Viry v Notebooku Vyřešeno

[kocour34]

Jo a ještě mi přišlo zvláštní,že se opět objevil vir ve hře LEGIE,tam byl tenkrát při minulích potížích a odstranil jsem ho.
Není to divné?

[Reklama]

[jaro3]

Vlož log z HJT:
viewtopic.php?f=70&t=5119

Odinstaluj:
IObit Toolbar
Search Settings--pokud je najdeš..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Driver::
pe3aprwb
ps7aprwb

Folder::
c:\documents and settings\Pc\Data aplikací\Search Settings
c:\program files\IObit Toolbar
c:\program files\Ask.com

DDS::
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2304157


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT


Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.


V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\prospeed_bmp2jpg.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

+
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[kocour34]

Combofix sám odstranil tolbar IObit,ale při pokusu o restart se PC zasekl při ukládání nastavení.Restart se nekonal.Co teď,mám ho vypnout natvrdo?

[kocour34]

Jsem tu teď přes mobil.

[jaro3]

aha.

Koukni jestli není log zde:
C:\Combofix.txt

ten soubor si testoval?

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2304157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

[kocour34]

Spustil jsem jen COMBOFIX pomocí toho scriptu,program našel update,dál jsem povolit a pak sám ten program začal hledat škodlivé soubory,skákalo to tam po fázích a po sléze sám odstranil IObit tollbar atd.A pak se pokusil o restart,ale nezdařil se zůstalo tohle.Jinak jsem program nechal po celou dobu volně běžet,nic jsem nemačkal.A teď je PC v tomto stavu.Mám ho vypnout a zapnout?

Foto z mobilu

[kocour34]

Jdu ho vypnout natvrdo.snad naběhne.

[jaro3]

Můžeš zkusit několikrát restart , kdyby to nešlo , když to nepůjde:

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

Spíš se vyplatí většinou nechat ještě déle pracovat Combofix , zvláště při ukládání logu to může trvat hodně dlouho..

[kocour34]

hurá,podařilo se mi vypnout a znovu nastartovat PC a Combo udělal log.
ComboFix 10-12-30.01 - Pc 30.12.2010 21:10:12.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1235 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pc\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pc\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Pc\Data aplikací\Search Settings
c:\program files\Ask.com
c:\program files\IObit Toolbar
c:\program files\IObit Toolbar\FF\chrome.manifest
c:\program files\IObit Toolbar\FF\chrome\content\chevron.js
c:\program files\IObit Toolbar\FF\chrome\content\chevron.xul
c:\program files\IObit Toolbar\FF\chrome\content\login.js
c:\program files\IObit Toolbar\FF\chrome\content\login.xul
c:\program files\IObit Toolbar\FF\chrome\content\parser.js
c:\program files\IObit Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\IObit Toolbar\FF\chrome\content\searchbox.js
c:\program files\IObit Toolbar\FF\chrome\content\searchbox.xul
c:\program files\IObit Toolbar\FF\chrome\content\utils.js
c:\program files\IObit Toolbar\FF\chrome\content\widgicomm.js
c:\program files\IObit Toolbar\FF\chrome\content\widgihandling.js
c:\program files\IObit Toolbar\FF\chrome\content\widgichevron.js
c:\program files\IObit Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\IObit Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\IObit Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\IObit Toolbar\FF\chrome\content\widgiui.js
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\IObit Toolbar\FF\chrome\skin\amazon.gif
c:\program files\IObit Toolbar\FF\chrome\skin\ebay.gif
c:\program files\IObit Toolbar\FF\chrome\skin\chevron.gif
c:\program files\IObit Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\IObit Toolbar\FF\chrome\skin\iobit_logo.gif
c:\program files\IObit Toolbar\FF\chrome\skin\iobit_logo_hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-button.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\IObit Toolbar\FF\chrome\skin\searchbox.css
c:\program files\IObit Toolbar\FF\chrome\skin\security.gif
c:\program files\IObit Toolbar\FF\chrome\skin\splitter.gif
c:\program files\IObit Toolbar\FF\chrome\skin\system.gif
c:\program files\IObit Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\IObit Toolbar\FF\install.rdf
c:\program files\IObit Toolbar\IE\4.1\config.ini
c:\program files\IObit Toolbar\Res\amazon.gif
c:\program files\IObit Toolbar\Res\ebay.gif
c:\program files\IObit Toolbar\Res\icon_settings.gif
c:\program files\IObit Toolbar\Res\iobit_logo.gif
c:\program files\IObit Toolbar\Res\iobit_logo_hover.gif
c:\program files\IObit Toolbar\Res\search-button-hover.gif
c:\program files\IObit Toolbar\Res\search-button.gif
c:\program files\IObit Toolbar\Res\search-chevron-hover.gif
c:\program files\IObit Toolbar\Res\search-chevron.gif
c:\program files\IObit Toolbar\Res\search_amazon.gif
c:\program files\IObit Toolbar\Res\search_ebay.gif
c:\program files\IObit Toolbar\Res\search_yahoo.gif
c:\program files\IObit Toolbar\Res\security.gif
c:\program files\IObit Toolbar\Res\system.gif
c:\program files\IObit Toolbar\Res\widgets.xml

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_PE3APRWB
-------\Legacy_PS7APRWB
-------\Service_pe3aprwb
-------\Service_ps7aprwb


((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-30 )))))))))))))))))))))))))))))))
.

