-179605362-839522115-1003.job
- c:\documents and settings\Mous\Local Settings\Data aplikac []
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-WEBTRAN - (no file)


.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - c:\program files\Free Download Manager\FUM\fumiebtn.dll
FF - ProfilePath - c:\documents and settings\Mous\Data aplikací\Mozilla\Firefox\Profiles\q5s4rbic.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.tiscali.cz/home/
FF - plugin: c:\documents and settings\Mous\Local Settings\Data aplikacĂ­\Google\Update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll

ATTENTION: FIREFOX POLICIES ARE IN FORCE
FF - user.js: network.proxy.type - 0
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-07 15:10:40
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
"ServiceDll"="c:\windows\system32\es.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FAH@C:+DOCUME~1+Mous+LOCALS~1+Temp+Rar$EX06.625+FAH.exe]
"ImagePath"="c:\docume~1\Mous\LOCALS~1\Temp\Rar$EX06.625\FAH.exe -svcstart"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FAH@C:+Program Files+Fallout 3+FAH.exe]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
Celkový čas: 2009-01-07 15:12:39
ComboFix-quarantined-files.txt 2009-01-07 14:11:53

Před spuštěním: Volných bajtů: 21,605,924,864
Po spuštění: Volných bajtů: 21,665,198,080

316 --- E O F --- 2008-09-20 08:09:01