2010-12-30 21:36 . 2010-12-30 21:36 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Search Settings
2010-12-30 15:39 . 2010-12-30 15:40 -------- d-----w- c:\documents and settings\Pc\KBCertifikat
2010-12-30 14:36 . 2010-12-30 15:28 -------- d-----w- c:\documents and settings\Pc\kbpki
2010-12-29 22:33 . 2010-12-29 22:33 -------- d-----w- c:\documents and settings\Pc\Data aplikací\GRETECH
2010-12-29 22:26 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-29 22:26 . 2010-12-29 22:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-29 22:26 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-29 22:11 . 2010-12-29 22:11 -------- d-----w- c:\program files\CCleaner
2010-12-29 21:50 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-12-29 21:21 . 2008-04-14 07:52 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-12-29 21:21 . 2008-04-14 07:52 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-12-29 21:21 . 2001-10-24 11:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-12-29 21:21 . 2001-10-24 11:25 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-12-29 21:21 . 2001-10-24 11:25 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-12-29 21:21 . 2001-08-18 05:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-12-29 21:21 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-12-29 21:19 . 2008-04-13 21:04 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys
2010-12-29 21:18 . 2001-08-17 20:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2010-12-29 21:17 . 2001-10-24 11:25 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-12-29 21:16 . 2001-08-17 21:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-12-29 21:15 . 2001-08-17 20:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2010-12-29 21:14 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2010-12-29 21:13 . 2001-10-24 11:25 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2010-12-29 21:12 . 2001-07-21 21:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-12-29 21:11 . 2001-10-24 11:24 245632 -c--a-w- c:\windows\system32\dllcache\s3savmx.dll
2010-12-29 21:10 . 2001-10-24 11:25 9728 -c--a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-12-29 21:09 . 2001-10-24 11:25 35328 -c--a-w- c:\windows\system32\dllcache\psisload.dll
2010-12-29 21:08 . 2001-08-17 19:11 29769 -c--a-w- c:\windows\system32\dllcache\pcntn5m.sys
2010-12-29 21:07 . 2001-08-17 19:12 27209 -c--a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-12-29 21:06 . 2001-10-24 11:24 60480 -c--a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-12-29 21:05 . 2008-04-14 12:00 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-12-29 21:04 . 2001-10-24 11:23 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2010-12-29 21:03 . 2001-10-24 10:46 26442 -c--a-w- c:\windows\system32\dllcache\lanepic5.sys
2010-12-29 21:02 . 2001-08-17 19:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2010-12-29 21:01 . 2001-08-17 21:05 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2010-12-29 21:00 . 2001-08-17 20:28 542879 -c--a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-12-29 20:59 . 2001-10-24 11:24 83968 -c--a-w- c:\windows\system32\dllcache\hpgt21.dll
2010-12-29 20:58 . 2001-08-17 19:14 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-12-29 20:58 . 2001-08-17 19:14 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2010-12-29 20:58 . 2008-04-13 21:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-12-29 20:56 . 2001-08-17 19:19 40704 -c--a-w- c:\windows\system32\dllcache\es1371mp.sys
2010-12-29 20:55 . 2008-04-14 12:00 20192 -c--a-w- c:\windows\system32\dllcache\dpti2o.sys
2010-12-29 20:54 . 2001-08-17 19:12 63208 -c--a-w- c:\windows\system32\dllcache\dc21x4.sys
2010-12-29 20:53 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-12-29 20:52 . 2001-10-24 10:49 39552 -c--a-w- c:\windows\system32\dllcache\brparwdm.sys
2010-12-29 20:51 . 2001-08-17 19:49 46464 -c--a-w- c:\windows\system32\dllcache\atibt829.sys
2010-12-29 20:50 . 2001-10-24 11:24 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-12-29 13:07 . 2010-12-29 13:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\TS3Client
2010-12-29 11:59 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2010-12-29 11:59 . 2010-11-11 12:27 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-12-29 11:59 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-12-29 11:59 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2010-12-29 11:59 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2010-12-29 11:59 . 2010-12-29 13:12 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-12-29 11:57 . 2010-12-29 11:57 -------- d-----w- c:\program files\Conduit
2010-12-29 11:47 . 2010-12-29 16:09 -------- d-----w- c:\program files\Xfire
2010-12-29 11:35 . 2010-12-29 11:40 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Ventrilo
2010-12-29 11:35 . 2010-12-29 11:35 -------- d-----w- c:\program files\Ventrilo
2010-12-29 11:34 . 2010-12-29 11:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-12-29 10:43 . 2010-12-29 10:47 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Registry Mechanic
2010-12-29 10:41 . 2010-12-29 10:41 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2010-12-29 10:41 . 2010-12-29 23:20 -------- d-----w- c:\program files\Application Updater
2010-12-29 10:41 . 2010-12-29 10:41 -------- d-----w- c:\program files\Common Files\Spigot
2010-12-29 10:41 . 2010-12-29 20:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2010-12-29 10:39 . 2010-12-29 10:47 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-29 10:32 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2010-12-29 10:32 . 2010-11-26 17:02 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2010-12-23 14:37 . 1999-01-10 10:00 3584 ----a-w- c:\windows\system32\drivers\DLPortIO.sys
2010-12-23 14:36 . 2010-12-23 14:37 -------- d-----w- c:\program files\Radiator
2010-12-21 23:42 . 2010-12-21 23:42 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\AskToolbar
2010-12-18 14:08 . 2010-12-18 14:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Navigator
2010-12-18 00:13 . 2010-12-18 00:13 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Navigator OSM
2010-12-18 00:04 . 2010-12-18 00:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MapFactor
2010-12-18 00:03 . 2010-12-18 00:03 -------- d-----w- c:\windows\ie8updates
2010-12-17 23:28 . 2010-12-18 00:02 -------- d--h--w- c:\windows\$hf_mig$
2010-12-15 13:58 . 2010-12-15 13:58 -------- d-----w- c:\documents and settings\Pc\DoctorWeb
2010-12-14 01:11 . 2010-12-14 01:11 98304 ----a-w- c:\windows\system32\qttask.exe
2010-12-14 01:11 . 2004-11-09 01:43 139305 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2010-12-14 01:11 . 2004-11-09 01:43 81967 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2010-12-14 01:11 . 2004-11-08 19:01 106496 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2010-12-14 01:11 . 2004-11-08 19:01 106496 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2010-12-14 01:11 . 2004-11-08 19:01 106496 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2010-12-14 01:11 . 2004-11-08 19:01 106496 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2010-12-14 01:11 . 2004-11-08 19:01 106496 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2010-12-14 01:11 . 2004-11-08 19:01 106496 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2010-12-14 01:11 . 2004-11-08 19:01 106496 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2010-12-14 01:11 . 2003-01-13 15:08 499712 ----a-w- c:\program files\Mozilla Firefox\plugins\npjp2.dll
2010-12-13 00:49 . 2010-12-14 01:11 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2010-12-12 19:36 . 2010-12-12 19:36 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Navigator
2010-12-12 19:30 . 2010-12-12 19:30 -------- d-----w- c:\program files\Navigator9
2010-12-12 19:17 . 2010-12-12 19:17 -------- d-----w- C:\Automapa
2010-12-09 16:20 . 2010-12-09 16:20 -------- d-----w- c:\program files\Trymedia
2010-12-09 16:16 . 2010-12-15 12:51 -------- d-----w- c:\program files\Singles
2010-12-08 23:57 . 2010-12-08 23:57 -------- d-----w- c:\program files\Electronic Arts
2010-12-08 20:31 . 2010-12-08 20:32 -------- d-----w- C:\Q2Demo
2010-12-08 20:05 . 2010-12-08 20:05 -------- d-----w- c:\program files\EA GAMES
2010-12-08 17:14 . 2010-12-30 18:17 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Free Download Manager
2010-12-08 17:14 . 2010-12-08 17:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FreeDownloadManager.ORG
2010-12-08 17:14 . 2010-12-08 17:15 -------- d-----w- c:\program files\Free Download Manager
2010-12-07 21:19 . 1995-11-03 17:31 638464 ----a-w- c:\windows\system32\OC30.DLL
2010-12-07 21:19 . 2010-12-07 22:56 -------- d-----w- c:\program files\Mplayer
2010-12-07 21:16 . 1998-07-30 11:51 305152 ----a-w- c:\windows\IsUninst.exe
2010-12-07 21:14 . 2010-12-08 20:29 -------- d-----w- c:\windows\DESKTOP
2010-12-07 13:44 . 2010-12-07 14:55 -------- d-----w- c:\program files\Legie
2010-12-01 08:40 . 2010-12-01 08:42 -------- d-----w- c:\program files\Valve
2010-12-01 08:40 . 2010-12-29 11:59 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-12-01 08:40 . 2010-12-01 08:40 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2010-12-01 08:40 . 2010-12-01 08:40 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2010-12-01 08:40 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2010-12-01 08:40 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2010-12-01 08:40 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2010-12-01 08:40 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2010-12-01 08:40 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-30 16:06 . 2010-09-07 13:17 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-21 16:56 . 2010-11-21 16:56 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-21 16:56 . 2010-11-21 16:56 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-21 16:56 . 2010-11-21 16:56 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-21 16:56 . 2010-11-21 16:56 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-20 13:12 . 2010-09-15 15:46 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-20 13:12 . 2010-09-15 15:46 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-18 18:15 . 2010-09-07 11:35 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2010-09-07 13:17 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-13 17:19 . 2010-09-25 12:39 152904 ----a-w- c:\windows\system32\vghd.scr
2010-11-06 00:23 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 17:15 . 2010-09-07 13:17 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2010-09-07 13:17 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2010-09-07 13:17 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2010-09-07 13:17 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2010-09-07 13:17 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2010-09-07 13:17 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2010-09-07 13:17 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2010-09-07 13:17 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2010-09-07 13:17 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:25 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-30 06:09 . 2010-10-30 06:09 675840 ----a-w- c:\windows\system32\yowindow.scr
2010-10-28 13:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2010-09-07 13:16 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:58 . 2008-04-14 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-19 20:51 . 2010-09-15 18:27 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-11 06:46 . 2010-10-06 18:32 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2010-10-03 13:30 . 2010-10-03 13:30 22016 ----a-w- c:\windows\system32\prospeed_bmp2jpg.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-12-16 2402512]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-07-21 198864]
"FreeApp"="c:\program files\FreeApps\FreeApps.exe" [2010-12-29 814496]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 16862600]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-05 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2010-11-18 524288]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-16 19722344]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-09-27 12:49 87424 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^DesktopVideoPlayer.LNK]
backup=c:\windows\pss\DesktopVideoPlayer.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Pc^Nabídka Start^Programy^Po spuštění^YoWindow.lnk]
backup=c:\windows\pss\YoWindow.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-12-16 15:19 2402512 ----a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGEIA PhysX SysTray]
2007-07-23 07:05 345640 ----a-w- c:\program files\AGEIA Technologies\bin\TrayIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKHOTKEY]
2007-07-12 08:25 225280 ----a-w- c:\program files\ATK Hotkey\HControl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2006-11-02 06:27 61440 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2007-10-17 17:04 7737344 ----a-w- c:\program files\ATKOSD2\ATKOSD2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeskMateAutoUpdate]
2010-09-26 12:18 25896 ----a-w- c:\progra~1\DESKMA~1\DeskMateAutoUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2010-04-28 22:28 3727411 ----a-w- c:\program files\Free Download Manager\fdm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]
2006-10-14 15:37 110592 ----a-w- c:\windows\ATK0100\HControl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-10-27 12:20 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-12-14 01:11 98304 ----a-w- c:\windows\system32\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-11-16 19:34 19722344 ----a-w- c:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
2010-10-07 13:55 488728 ----a-w- c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-12-03 15:46 16862600 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-11-03 17:15 1833576 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-19 00:05 1242448 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-10-05 16:36 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2]
2007-07-05 14:53 1040384 ----a-w- c:\program files\Wireless Console 2\wcourier.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\vghd\\vghd.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms EU\\Engine.exe"=
"c:\\Nexon\\Combat Arms EU\\NMService.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Microsoft Games\\MechCommander2\\Mc2Rel.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\ProgDVB\\ProgDvbNet.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [29.12.2010 11:32 14776]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.9.2010 18:14 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.9.2010 18:14 17744]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPortIO.sys [23.12.2010 15:37 3584]
R2 ProgDVBService;ProgDVB Scheduler Service;c:\program files\ProgDVB\ProgDvbService.exe [20.11.2010 19:57 11504]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.9.2010 2:12 27632]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10.9.2010 19:33 136176]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [29.12.2010 21:11 312152]
S2 RadPciNT;RadPciNT;c:\windows\system32\drivers\RadPciNT.sys [24.4.2000 17:26 9417]
S3 Aken;Aken;c:\documents and settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys [17.6.2007 11:29 3712]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.12.2010 12:59 1691480]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [5.11.2010 15:34 16512]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.9.2010 2:12 13224]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [11.9.2010 15:25 384752]
S3 WefiEngSvc;WeFi Engine Service;c:\program files\WeFi\WefiEngSvc.exe [25.7.2010 16:14 120152]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'

2010-12-30 c:\windows\Tasks\Game_Booster_Startup.job
- c:\program files\IObit\Game Booster\GameBox.exe [2010-12-29 18:08]

2010-12-30 c:\windows\Tasks\SmartDefrag_Auto.job
- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2010-12-29 21:08]

2010-12-30 c:\windows\Tasks\User_Feed_Synchronization-{93131EC4-D85E-4024-BF00-A9B5F7103EF3}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {{CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\program files\Crawler\SSaver\CSSaver.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
TCP: {6669472D-419A-407C-9F8D-0C3BD382DC2B} = 160.218.43.200 194.228.211.33
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://cs.start3.mozilla.com/firefox?cl ... s:official
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =382950&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - c:\program files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: FoxLingo: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} - %profile%\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Silvermel and Charamel XT: silvermelxt@pardal.de - %profile%\extensions\silvermelxt@pardal.de
FF - Ext: Silvermel: silvermel@pardal.de - %profile%\extensions\silvermel@pardal.de
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-30 22:36
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll

- - - - - - - > 'explorer.exe'(3316)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-12-30 22:40:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-30 21:40
ComboFix2.txt 2010-12-30 18:29

Před spuštěním: Volných bajtů: 167 348 121 600
Po spuštění: Volných bajtů: 167 335 600 128

- - End Of File - - 21F8566133B1DD8BAA399ADD784728C7

[kocour34]

VT Společenství Přihlásit se ▼ Můj účet ▼ Odhlásit se Odhlášení ... Jazyky ▼
VirusTotal stránkách změnilo, potřebujeme nové překlady, máte pocit, že pomáhá komunitě?
info@virustotal.com
Přihlaste se do VT Společenství

Hodnocení bezpečnosti a komentáře uživatelů (dezinfekce, in-the-wild místech, reverzní inženýrství zprávy, atd.) o malware a adres URL, volné a snadné.
e-mail
heslo
Zachovat přihlášení

Přihlásit se
Přihlášení, čekejte prosím ...
Přihlášení se nezdařilo, zkuste to prosím znovu
Zapomněli jste heslo? Vytvořit účet
Upravit můj profil
Zobrazit můj profil
Doručená pošta
Virus Total
VirusTotal je služba, která analyzuje podezřelé soubory a URL a usnadňuje rychlou detekci virů, červů, trojanů a všechny druhy malware, pomocí detekčního jádra mnoha antivirů. Více informací ...
0 VT Společenství uživatel (ů) s celkem 0 pověsti úvěru (y), tj. (y) v tomto příkladu je goodware. 0 VT Společenství uživatel (ů) s celkem 0 pověsti úvěru (y), tj. (y) v tomto příkladu je malware.
Název souboru:
prospeed_bmp2jpg.dll
Datum podání:
2010-12-30 21:58:44 (UTC)
Současný stav:
ve frontě ve frontě analyzování skončil
Výsledek:
1/ 39 (2.6%)

VT Společenství

není přezkoumána
Bezpečnost hostů: -
Kompaktní
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2010.12.31.00 2010.12.30 -
AntiVir 7.11.0.241 2010.12.30 -
Antiy-AVL 2.0.3.7 2010.12.30 -
Avast 4.8.1351.0 2010.12.30 -
Avast5 5.0.677.0 2010.12.30 -
BitDefender 7.2 2010.12.30 -
CAT-QuickHeal 11.00 2010.12.30 -
ClamAV 0.96.4.0 2010.12.30 -
Command 5.2.11.5 2010.12.30 -
Comodo 7236 2010.12.30 -
Emsisoft 5.1.0.1 2010.12.30 -
eTrust-Vet 36.1.8072 2010.12.30 -
F-Prot 4.6.2.117 2010.12.30 -
F-Secure 9.0.16160.0 2010.12.30 -
Fortinet 4.2.254.0 2010.12.30 -
GData 21 2010.12.30 -
Ikarus T3.1.1.90.0 2010.12.30 -
Jiangmin 13.0.900 2010.12.30 -
K7AntiVirus 9.75.3397 2010.12.30 -
Kaspersky 7.0.0.125 2010.12.30 -
McAfee 5.400.0.1158 2010.12.30 -
McAfee-GW-Edition 2010.1C 2010.12.30 -
Microsoft 1.6402 2010.12.30 -
NOD32 5747 2010.12.30 -
Norman 6.06.12 2010.12.30 -
nProtect 2010-12-30.01 2010.12.30 -
Panda 10.0.2.7 2010.12.30 -
PCTools 7.0.3.5 2010.12.30 -
Prevx 3.0 2010.12.30 -
Rising 22.80.03.04 2010.12.30 -
Sophos 4.60.0 2010.12.30 -
SUPERAntiSpyware 4.40.0.1006 2010.12.30 -
TheHacker 6.7.0.1.109 2010.12.30 -
TrendMicro 9.120.0.1004 2010.12.30 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.12.30 -
VBA32 3.12.14.2 2010.12.30 -
VIPRE 7888 2010.12.30 -
ViRobot 2010.12.30.4229 2010.12.30 -
VirusBuster 13.6.121.0 2010.12.30 -
Dodatečné informace
Zobrazit všechny
MD5 : efff4a341903ec194fe203ea347abb98
SHA1 : bda5379a983b6a931c8c2617a2b103da1fd2db16
SHA256: 46f2dff65264b7a7cd90b625d1a1330e2b6ae4ad2e618a54d8986d91bf1c51a5
ssdeep: 384:24nl2ttIAffji3zDbDd9ZrscxrinshwH4QaSaSOkE+caXf4GplQn7U//b:Bl2tdsvfjZrxx
rGhhaSPE+cE4Gj4U/T
File size : 22016 bytes
First seen: 2008-10-26 18:23:41
Last seen : 2010-12-30 21:58:44
TrID:
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): UPX
packers (Kaspersky): UPX
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x10F30
timedatestamp....: 0x3FE549F4 (Sun Dec 21 07:21:24 2003)
machinetype......: 0x14c (I386)

[[ 3 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
UPX0, 0x1000, 0xB000, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
UPX1, 0xC000, 0x6000, 0x5200, 7.86, a293d9bf811e3e8349c096b8e4d0c5ae
UPX2, 0x12000, 0x1000, 0x200, 3.09, 3bb0f186221a986dfd5212543e8dad27

[[ 4 import(s) ]]
KERNEL32.DLL: LoadLibraryA, GetProcAddress
CRTDLL.DLL: _iob
GDI32.DLL: BitBlt
USER32.DLL: GetDC

[[ 3 export(s) ]]
Bmp2Jpg, DLLEntryPoint, Dib2Jpg
ExifTool:
file metadata
CodeSize: 24576
EntryPoint: 0x10f30
FileSize: 22 kB
FileType: Win32 DLL
ImageVersion: 0.0
InitializedDataSize: 4096
LinkerVersion: 2.55
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 1.0
PEType: PE32
Subsystem: Windows command line
SubsystemVersion: 4.0
TimeStamp: 2003:12:21 08:21:24+01:00
UninitializedDataSize: 45056

VT Společenství

0

Tento soubor nebyl nikdy přezkoumána kteréhokoliv člena VT Společenství. Buďte první, kdo komentář na to!

VirusTotal týmu
Přidejte svůj komentář ... Pamatujte si, že když píšete komentáře jako anonymní uživatel obdrží nejnižší možnou pověst. Takže pokud jste nepodepsal v ještě nezapomeňte tak učinit. Jak značkování vaše komentáře?
Můžete přidat základní styly na vaše komentáře pomocí následujícího přijímány BBcode tagy:

[B] text [/ b] - tučné
[I] text [/ i] - kurzíva
[U] text [/ u] - podtržení
[S] text [/ s] - přeškrtnutí
[Code] text [/ code] - pevně formátovaný text

Můžete také řešit připomínky k jednotlivým uživatelům pomocí "@" Twitter-jako režim. Prepending "#" symbol ke slovu můžete přidat vlastní značky na váš komentář, tagy, které pak mohou být vyhledány.

Goodware
Malware
Spam přílohu / link

P2P stahování
Rozmnožovacího přes IM
Síťových červů

Drive-by-download


Anonymní překročen limit: anonymní uživatelé mohou pouze jednu poznámku na soubor nebo URL, a to buď přihlaste se nebo se zaregistrujte, aby i nadále dělat recenze na tuto položku. Všimněte si, že anonymní uživatel diskriminací je založen na IP adresy, tudíž to může být možné , že jiný uživatel za své stejný proxy nebo NAT spojení již přezkumu.
Náhled komentář Upravit komentář
Přidat komentář
Vysílání komentář ...
Komentář úspěšně odesláno




POZOR: VirusTotal je bezplatná služba nabízená Hispasec Sistemas. Neexistují žádné záruky týkající se dostupnosti a kontinuity této služby. Ačkoli detekce, které nabízí použití několika antivirových jader je daleko vyšší, než nabízejí jen jeden produkt, Tyto výsledky nejsou zárukou neškodnosti souboru. V současné době není žádné řešení, které nabízí 100% účinnost sazba pro detekci virů a malware.
VirusTotal © Hispasec Sistemas - Blog - Cvrlikání - Kontakt: info@virustotal.com - Podmínky poskytování služeb a ochrana soukromí

[jaro3]

Ta hra Legie byla origoš?

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat.

Pak:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\prospeed_bmp2jpg.dll

Folder::
c:\documents and settings\Pc\Data aplikací\Search Settings

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT


Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[kocour34]

OTL logfile created on: 30.12.2010 23:13:03 - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\Pc\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 155,78 Gb Free Space | 66,89% Space Free | Partition Type: NTFS
Drive E: | 1,88 Gb Total Space | 1,88 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: PC-E44D31AD3906 | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Documents and Settings\Pc\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ProgDVB\ProgDvbService.exe ()
PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
PRC - C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
PRC - C:\WINDOWS\system32\msfeedssync.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Pc\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (ProgDVBService) -- C:\Program Files\ProgDVB\ProgDvbService.exe ()
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (WefiEngSvc) -- C:\Program Files\WeFi\WefiEngSvc.exe (WeFi)
SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (smserial) -- C:\WINDOWS\System32\DRIVERS\smserial.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (SmartDefragDriver) -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys ()
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (SRS_HDAL_Service) -- C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys ()
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (AtcL002) -- C:\WINDOWS\system32\drivers\l251x86.sys (Atheros Communications, Inc.)
DRV - (Aken) -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys ()
DRV - (tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (TosRfSnd) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (RTSTOR) -- C:\WINDOWS\system32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (ASPI) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (RadPciNT) -- C:\WINDOWS\system32\drivers\RadPciNT.sys (MediaForte Products Pte. Ltd.)
DRV - (DLPortIO) -- C:\WINDOWS\system32\drivers\DLPortIO.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.cz/
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.09.12 16:14:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010.09.09 18:28:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.18 14:35:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.18 14:38:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.10.31 23:24:30 | 000,000,000 | ---D | M]

[2010.10.31 23:24:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Extensions
[2010.10.31 23:24:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.09.15 19:10:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.12.30 20:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions
[2010.12.21 22:00:03 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010.12.21 22:00:08 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.11.25 20:19:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.19 22:25:20 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.12.29 12:57:43 | 000,000,000 | ---D | M] (XfireXO) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.11.25 20:39:56 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.12.21 22:00:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.19 22:25:17 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.12.21 22:00:07 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2010.11.25 20:39:56 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010.11.19 22:55:21 | 000,000,000 | ---D | M] (LavaFox V1) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\info@djzig.com
[2010.12.21 21:59:58 | 000,000,000 | ---D | M] (Silvermel) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\silvermel@pardal.de
[2010.12.21 22:00:03 | 000,000,000 | ---D | M] (Silvermel and Charamel XT) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\silvermelxt@pardal.de
[2010.11.19 14:59:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions
[2010.11.08 21:12:51 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.10.20 11:47:26 | 000,000,000 | ---D | M] (Reader) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}
[2010.10.14 23:39:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.20 17:57:28 | 000,000,000 | ---D | M] (Oskar) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2010.10.15 13:00:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.10.20 11:03:59 | 000,000,000 | ---D | M] (Toggle Web Developer Toolbar) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
[2010.11.05 17:49:31 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.17 20:59:14 | 000,000,000 | ---D | M] ("Yoono") -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}
[2010.11.14 15:57:25 | 000,000,000 | ---D | M] (Theme Font Size Changer) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}
[2010.10.15 00:43:06 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010.10.29 11:17:56 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\personas@christopher.beard
[2010.10.14 23:39:04 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\quickstores@quickstores.de
[2010.12.30 20:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.18 14:35:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.11.14 15:51:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.11.19 21:37:41 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.12.18 14:35:32 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.12.18 14:35:32 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2003.01.13 16:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\Mozilla Firefox\plugins\npjp2.dll
[2009.06.25 13:20:28 | 001,446,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2010.12.18 14:35:34 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.11.06 11:37:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2004.11.09 02:43:08 | 000,139,305 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2004.11.08 20:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2004.11.08 20:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2004.11.08 20:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2004.11.08 20:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2004.11.08 20:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2004.11.08 20:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2004.11.08 20:01:50 | 000,106,496 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2004.11.09 02:43:04 | 000,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2006.08.09 11:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.04.13 20:24:08 | 000,002,046 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\firmycz.xml
[2010.04.13 20:24:30 | 000,002,041 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mapycz.xml
[2010.04.13 20:24:42 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.10.22 15:49:06 | 000,000,846 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
[2010.04.13 20:24:54 | 000,002,207 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zbocz.xml

O1 HOSTS File: ([2010.12.30 22:36:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [FreeApp] C:\Program Files\FreeApps\FreeApps.exe (VTools)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Crawler Screensaver - {CDAFD956-97BE-443D-8EF7-F4F094EB5766} - C:\Program Files\Crawler\SSaver\CSSaver.exe (Crawler.com)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.12 20:17:03 | 000,000,000 | ---D | M] - C:\Automapa -- [ NTFS ]
O32 - AutoRun File - [2010.12.12 20:20:05 | 000,012,264 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SmartDefragBootTime.exe) - C:\WINDOWS\System32\SmartDefragBootTime.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.12.30 23:04:45 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pc\Plocha\OTL.exe
[2010.12.30 22:36:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\Search Settings
[2010.12.30 21:14:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.12.30 19:18:26 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.12.30 19:18:26 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.12.30 19:18:26 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.12.30 19:18:26 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.12.30 19:18:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.12.30 19:18:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.12.30 16:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\KBCertifikat
[2010.12.30 15:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\kbpki
[2010.12.30 00:42:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\WinRAR
[2010.12.29 23:33:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\GRETECH
[2010.12.29 23:26:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.29 23:26:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.29 23:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.12.29 23:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.29 22:50:31 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2010.12.29 22:21:25 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010.12.29 22:21:21 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010.12.29 22:21:12 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010.12.29 22:21:06 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010.12.29 22:21:00 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010.12.29 22:20:59 | 000,019,455 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010.12.29 22:20:57 | 000,012,063 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010.12.29 22:20:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010.12.29 22:20:46 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2010.12.29 22:20:40 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010.12.29 22:20:36 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010.12.29 22:20:26 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010.12.29 22:20:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010.12.29 22:20:15 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010.12.29 22:20:08 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010.12.29 22:20:08 | 000,023,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010.12.29 22:20:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010.12.29 22:20:03 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010.12.29 22:20:01 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv10nt.sys
[2010.12.29 22:20:00 | 000,033,599 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010.12.29 22:20:00 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv06nt.sys
[2010.12.29 22:19:59 | 000,019,551 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010.12.29 22:19:57 | 000,029,311 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010.12.29 22:19:56 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv11nt.sys
[2010.12.29 22:19:56 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv09nt.sys
[2010.12.29 22:19:55 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv08nt.sys
[2010.12.29 22:19:54 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv07nt.sys
[2010.12.29 22:19:53 | 000,012,127 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010.12.29 22:19:53 | 000,011,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010.12.29 22:19:52 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2010.12.29 22:19:52 | 000,012,415 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010.12.29 22:19:47 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010.12.29 22:19:44 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010.12.29 22:19:39 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010.12.29 22:19:33 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010.12.29 22:19:29 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010.12.29 22:19:24 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010.12.29 22:19:20 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010.12.29 22:19:15 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010.12.29 22:19:14 | 000,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaagp.sys
[2010.12.29 22:19:14 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2010.12.29 22:19:12 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\vchnt5.dll
[2010.12.29 22:19:08 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010.12.29 22:19:04 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010.12.29 22:19:00 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010.12.29 22:18:55 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010.12.29 22:18:50 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010.12.29 22:18:47 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010.12.29 22:18:43 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010.12.29 22:18:39 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010.12.29 22:18:38 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2010.12.29 22:18:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2010.12.29 22:18:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010.12.29 22:18:35 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010.12.29 22:18:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2010.12.29 22:18:34 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010.12.29 22:18:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010.12.29 22:18:21 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010.12.29 22:18:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010.12.29 22:18:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010.12.29 22:18:11 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010.12.29 22:18:06 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010.12.29 22:18:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010.12.29 22:17:58 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010.12.29 22:17:54 | 000,212,480 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010.12.29 22:17:50 | 000,216,576 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010.12.29 22:17:50 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010.12.29 22:17:49 | 000,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uagp35.sys
[2010.12.29 22:17:44 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010.12.29 22:17:37 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010.12.29 22:17:34 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010.12.29 22:17:30 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010.12.29 22:17:27 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010.12.29 22:17:22 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010.12.29 22:17:16 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010.12.29 22:17:13 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010.12.29 22:17:09 | 000,043,008 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010.12.29 22:17:08 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010.12.29 22:17:05 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010.12.29 22:17:04 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010.12.29 22:16:59 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010.12.29 22:16:55 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010.12.29 22:16:51 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010.12.29 22:16:46 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010.12.29 22:16:41 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010.12.29 22:16:36 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010.12.29 22:16:36 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010.12.29 22:16:31 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010.12.29 22:16:27 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010.12.29 22:16:21 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010.12.29 22:16:17 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010.12.29 22:16:13 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010.12.29 22:16:09 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010.12.29 22:16:07 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010.12.29 22:16:07 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010.12.29 22:16:07 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010.12.29 22:16:06 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010.12.29 22:16:02 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010.12.29 22:15:58 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010.12.29 22:15:55 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010.12.29 22:15:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010.12.29 22:15:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010.12.29 22:15:44 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010.12.29 22:15:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010.12.29 22:15:36 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010.12.29 22:15:33 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010.12.29 22:15:30 | 000,285,792 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010.12.29 22:15:25 | 000,017,024 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010.12.29 22:15:20 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010.12.29 22:15:16 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010.12.29 22:15:10 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010.12.29 22:15:06 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010.12.29 22:15:03 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010.12.29 22:15:02 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010.12.29 22:14:58 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010.12.29 22:14:54 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010.12.29 22:14:50 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010.12.29 22:14:46 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010.12.29 22:14:43 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010.12.29 22:14:43 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010.12.29 22:14:39 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010.12.29 22:14:30 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010.12.29 22:14:26 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010.12.29 22:14:21 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010.12.29 22:14:17 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010.12.29 22:14:14 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys