Prosím o kontrolu logu Vyřešeno

[rangar009]

DelFix:
# DelFix v10.6 - Logfile created 11/01/2014 at 19:12:07
# Updated 11/11/2013 by Xplode
# Username : Dominik CZ - DOMINIK
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\Dominik CZ\Dokumenty\Downloads\adwcleaner.exe
Deleted : C:\Documents and Settings\Dominik CZ\Dokumenty\Downloads\JRT.exe
Deleted : C:\Documents and Settings\Dominik CZ\Dokumenty\Downloads\HiJackThis.exe
Deleted : C:\Documents and Settings\Dominik CZ\Dokumenty\Downloads\hijackthis.log
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #116 [Removed 4S4Vendeta | 12/29/2013 23:48:36]
Deleted : RP #117 [??????? Counter-Strike 1.6 | 12/30/2013 00:23:13]
Deleted : RP #118 [Removed Microsoft Office Enterprise 2007 | 12/30/2013 00:24:24]
Deleted : RP #119 [Software Distribution Service 3.0 | 12/30/2013 00:34:18]
Deleted : RP #120 [Software Distribution Service 3.0 | 12/30/2013 01:34:27]
Deleted : RP #121 [Kontrolní bod systému | 12/31/2013 14:52:36]
Deleted : RP #122 [??????????? Counter-Strike 1.6 | 01/02/2014 22:33:09]
Deleted : RP #123 [Kontrolní bod systému | 01/03/2014 23:03:29]
Deleted : RP #124 [Kontrolní bod systému | 01/05/2014 15:57:47]
Deleted : RP #125 [Kontrolní bod systému | 01/07/2014 07:48:21]
Deleted : RP #126 [Removed Steam | 01/08/2014 18:32:55]
Deleted : RP #127 [Installed Steam | 01/08/2014 18:36:39]
Deleted : RP #128 [Driver Booster : Broadcom NetXtreme 57xx Gigabit Controller | 01/08/2014 20:02:56]
Deleted : RP #129 [??????????? Counter-Strike 1.6 | 01/08/2014 20:23:30]
Deleted : RP #130 [Nainstalováno %1 %2. | 01/09/2014 10:13:37]
Deleted : RP #131 [Nainstalováno %1 %2. | 01/09/2014 10:14:14]
Deleted : RP #132 [Nainstalováno Windows XP KB2492386. | 01/09/2014 10:15:53]
Deleted : RP #133 [Nainstalováno Windows XP KB2632503. | 01/09/2014 10:16:45]
Deleted : RP #134 [Nainstalováno Windows XP KB2808679. | 01/09/2014 10:23:50]
Deleted : RP #135 [Kontrolní bod systému | 01/10/2014 20:42:24]
Deleted : RP #136 [Operace obnovení | 01/11/2014 13:05:48]
Deleted : RP #137 [Spyware Terminator 2012 (11.1.2014 16:19:22) | 01/11/2014 15:19:27]

New restore point created !

########## - EOF - ##########

[Reklama]

[Damned]

Měl by být ve složce "log" ve složce MbAM. Pak dál pokračuj Combofixem

[rangar009]

ComboFix:
ComboFix 14-01-08.03 - Dominik CZ 11.01.2014 19:25:31.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1428 [GMT 1:00]
Spuštěný z: c:\documents and settings\Dominik CZ\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-11 17:42 . 2014-01-11 17:42 -------- d-----w- c:\windows\ERUNT
2014-01-11 16:51 . 2014-01-11 16:51 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Malwarebytes
2014-01-11 16:50 . 2014-01-11 16:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-11 16:50 . 2014-01-11 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-01-11 16:50 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-11 15:25 . 2014-01-11 15:25 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2014-01-11 15:25 . 2014-01-11 15:25 -------- d-----w- c:\program files\IObit Apps Toolbar
2014-01-11 15:06 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2014-01-11 13:00 . 2014-01-11 13:00 -------- d-----w- c:\windows\system32\winrm
2014-01-08 20:08 . 2013-05-22 17:49 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2014-01-08 19:53 . 2014-01-11 13:00 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Apple Computer
2014-01-08 19:52 . 2013-05-22 17:49 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2014-01-08 18:36 . 2014-01-08 18:36 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2014-01-08 18:36 . 2014-01-08 18:36 -------- d-----w- c:\program files\Common Files\Steam
2014-01-08 18:36 . 2014-01-11 15:32 -------- d-----w- c:\program files\Steam
2014-01-07 13:47 . 2014-01-07 13:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2014-01-07 13:43 . 2014-01-07 13:46 -------- d-----w- C:\PhotoshopPortable
2014-01-07 10:22 . 2014-01-11 17:31 -------- d-----w- c:\program files\Shopping Suggestion
2014-01-07 10:13 . 2014-01-07 10:13 -------- d-----w- c:\documents and settings\Dominik CZ\.android
2014-01-07 10:13 . 2014-01-07 10:13 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\cache
2014-01-07 10:12 . 2014-01-07 10:23 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\genienext
2014-01-07 10:12 . 2014-01-07 10:30 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Mobogenie
2014-01-07 10:12 . 2014-01-11 17:31 -------- d-----w- c:\program files\AmiExt
2014-01-04 15:37 . 2014-01-04 15:37 -------- d-----w- c:\program files\Size
2014-01-04 15:28 . 2014-01-08 19:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\greatsuaVeer
2014-01-04 15:28 . 2014-01-11 16:42 -------- d-----w- c:\program files\greatsuaVeer
2014-01-04 15:27 . 2014-01-04 15:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Torch
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\SUPPORT_388945a0
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\HelpAssistant
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Guest
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\ASPNET
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Administrator
2014-01-04 15:26 . 2014-01-04 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InstallMate
2014-01-02 22:32 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2014-01-02 22:32 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2014-01-02 22:32 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2014-01-02 22:32 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2014-01-02 22:32 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2014-01-02 22:32 . 2014-01-02 22:32 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2014-01-02 22:32 . 2014-01-02 22:32 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2014-01-02 15:46 . 2014-01-02 15:46 -------- d-----w- c:\windows\system32\log
2014-01-02 15:46 . 2014-01-11 17:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WPM
2013-12-30 13:35 . 2013-12-30 13:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Battle.net
2013-12-30 13:33 . 2013-12-30 19:26 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2013-12-30 13:32 . 2013-12-30 13:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard Entertainment
2013-12-30 01:27 . 2013-12-30 01:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard
2013-12-28 12:42 . 2013-12-28 12:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-12-26 15:05 . 2013-12-26 15:05 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Razer
2013-12-26 15:04 . 2013-12-26 15:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Razer
2013-12-17 09:26 . 2013-12-17 09:26 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Riot Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-08 20:02 . 2013-05-30 13:12 239656 ----a-w- c:\windows\system32\drivers\b57xp32.sys
2013-12-11 15:31 . 2013-05-30 14:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 15:31 . 2013-05-30 14:40 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-10 13:29 . 2013-12-10 13:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-10 13:29 . 2013-12-10 13:30 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-11-13 03:00 . 2012-02-29 16:08 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2012-05-22 17:12 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2012-05-22 17:16 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2012-05-22 17:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2012-05-22 17:17 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 07:45 . 2012-05-22 17:17 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:45 . 2012-05-22 17:16 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 00:45 . 2012-05-22 17:17 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 08:51 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-08-28 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-09 2285344]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Dominik CZ\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.1040\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2380\\Agent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [30.5.2013 16:52 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [30.5.2013 16:52 175176]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [8.1.2014 20:52 14776]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [30.5.2013 16:52 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.5.2013 16:52 369584]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [8.1.2014 20:52 881440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.5.2013 16:52 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [30.5.2013 16:52 66336]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [6.12.2013 21:32 341824]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [31.5.2013 22:00 625304]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 4:40 19592]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [8.1.2014 20:52 2151200]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.1.2014 17:50 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys --> c:\windows\system32\Drivers\btmcom.sys [?]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys --> c:\windows\system32\Drivers\btmusb.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 12:38 22528]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 13:01 25480]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11.1.2014 17:50 22856]
S3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [30.5.2013 14:30 6609920]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PBDOWNFORCE_SERVICE;PBDOWNFORCE_SERVICE;\??\c:\docume~1\DOMINI~1\LOCALS~1\Temp\Rar$EX00.578\Final\AntiBan\PBDownforce.sys --> c:\docume~1\DOMINI~1\LOCALS~1\Temp\Rar$EX00.578\Final\AntiBan\PBDownforce.sys [?]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [6.12.2013 21:32 31776]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [6.12.2013 21:32 17360]
S4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [6.12.2013 21:32 247968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 16:04 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-30 15:31]
.
2014-01-11 c:\windows\Tasks\ASC7_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 7\Monitor.exe [2014-01-08 15:10]
.
2014-01-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-30 08:58]
.
2014-01-11 c:\windows\Tasks\Driver Booster Scan.job
- c:\program files\IObit\Driver Booster\Scheduler.exe [2014-01-08 09:48]
.
2014-01-11 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2014-01-08 10:01]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:37]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:37]
.
2014-01-11 c:\windows\Tasks\SmartDefragUpdate.job
- c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2014-01-08 17:49]
.
2014-01-11 c:\windows\Tasks\SmartDefrag_Startup.job
- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2014-01-08 17:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = 67.153.80.178:17194
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\
FF - ExtSQL: 2013-12-12 18:17; ext@bettersurfplus.com; c:\program files\BetterSurf\BetterSurfPlus\ff
FF - ExtSQL: 2013-12-16 22:26; adsremoval@adsremoval.net; c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\adsremoval@adsremoval.net
FF - ExtSQL: 2014-01-07 11:12; ext@flash-Enhancer.com; c:\program files\AmiExt\flashEnhancer\ff
FF - ExtSQL: 2014-01-07 12:22; {D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}; c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi
FF - ExtSQL: 2014-01-11 17:25; ascsurfingprotection@iobit.com; c:\documents and settings\Dominik CZ\Data aplikacĂ­\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2014-01-10 18:17; ext@VideoPlayerV3beta382.net; c:\program files\VideoPlayerV3\VideoPlayerV3beta382\ff
FF - ExtSQL: !HIDDEN! 2014-01-11 16:25; savingsslider@mybrowserbar.com; c:\documents and settings\Dominik CZ\Data aplikacĂ­\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\savingsslider@mybrowserbar.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-McAfee Security Scan - c:\program files\McAfee Security Scan\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-11 19:30
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_64_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_64_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-01-11 19:32:29
ComboFix-quarantined-files.txt 2014-01-11 18:32
.
Před spuštěním: Volných bajtů: 21 409 361 920
Po spuštění: Volných bajtů: 21 721 067 520
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 4905CFF1AEA4EC07D2C1C21C1322C1B0
413FC2A0C716421B3158746D63736515

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

KillAll::
File::
c:\docume~1\DOMINI~1\LOCALS~1\Temp\Rar$EX00.578\Final\AntiBan\PBDownforce.sys
c:\windows\system32\GameMon.des
c:\windows\system32\drivers\EagleXNt.sys

Folder::
c:\program files\Shopping Suggestion
c:\program files\IObit Apps Toolbar
c:\windows\system32\config\systemprofile\Data aplikací\Application Updater

Driver::
PBDOWNFORCE_SERVICE
npggsvc
EagleXNt

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]




Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[rangar009]

Hotovo:
ComboFix 14-01-08.03 - Dominik CZ 11.01.2014 20:03:15.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1459 [GMT 1:00]
Spuštěný z: c:\documents and settings\Dominik CZ\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Dominik CZ\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\docume~1\DOMINI~1\LOCALS~1\Temp\Rar$EX00.578\Final\AntiBan\PBDownforce.sys"
"c:\windows\system32\drivers\EagleXNt.sys"
"c:\windows\system32\GameMon.des"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit Apps Toolbar
c:\program files\IObit Apps Toolbar\FF\components\config.ini
c:\program files\IObit Apps Toolbar\FF\components\iobitappsToolbarFF.dll
c:\program files\IObit Apps Toolbar\FF\chrome.manifest
c:\program files\IObit Apps Toolbar\FF\chrome\chrome.jar
c:\program files\IObit Apps Toolbar\FF\install.rdf
c:\program files\IObit Apps Toolbar\IE\8.6\config.ini
c:\program files\IObit Apps Toolbar\IE\8.6\iobitappsToolbarIE64.dll
c:\program files\IObit Apps Toolbar\Res\amazon.gif
c:\program files\IObit Apps Toolbar\Res\ebay.gif
c:\program files\IObit Apps Toolbar\Res\facebook.gif
c:\program files\IObit Apps Toolbar\Res\googleplus.gif
c:\program files\IObit Apps Toolbar\Res\icon_settings.gif
c:\program files\IObit Apps Toolbar\Res\iobit-toolbar-logo-hover.gif
c:\program files\IObit Apps Toolbar\Res\iobit-toolbar-logo.gif
c:\program files\IObit Apps Toolbar\Res\Lang\Res1031.ini
c:\program files\IObit Apps Toolbar\Res\Lang\Res1033.ini
c:\program files\IObit Apps Toolbar\Res\Lang\Res1034.ini
c:\program files\IObit Apps Toolbar\Res\Lang\Res1036.ini
c:\program files\IObit Apps Toolbar\Res\Lang\Res1040.ini
c:\program files\IObit Apps Toolbar\Res\radio-close.gif
c:\program files\IObit Apps Toolbar\Res\radio-minimize.gif
c:\program files\IObit Apps Toolbar\Res\radiobeta.gif
c:\program files\IObit Apps Toolbar\Res\search-button-hover.gif
c:\program files\IObit Apps Toolbar\Res\search-button.gif
c:\program files\IObit Apps Toolbar\Res\search-chevron-hover.gif
c:\program files\IObit Apps Toolbar\Res\search-chevron.gif
c:\program files\IObit Apps Toolbar\Res\search_amazon.gif
c:\program files\IObit Apps Toolbar\Res\search_baidu.gif
c:\program files\IObit Apps Toolbar\Res\search_ebay.gif
c:\program files\IObit Apps Toolbar\Res\search_yahoo.gif
c:\program files\IObit Apps Toolbar\Res\search_yandex.gif
c:\program files\IObit Apps Toolbar\Res\toolbar-icon.gif
c:\program files\IObit Apps Toolbar\Res\twitter.gif
c:\program files\IObit Apps Toolbar\Res\widgets.xml
c:\program files\IObit Apps Toolbar\WidgiHelper.exe
c:\program files\Shopping Suggestion
c:\program files\Shopping Suggestion\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi
c:\program files\Shopping Suggestion\Interop.SHDocVw.dll
c:\program files\Shopping Suggestion\Microsoft.mshtml.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EAGLEXNT
-------\Service_EagleXNt
-------\Service_npggsvc
-------\Service_PBDOWNFORCE_SERVICE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-11 17:42 . 2014-01-11 17:42 -------- d-----w- c:\windows\ERUNT
2014-01-11 16:51 . 2014-01-11 16:51 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Malwarebytes
2014-01-11 16:50 . 2014-01-11 16:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-11 16:50 . 2014-01-11 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-01-11 16:50 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-11 15:25 . 2014-01-11 15:25 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2014-01-11 15:06 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2014-01-11 13:00 . 2014-01-11 13:00 -------- d-----w- c:\windows\system32\winrm
2014-01-08 20:08 . 2013-05-22 17:49 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2014-01-08 19:53 . 2014-01-11 13:00 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Apple Computer
2014-01-08 19:52 . 2013-05-22 17:49 14776 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2014-01-08 18:36 . 2014-01-08 18:36 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2014-01-08 18:36 . 2014-01-08 18:36 -------- d-----w- c:\program files\Common Files\Steam
2014-01-08 18:36 . 2014-01-11 15:32 -------- d-----w- c:\program files\Steam
2014-01-07 13:47 . 2014-01-07 13:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2014-01-07 13:43 . 2014-01-07 13:46 -------- d-----w- C:\PhotoshopPortable
2014-01-07 10:13 . 2014-01-07 10:13 -------- d-----w- c:\documents and settings\Dominik CZ\.android
2014-01-07 10:13 . 2014-01-07 10:13 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\cache
2014-01-07 10:12 . 2014-01-07 10:23 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\genienext
2014-01-07 10:12 . 2014-01-07 10:30 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Mobogenie
2014-01-07 10:12 . 2014-01-11 17:31 -------- d-----w- c:\program files\AmiExt
2014-01-04 15:37 . 2014-01-04 15:37 -------- d-----w- c:\program files\Size
2014-01-04 15:28 . 2014-01-08 19:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\greatsuaVeer
2014-01-04 15:28 . 2014-01-11 16:42 -------- d-----w- c:\program files\greatsuaVeer
2014-01-04 15:27 . 2014-01-04 15:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Torch
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\SUPPORT_388945a0
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\HelpAssistant
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Guest
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\ASPNET
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Administrator
2014-01-04 15:26 . 2014-01-04 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InstallMate
2014-01-02 22:32 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2014-01-02 22:32 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2014-01-02 22:32 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2014-01-02 22:32 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2014-01-02 22:32 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2014-01-02 22:32 . 2014-01-02 22:32 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2014-01-02 22:32 . 2014-01-02 22:32 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2014-01-02 15:46 . 2014-01-02 15:46 -------- d-----w- c:\windows\system32\log
2014-01-02 15:46 . 2014-01-11 17:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WPM
2013-12-30 13:35 . 2013-12-30 13:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Battle.net
2013-12-30 13:33 . 2013-12-30 19:26 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2013-12-30 13:32 . 2013-12-30 13:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard Entertainment
2013-12-30 01:27 . 2013-12-30 01:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard
2013-12-28 12:42 . 2013-12-28 12:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-12-26 15:05 . 2013-12-26 15:05 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Razer
2013-12-26 15:04 . 2013-12-26 15:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Razer
2013-12-17 09:26 . 2013-12-17 09:26 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Riot Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-08 20:02 . 2013-05-30 13:12 239656 ----a-w- c:\windows\system32\drivers\b57xp32.sys
2013-12-11 15:31 . 2013-05-30 14:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 15:31 . 2013-05-30 14:40 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-10 13:29 . 2013-12-10 13:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-10 13:29 . 2013-12-10 13:30 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-11-13 03:00 . 2012-02-29 16:08 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2012-05-22 17:12 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2012-05-22 17:16 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2012-05-22 17:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2012-05-22 17:17 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 07:45 . 2012-05-22 17:17 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:45 . 2012-05-22 17:16 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 00:45 . 2012-05-22 17:17 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 08:51 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-08-28 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-09 2285344]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Dominik CZ\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.1040\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2380\\Agent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [30.5.2013 16:52 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [30.5.2013 16:52 175176]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 4:40 19592]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [8.1.2014 20:52 14776]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [30.5.2013 16:52 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.5.2013 16:52 369584]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [8.1.2014 20:52 881440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.5.2013 16:52 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [30.5.2013 16:52 66336]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [6.12.2013 21:32 341824]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [31.5.2013 22:00 625304]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [8.1.2014 20:52 2151200]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.1.2014 17:50 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys --> c:\windows\system32\Drivers\btmcom.sys [?]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys --> c:\windows\system32\Drivers\btmusb.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 12:38 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 13:01 25480]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11.1.2014 17:50 22856]
S3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [30.5.2013 14:30 6609920]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [6.12.2013 21:32 31776]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [6.12.2013 21:32 17360]
S4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [6.12.2013 21:32 247968]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-30 15:31]
.
2014-01-11 c:\windows\Tasks\ASC7_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 7\Monitor.exe [2014-01-08 15:10]
.
2014-01-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-30 08:58]
.
2014-01-11 c:\windows\Tasks\Driver Booster Scan.job
- c:\program files\IObit\Driver Booster\Scheduler.exe [2014-01-08 09:48]
.
2014-01-11 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2014-01-08 10:01]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:37]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:37]
.
2014-01-11 c:\windows\Tasks\SmartDefragUpdate.job
- c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2014-01-08 17:49]
.
2014-01-11 c:\windows\Tasks\SmartDefrag_Startup.job
- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2014-01-08 17:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = 67.153.80.178:17194
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\
FF - ExtSQL: 2013-12-12 18:17; ext@bettersurfplus.com; c:\program files\BetterSurf\BetterSurfPlus\ff
FF - ExtSQL: 2013-12-16 22:26; adsremoval@adsremoval.net; c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\adsremoval@adsremoval.net
FF - ExtSQL: 2014-01-07 11:12; ext@flash-Enhancer.com; c:\program files\AmiExt\flashEnhancer\ff
FF - ExtSQL: 2014-01-07 12:22; {D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}; c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi
FF - ExtSQL: 2014-01-11 17:25; ascsurfingprotection@iobit.com; c:\documents and settings\Dominik CZ\Data aplikacĂ­\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2014-01-10 18:17; ext@VideoPlayerV3beta382.net; c:\program files\VideoPlayerV3\VideoPlayerV3beta382\ff
FF - ExtSQL: !HIDDEN! 2014-01-11 16:25; savingsslider@mybrowserbar.com; c:\documents and settings\Dominik CZ\Data aplikacĂ­\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\savingsslider@mybrowserbar.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-11 20:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_64_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_64_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(572)
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
c:\program files\PANDORA.TV\PanService\PanProcess.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2014-01-11 20:16:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-11 19:16
.
Před spuštěním: Volných bajtů: 21 734 514 688
Po spuštění: Volných bajtů: 21 692 399 616
.
- - End Of File - - 2E3DC00535147569B056B590205DB35B
413FC2A0C716421B3158746D63736515

[Damned]

Složky:
c:\windows\system32\winrm
c:\program files\AmiExt
c:\program files\Size
c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b
c:\documents and settings\All Users\Data aplikací\InstallMate
c:\documents and settings\SUPPORT_388945a0
c:\program files\greatsuaVeer

Znáš? To jsou k nějakým hrám?

[rangar009]

Tak to vůbec netuším.

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:


DirLook::
c:\documents and settings\HelpAssistant
c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\genienext
c:\windows\system32\winrm
c:\program files\AmiExt
c:\program files\Size
c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b
c:\documents and settings\All Users\Data aplikací\InstallMate
c:\documents and settings\SUPPORT_388945a0
c:\program files\greatsuaVeer

Folder::
c:\windows\system32\config\systemprofile\Data aplikací\Application Updater

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]




Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[rangar009]

Hotovo :
ComboFix 14-01-08.03 - Dominik CZ 11.01.2014 21:15:07.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1472 [GMT 1:00]
Spuštěný z: c:\documents and settings\Dominik CZ\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Dominik CZ\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-11 do 2014-01-11 )))))))))))))))))))))))))))))))
.
.
2014-01-11 17:42 . 2014-01-11 17:42 -------- d-----w- c:\windows\ERUNT
2014-01-11 16:51 . 2014-01-11 16:51 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Malwarebytes
2014-01-11 16:50 . 2014-01-11 16:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-11 16:50 . 2014-01-11 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-01-11 16:50 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-11 15:25 . 2014-01-11 15:25 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2014-01-11 15:06 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2014-01-11 13:00 . 2014-01-11 13:00 -------- d-----w- c:\windows\system32\winrm
2014-01-08 18:36 . 2014-01-08 18:36 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2014-01-08 18:36 . 2014-01-08 18:36 -------- d-----w- c:\program files\Common Files\Steam
2014-01-08 18:36 . 2014-01-11 15:32 -------- d-----w- c:\program files\Steam
2014-01-07 13:47 . 2014-01-07 13:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2014-01-07 13:43 . 2014-01-07 13:46 -------- d-----w- C:\PhotoshopPortable
2014-01-07 10:13 . 2014-01-07 10:13 -------- d-----w- c:\documents and settings\Dominik CZ\.android
2014-01-07 10:13 . 2014-01-07 10:13 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\cache
2014-01-07 10:12 . 2014-01-07 10:23 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\genienext
2014-01-07 10:12 . 2014-01-07 10:30 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Mobogenie
2014-01-07 10:12 . 2014-01-11 17:31 -------- d-----w- c:\program files\AmiExt
2014-01-04 15:37 . 2014-01-04 15:37 -------- d-----w- c:\program files\Size
2014-01-04 15:28 . 2014-01-08 19:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\greatsuaVeer
2014-01-04 15:28 . 2014-01-11 16:42 -------- d-----w- c:\program files\greatsuaVeer
2014-01-04 15:27 . 2014-01-04 15:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Torch
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\SUPPORT_388945a0
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\HelpAssistant
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Guest
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\ASPNET
2014-01-04 15:27 . 2014-01-04 15:27 -------- d-----w- c:\documents and settings\Administrator
2014-01-04 15:26 . 2014-01-04 15:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InstallMate
2014-01-02 22:32 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2014-01-02 22:32 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2014-01-02 22:32 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2014-01-02 22:32 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2014-01-02 22:32 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2014-01-02 22:32 . 2014-01-02 22:32 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2014-01-02 22:32 . 2014-01-02 22:32 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2014-01-02 15:46 . 2014-01-02 15:46 -------- d-----w- c:\windows\system32\log
2014-01-02 15:46 . 2014-01-11 17:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WPM
2013-12-30 13:35 . 2013-12-30 13:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Battle.net
2013-12-30 13:33 . 2013-12-30 19:26 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2013-12-30 13:32 . 2013-12-30 13:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard Entertainment
2013-12-30 01:27 . 2013-12-30 01:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard
2013-12-28 12:42 . 2013-12-28 12:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-12-26 15:05 . 2013-12-26 15:05 -------- d-----w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\Razer
2013-12-26 15:04 . 2013-12-26 15:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Razer
2013-12-17 09:26 . 2013-12-17 09:26 -------- d-----w- c:\documents and settings\Dominik CZ\Data aplikací\Riot Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-08 20:02 . 2013-05-30 13:12 239656 ----a-w- c:\windows\system32\drivers\b57xp32.sys
2013-12-11 15:31 . 2013-05-30 14:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 15:31 . 2013-05-30 14:40 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-10 13:29 . 2013-12-10 13:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-10 13:29 . 2013-12-10 13:30 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-11-13 03:00 . 2012-02-29 16:08 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2012-05-22 17:12 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:51 . 2012-05-22 17:16 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:45 . 2012-05-22 17:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:45 . 2012-05-22 17:17 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 07:45 . 2012-05-22 17:17 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:45 . 2012-05-22 17:16 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 00:45 . 2012-05-22 17:17 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2008-04-14 08:51 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b ----
.
2014-01-04 15:27 . 2014-01-04 15:28 2946 ----a-w- c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b\{CA41BB14-E67B-1653-C57B-5CA99418A866}
2013-01-04 15:28 . 2013-01-04 15:28 49122 ----a-w- c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b\{CA41BB14-E67B-1653-C57B-5CA99418A866}.old
.
---- Directory of c:\documents and settings\All Users\Data aplikací\InstallMate ----
.
2014-01-04 15:28 . 2014-01-04 15:28 8116 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\6_1_3.ini
2014-01-04 15:27 . 2014-01-04 15:27 7466 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\6_1_0.ini
2014-01-04 15:27 . 2014-01-04 15:27 7500 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\6_1.ini
2014-01-04 15:27 . 2014-01-04 15:27 10996 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\6.ini
2014-01-04 15:27 . 2014-01-04 15:27 4506 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\5.ini
2014-01-04 15:27 . 2014-01-04 15:27 6958 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\4_3.ini
2014-01-04 15:27 . 2014-01-04 15:27 6618 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\4_2.ini
2014-01-04 15:27 . 2014-01-04 15:27 4322 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\4_1.ini
2014-01-04 15:27 . 2014-01-04 15:27 5548 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\4.ini
2014-01-04 15:27 . 2014-01-04 15:27 8698 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\3.ini
2014-01-04 15:26 . 2014-01-04 15:26 5720 ----a-w- c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\1.ini
.
---- Directory of c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\genienext ----
.
2014-01-07 10:12 . 2013-11-14 02:53 1283584 ----a-w- c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\genienext\nengine.dll
.
---- Directory of c:\documents and settings\HelpAssistant ----
.
2014-01-04 15:27 . 2014-01-04 15:27 141 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2014-01-04 15:27 . 2014-01-04 15:27 144 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
2014-01-04 15:27 . 2014-01-04 15:27 502 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2014-01-04 15:27 . 2014-01-04 15:27 6829 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2014-01-04 15:27 . 2014-01-04 15:27 6829 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2014-01-04 15:27 . 2014-01-04 15:27 144 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
2014-01-04 15:27 . 2014-01-04 15:27 531 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
2014-01-04 15:27 . 2014-01-04 15:27 502 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2014-01-04 15:27 . 2014-01-04 15:27 141 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2014-01-04 15:27 . 2014-01-04 15:27 141 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2014-01-04 15:27 . 2014-01-04 15:27 531 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
2014-01-04 15:27 . 2014-01-04 15:27 502 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2014-01-04 15:27 . 2014-01-04 15:27 531 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
2013-01-04 15:27 . 2013-01-04 15:27 531 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
2013-01-04 15:27 . 2013-01-04 15:27 6829 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2013-01-04 15:27 . 2013-01-04 15:27 144 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
2013-01-04 15:27 . 2013-01-04 15:27 6829 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2013-01-04 15:27 . 2013-01-04 15:27 502 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2013-01-04 15:27 . 2013-01-04 15:27 141 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2013-01-04 15:27 . 2013-01-04 15:27 144 ----a-w- c:\documents and settings\HelpAssistant\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
.
---- Directory of c:\documents and settings\SUPPORT_388945a0 ----
.
2014-01-04 15:27 . 2014-01-04 15:27 531 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
2014-01-04 15:27 . 2014-01-04 15:27 141 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2014-01-04 15:27 . 2014-01-04 15:27 6829 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2014-01-04 15:27 . 2014-01-04 15:27 141 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2014-01-04 15:27 . 2014-01-04 15:27 141 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2014-01-04 15:27 . 2014-01-04 15:27 531 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
2014-01-04 15:27 . 2014-01-04 15:27 502 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2014-01-04 15:27 . 2014-01-04 15:27 6829 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2014-01-04 15:27 . 2014-01-04 15:27 502 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2014-01-04 15:27 . 2014-01-04 15:27 141 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\background.html
2014-01-04 15:27 . 2014-01-04 15:27 144 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
2013-01-04 15:27 . 2013-01-04 15:27 6829 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2013-01-04 15:27 . 2013-01-04 15:27 144 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
2013-01-04 15:27 . 2013-01-04 15:27 502 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Torch\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2013-01-04 15:27 . 2013-01-04 15:27 531 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
2013-01-04 15:27 . 2013-01-04 15:27 502 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\manifest.json
2013-01-04 15:27 . 2013-01-04 15:27 144 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome SxS\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
2013-01-04 15:27 . 2013-01-04 15:27 144 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\content.js
2013-01-04 15:27 . 2013-01-04 15:27 6829 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\us9R.js
2013-01-04 15:27 . 2013-01-04 15:27 531 ----a-w- c:\documents and settings\SUPPORT_388945a0\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bikijgggffaondpoajcfbeamhgkbiami\2.7\lsdb.js
.
---- Directory of c:\program files\AmiExt ----
.
.
---- Directory of c:\program files\greatsuaVeer ----
.
2013-01-04 15:28 . 2013-01-04 15:28 476160 ----a-w- c:\program files\greatsuaVeer\HmK8Sp.x64.dll
2013-01-04 15:28 . 2013-01-04 15:28 3528 ----a-w- c:\program files\greatsuaVeer\HmK8Sp.dat
2013-01-04 15:28 . 2013-01-04 15:28 3832 ----a-w- c:\program files\greatsuaVeer\HmK8Sp.tlb
.
---- Directory of c:\program files\Size ----
.
2014-01-04 15:37 . 2014-01-04 15:37 14258 ----a-w- c:\program files\Size\BoG V\Uninstall.ini
2012-11-27 21:07 . 2014-01-04 15:37 407269 ----a-w- c:\program files\Size\BoG V\Uninstall.exe
2012-11-27 20:43 . 2012-11-27 20:43 39 ----a-w- c:\program files\Size\BoG V\Run2.ini
2012-11-27 20:38 . 2012-11-27 20:38 40 ----a-w- c:\program files\Size\BoG V\Run.ini
2012-11-27 20:38 . 2012-11-27 20:38 197 ----a-w- c:\program files\Size\BoG V\En.txt
2012-11-27 20:37 . 2012-11-27 20:37 194 ----a-w- c:\program files\Size\BoG V\Rus.txt
2012-11-27 20:35 . 2012-11-27 20:35 1371 ----a-w- c:\program files\Size\BoG V\cstrike\autorun.cfg
2012-11-27 20:34 . 2012-11-27 20:34 94 ----a-w- c:\program files\Size\BoG V\settings\srv.cfg
2012-11-27 20:34 . 2012-11-27 20:34 166 ----a-w- c:\program files\Size\BoG V\settings\-fps.cfg
2012-11-27 20:34 . 2012-11-27 20:34 507 ----a-w- c:\program files\Size\BoG V\settings\autorun.cfg
2012-11-27 20:34 . 2012-11-27 20:34 213 ----a-w- c:\program files\Size\BoG V\settings\+fps.cfg
2012-11-27 20:34 . 2012-11-27 20:34 350 ----a-w- c:\program files\Size\BoG V\cstrike\+lol.cfg
2012-11-27 20:34 . 2012-11-27 20:34 331 ----a-w- c:\program files\Size\BoG V\cstrike\-lol.cfg
2012-11-27 20:33 . 2012-11-27 20:33 3889 ----a-w- c:\program files\Size\BoG V\cstrike\config.cfg
2012-11-27 20:29 . 2012-11-27 20:29 3 ----a-w- c:\program files\Size\BoG V\settings\prefix.ini
2012-11-27 20:25 . 2012-11-27 20:25 833 ----a-w- c:\program files\Size\BoG V\cstrike\userconfig.cfg
2012-11-27 20:17 . 2012-11-27 20:17 103936 ----a-w- c:\program files\Size\BoG V\BoG.dll
2012-11-27 20:03 . 2012-11-27 20:03 6815 ----a-w- c:\program files\Size\BoG V\CSXGuard.ini
2012-11-27 19:01 . 2012-11-27 19:01 10918433 ----a-w- c:\program files\Size\BoG V\BoG.wmv
2012-11-27 17:21 . 2012-11-27 17:21 3276 ----a-w- c:\program files\Size\BoG V\temp.mmr
2012-11-13 13:12 . 2012-11-13 13:12 14336 ----a-w- c:\program files\Size\BoG V\BoG.asi
2012-11-11 10:00 . 2012-11-11 10:00 696 ----a-w- c:\program files\Size\BoG V\Source\Loader\Loader.dpr
2012-11-11 09:59 . 2012-11-11 09:59 1784 ----a-w- c:\program files\Size\BoG V\Source\Loader\Loader.inc
2012-11-10 15:39 . 2012-11-10 15:39 17922 ----a-w- c:\program files\Size\BoG V\Source\VoiceExt.pas
2012-11-09 21:37 . 2012-11-09 21:37 8853 ----a-w- c:\program files\Size\BoG V\Source\CvarDef.pas
2012-11-09 21:32 . 2012-11-09 21:32 6061 ----a-w- c:\program files\Size\BoG V\Source\CSXGuard.dpr
2012-11-09 21:31 . 2012-11-09 21:31 1794 ----a-w- c:\program files\Size\BoG V\Source\CSXGuard.inc
2012-11-09 20:28 . 2012-11-09 20:28 2199 ----a-w- c:\program files\Size\BoG V\Source\Extended.pas
2012-11-09 20:27 . 2012-11-09 20:27 34251 ----a-w- c:\program files\Size\BoG V\Source\Common.pas
2012-11-09 20:25 . 2012-11-09 20:25 166972 ----a-w- c:\program files\Size\BoG V\Source\HLSDK.pas
2012-11-09 20:05 . 2012-11-09 20:05 7257 ----a-w- c:\program files\Size\BoG V\Source\MsgAPI.pas
2012-11-09 19:41 . 2012-11-09 19:41 291 ----a-w- c:\program files\Size\BoG V\Source\Shutdown.pas
2012-11-07 22:17 . 2012-11-07 22:17 19764 ----a-w- c:\program files\Size\BoG V\Source\Parser.pas
2012-11-07 22:15 . 2012-11-07 22:15 55353 ----a-w- c:\program files\Size\BoG V\Source\MemSearch.pas
2012-11-07 20:26 . 2012-11-07 20:26 2478 ----a-w- c:\program files\Size\BoG V\Source\ResBlock.pas
2012-11-07 17:22 . 2012-11-07 17:22 1674 ----a-w- c:\program files\Size\BoG V\Source\Scripting.pas
2012-11-07 16:48 . 2012-11-07 16:48 1825 ----a-w- c:\program files\Size\BoG V\Source\QCCBlock.pas
2012-11-07 16:45 . 2012-11-07 16:45 853 ----a-w- c:\program files\Size\BoG V\Source\MSGBlock.pas
2012-11-07 16:44 . 2012-11-07 16:44 8764 ----a-w- c:\program files\Size\BoG V\Source\CMDBlock.pas
2012-11-05 20:46 . 2012-11-05 20:46 1351 ----a-w- c:\program files\Size\BoG V\Source\Detours.pas
2012-10-31 09:06 . 2012-10-31 09:06 136192 ----a-w- c:\program files\Size\BoG V\v5.dll
2012-10-29 17:46 . 2012-10-29 17:46 4 ----a-w- c:\program files\Size\BoG V\bogfix.ini
2012-05-06 14:16 . 2012-05-06 14:16 268800 ----a-w- c:\program files\Size\BoG V\Run.exe
2012-05-06 14:16 . 2012-05-06 14:16 268800 ----a-w- c:\program files\Size\BoG V\Run2.exe
2012-05-05 17:58 . 2012-05-05 17:58 0 ----a-w- c:\program files\Size\BoG V\lj_stats.log
2012-05-05 14:18 . 2012-05-05 14:18 186372 ----a-w- c:\program files\Size\BoG V\v5 (Full).dll
2012-05-04 20:08 . 2012-05-04 20:08 0 ----a-w- c:\program files\Size\BoG V\settings\temp.mmr
2011-08-18 17:35 . 2011-08-18 17:35 23170 ----a-w- c:\program files\Size\BoG V\valve\resource\gameui_english.txt
2011-08-18 14:19 . 2011-08-18 14:19 1558 ----a-w- c:\program files\Size\BoG V\cstrike\resource\BackgroundLoadingLayout.txt
2011-08-18 06:16 . 2011-08-18 06:16 783 ----a-w- c:\program files\Size\BoG V\cstrike\resource\GameMenu.res
2011-08-18 06:15 . 2011-08-18 06:15 11049 ----a-w- c:\program files\Size\BoG V\cstrike\resource\TrackerScheme.res
2011-08-18 06:01 . 2011-08-18 06:01 15849 ----a-w- c:\program files\Size\BoG V\cstrike\resource\ClientScheme.res
2011-08-18 05:54 . 2011-08-18 05:54 176614 ----a-w- c:\program files\Size\BoG V\cstrike\resource\cstrike_english.txt
2011-08-18 05:28 . 2011-08-18 05:28 1144 ----a-w- c:\program files\Size\BoG V\cstrike\motd.txt
2011-08-18 05:21 . 2011-08-18 05:21 73896 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\motd\fxmotd.jpg
2011-08-18 05:06 . 2011-08-18 05:06 812 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_steam_disabled.tga
2011-08-18 05:05 . 2011-08-18 05:05 812 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_steam.tga
2011-08-18 04:06 . 2011-08-18 04:06 99884 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\fxloading.tga
2011-08-18 03:44 . 2011-08-18 03:44 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_4_e_loading.tga
2011-08-18 03:44 . 2011-08-18 03:44 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_4_e_loading.tga
2011-08-18 03:43 . 2011-08-18 03:43 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_4_d_loading.tga
2011-08-18 03:43 . 2011-08-18 03:43 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_4_d_loading.tga
2011-08-18 03:43 . 2011-08-18 03:43 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_4_c_loading.tga
2011-08-18 03:43 . 2011-08-18 03:43 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_4_c_loading.tga
2011-08-18 03:43 . 2011-08-18 03:43 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_4_b_loading.tga
2011-08-18 03:43 . 2011-08-18 03:43 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_4_b_loading.tga
2011-08-18 03:42 . 2011-08-18 03:42 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_4_a_loading.tga
2011-08-18 03:42 . 2011-08-18 03:42 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_4_a_loading.tga
2011-08-18 03:42 . 2011-08-18 03:42 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_3_e_loading.tga
2011-08-18 03:42 . 2011-08-18 03:42 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_3_e_loading.tga
2011-08-18 03:41 . 2011-08-18 03:41 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_3_d_loading.tga
2011-08-18 03:41 . 2011-08-18 03:41 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_3_c_loading.tga
2011-08-18 03:41 . 2011-08-18 03:41 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_3_c_loading.tga
2011-08-18 03:40 . 2011-08-18 03:40 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_3_b_loading.tga
2011-08-18 03:40 . 2011-08-18 03:40 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_3_b_loading.tga
2011-08-18 03:40 . 2011-08-18 03:40 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_3_a_loading.tga
2011-08-18 03:39 . 2011-08-18 03:39 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_3_a_loading.tga
2011-08-18 03:38 . 2011-08-18 03:38 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_2_e_loading.tga
2011-08-18 03:38 . 2011-08-18 03:38 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_2_e_loading.tga
2011-08-18 03:37 . 2011-08-18 03:37 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_2_d_loading.tga
2011-08-18 03:37 . 2011-08-18 03:37 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_2_d_loading.tga
2011-08-18 03:36 . 2011-08-18 03:36 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_2_c_loading.tga
2011-08-18 03:36 . 2011-08-18 03:36 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_2_c_loading.tga
2011-08-18 03:36 . 2011-08-18 03:36 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_2_b_loading.tga
2011-08-18 03:36 . 2011-08-18 03:36 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_2_b_loading.tga
2011-08-18 03:36 . 2011-08-18 03:36 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_2_a_loading.tga
2011-08-18 03:35 . 2011-08-18 03:35 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_2_a_loading.tga
2011-08-18 03:35 . 2011-08-18 03:35 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_1_e_loading.tga
2011-08-18 03:35 . 2011-08-18 03:35 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_1_e_loading.tga
2011-08-18 03:34 . 2011-08-18 03:34 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_1_d_loading.tga
2011-08-18 03:34 . 2011-08-18 03:34 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_1_d_loading.tga
2011-08-18 03:34 . 2011-08-18 03:34 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_1_c_loading.tga
2011-08-18 03:34 . 2011-08-18 03:34 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_1_c_loading.tga
2011-08-18 03:34 . 2011-08-18 03:34 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_1_b_loading.tga
2011-08-18 03:33 . 2011-08-18 03:33 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_1_b_loading.tga
2011-08-18 03:32 . 2011-08-18 03:32 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\loading\1280_1_a_loading.tga
2011-08-18 03:32 . 2011-08-18 03:32 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_1_a_loading.tga
2011-08-18 03:05 . 2011-08-18 03:05 2033 ----a-w- c:\program files\Size\BoG V\cstrike\resource\loadingdialognobanner.res
2011-08-18 03:03 . 2011-08-18 03:03 2149 ----a-w- c:\program files\Size\BoG V\cstrike\resource\LoadingDialog.res
2011-08-18 03:03 . 2011-08-18 03:03 2634 ----a-w- c:\program files\Size\BoG V\cstrike\resource\LoadingDialogVAC.res
2011-08-18 02:19 . 2011-08-18 02:19 11951 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\crosshair.tga
2011-08-18 02:13 . 2011-08-18 02:13 5120 --sha-w- c:\program files\Size\BoG V\cstrike\gfx\Thumbs.db
2011-08-18 01:45 . 2011-08-18 01:45 26540 ----a-w- c:\program files\Size\BoG V\cstrike\resource\game_menu_mouseover.tga
2011-08-18 01:35 . 2011-08-18 01:35 26540 ----a-w- c:\program files\Size\BoG V\cstrike\resource\game_menu.tga
2011-08-18 01:33 . 2011-08-18 01:33 26540 ----a-w- c:\program files\Size\BoG V\cstrike\resource\steam_menu_mouseover.tga
2011-08-18 01:29 . 2011-08-18 01:29 26540 ----a-w- c:\program files\Size\BoG V\cstrike\resource\steam_menu.tga
2011-08-17 22:22 . 2011-08-17 22:22 196652 ----a-w- c:\program files\Size\BoG V\cstrike\resource\background\1280_3_d_loading.tga
2011-08-17 18:12 . 2011-08-17 18:12 115244 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\spectatorbar.tga
2011-08-17 18:09 . 2011-08-17 18:09 4291 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\Spectator.res
2011-08-17 17:34 . 2011-08-17 17:34 6145 ----a-w- c:\program files\Size\BoG V\cstrike\resource\OptionsSubVideo.res
2011-08-17 17:32 . 2011-08-17 17:32 5891 ----a-w- c:\program files\Size\BoG V\cstrike\resource\OptionsSubVoice.res
2011-08-17 17:32 . 2011-08-17 17:32 4728 ----a-w- c:\program files\Size\BoG V\cstrike\resource\OptionsSubAudio.res
2011-08-17 17:31 . 2011-08-17 17:31 11359 ----a-w- c:\program files\Size\BoG V\cstrike\resource\optionssubmultiplayer.res
2011-08-17 17:31 . 2011-08-17 17:31 2186 ----a-w- c:\program files\Size\BoG V\cstrike\resource\OptionsSubKeyboard.res
2011-08-17 17:31 . 2011-08-17 17:31 6336 ----a-w- c:\program files\Size\BoG V\cstrike\resource\OptionsSubMouse.res
2011-08-17 17:11 . 2011-08-17 17:11 53144 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\voice.tga
2011-08-17 16:56 . 2011-08-17 16:56 53144 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\video.tga
2011-08-17 16:52 . 2011-08-17 16:52 53144 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\audio.tga
2011-08-17 16:48 . 2011-08-17 16:48 53144 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\mouse.tga
2011-08-17 16:48 . 2011-08-17 16:48 53144 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\multiplayer.tga
2011-08-17 16:37 . 2011-08-17 16:37 53144 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\keyboard.tga
2011-08-17 04:38 . 2011-08-17 04:38 3582 ----a-w- c:\program files\Size\BoG V\cstrike\resource\optionssubadvanced.res
2011-08-17 04:17 . 2011-08-17 04:17 2576 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\shell\kb_act.lst
2011-08-17 02:05 . 2011-08-17 02:05 16352 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\kuben.tga
2011-08-17 02:01 . 2011-08-17 02:01 16352 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\loord.tga
2011-08-17 02:00 . 2011-08-17 02:00 16352 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\pasha.tga
2011-08-17 01:59 . 2011-08-17 01:59 16352 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\taz.tga
2011-08-17 01:59 . 2011-08-17 01:59 16352 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\neo.tga
2011-08-17 01:23 . 2011-08-17 01:23 178244 ----a-w- c:\program files\Size\BoG V\cstrike\gfx\vgui\fx.tga
2011-08-17 00:16 . 2011-08-17 00:16 3132 ----a-w- c:\program files\Size\BoG V\cstrike\commandmenu.txt
2011-08-17 00:10 . 2011-08-17 00:10 2260 ----a-w- c:\program files\Size\BoG V\cstrike\servercfg\1on1.cfg
2011-08-17 00:10 . 2011-08-17 00:10 2274 ----a-w- c:\program files\Size\BoG V\cstrike\servercfg\2on2.cfg
2011-08-17 00:09 . 2011-08-17 00:09 2261 ----a-w- c:\program files\Size\BoG V\cstrike\servercfg\5on5.cfg
2011-08-17 00:08 . 2011-08-17 00:08 2263 ----a-w- c:\program files\Size\BoG V\cstrike\servercfg\eslfunmap.cfg
2011-08-17 00:07 . 2011-08-17 00:07 2292 ----a-w- c:\program files\Size\BoG V\cstrike\servercfg\warmup.cfg
2011-05-27 20:49 . 2011-05-27 20:49 26540 ----a-w- c:\program files\Size\BoG V\cstrike\resource\gamemenu.tga
2011-05-27 16:32 . 2011-05-27 16:32 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_stepb.tga
2011-05-27 16:32 . 2011-05-27 16:32 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_stepf.tga
2011-05-27 16:25 . 2011-05-27 16:25 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_end.tga
2011-05-27 16:24 . 2011-05-27 16:24 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_start.tga
2011-05-27 16:22 . 2011-05-27 16:22 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_slower.tga
2011-05-27 16:22 . 2011-05-27 16:22 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_play.tga
2011-05-27 16:21 . 2011-05-27 16:21 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_pause.tga
2011-05-27 16:19 . 2011-05-27 16:19 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_load.tga
2011-05-27 16:16 . 2011-05-27 16:16 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_stop.tga
2011-05-27 16:12 . 2011-05-27 16:12 746 ----a-w- c:\program files\Size\BoG V\cstrike\resource\icon_faster.tga
2011-05-27 15:52 . 2011-05-27 15:52 1398 ----a-w- c:\program files\Size\BoG V\cstrike\resource\BackgroundLayout.txt
2011-05-25 00:03 . 2011-05-25 00:03 1940 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\BottomSpectator.res
2011-02-23 03:45 . 2011-02-23 03:45 65580 ----a-w- c:\program files\Size\BoG V\cstrike\resource\logo_game.tga
2011-02-23 03:45 . 2011-02-23 03:45 4148 ----a-w- c:\program files\Size\BoG V\cstrike\resource\menu_hl_no_icon.tga
2010-12-24 11:29 . 2010-12-24 11:29 108 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\steamaccelon.reg
2010-12-23 20:17 . 2010-12-23 20:17 913 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\ScoreBoard.res
2010-05-26 14:36 . 2010-05-26 14:36 520 ----a-w- c:\program files\Size\BoG V\cstrike\matchlive\live.cfg
2009-09-08 15:35 . 2009-09-08 15:35 5779 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\mainbuymenu.res
2009-09-08 15:35 . 2009-09-08 15:35 4295 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\classmenu_ct.res
2009-09-08 15:35 . 2009-09-08 15:35 3690 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\teammenu.res
2009-09-08 15:35 . 2009-09-08 15:35 1290 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\motd.res
2009-09-08 15:35 . 2009-09-08 15:35 1733 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buymachineguns_ct.res
2009-09-08 15:35 . 2009-09-08 15:35 4319 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\classmenu_ter.res
2009-09-08 15:35 . 2009-09-08 15:35 3466 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buyequipment.res
2009-09-08 15:35 . 2009-09-08 15:35 3275 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buypistols_ter.res
2009-09-08 15:34 . 2009-09-08 15:34 2241 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\backgroundpanel.res
2009-09-08 15:34 . 2009-09-08 15:34 550 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buymenu.res
2009-09-08 15:34 . 2009-09-08 15:34 4585 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buyequipment_ct.res
2009-09-08 15:34 . 2009-09-08 15:34 3725 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buyrifles_ct.res
2009-09-08 15:34 . 2009-09-08 15:34 3767 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buyequipment_ter.res
2009-09-08 15:34 . 2009-09-08 15:34 1754 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buymachineguns_ter.res
2009-09-08 15:34 . 2009-09-08 15:34 3328 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buypistols_ct.res
2009-09-08 15:34 . 2009-09-08 15:34 2135 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buyshotguns_ter.res
2009-09-08 15:34 . 2009-09-08 15:34 2905 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buysubmachineguns_ct.res
2009-09-08 15:34 . 2009-09-08 15:34 3734 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buyrifles_ter.res
2009-09-08 15:34 . 2009-09-08 15:34 2927 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buysubmachineguns_ter.res
2009-09-08 15:34 . 2009-09-08 15:34 2078 ----a-w- c:\program files\Size\BoG V\cstrike\resource\UI\buyshotguns_ct.res
2008-12-21 11:19 . 2008-12-21 11:19 96 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\steamratefix.reg
2008-11-22 19:59 . 2008-11-22 19:59 1606707 ----a-w- c:\program files\Size\BoG V\cstrike\media\gamestartup.mp3
2007-04-18 11:46 . 2007-04-18 11:46 150 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\mousenoforce.reg
2007-04-18 11:46 . 2007-04-18 11:46 150 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\steamacceloff.reg
2004-06-04 22:53 . 2004-06-04 22:53 370 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\winaccelon.reg
2004-06-04 22:53 . 2004-06-04 22:53 370 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\xpmousefixremove.reg
2002-06-25 17:54 . 2002-06-25 17:54 381 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\winacceloff.reg
2002-06-25 17:54 . 2002-06-25 17:54 381 ----a-w- c:\program files\Size\BoG V\cstrike\regsetup\xpmousefix.reg
.
---- Directory of c:\windows\system32\winrm ----
.
2009-10-09 15:16 . 2009-10-09 15:16 105686 ------w- c:\windows\system32\winrm\0405\winrm.ini
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-08-28 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-09 2285344]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Dominik CZ\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.1040\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.2380\\Agent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Half-Life\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [30.5.2013 16:52 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [30.5.2013 16:52 175176]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 4:40 19592]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [30.5.2013 16:52 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.5.2013 16:52 369584]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [8.1.2014 20:52 881440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.5.2013 16:52 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [30.5.2013 16:52 66336]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [6.12.2013 21:32 341824]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [31.5.2013 22:00 625304]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [8.1.2014 20:52 2151200]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.1.2014 17:50 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 9:34 171680]
S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys --> c:\windows\system32\Drivers\btmcom.sys [?]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys --> c:\windows\system32\Drivers\btmusb.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 12:38 22528]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 13:01 25480]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11.1.2014 17:50 22856]
S3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [30.5.2013 14:30 6609920]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [6.12.2013 21:32 31776]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [6.12.2013 21:32 17360]
S4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [6.12.2013 21:32 247968]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - SmartDefragDriver
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-30 15:31]
.
2014-01-11 c:\windows\Tasks\ASC7_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 7\Monitor.exe [2014-01-08 15:10]
.
2014-01-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-30 08:58]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:37]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = 67.153.80.178:17194
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\
FF - ExtSQL: 2013-12-12 18:17; ext@bettersurfplus.com; c:\program files\BetterSurf\BetterSurfPlus\ff
FF - ExtSQL: 2013-12-16 22:26; adsremoval@adsremoval.net; c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\adsremoval@adsremoval.net
FF - ExtSQL: 2014-01-07 11:12; ext@flash-Enhancer.com; c:\program files\AmiExt\flashEnhancer\ff
FF - ExtSQL: 2014-01-07 12:22; {D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}; c:\documents and settings\Dominik CZ\Data aplikací\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi
FF - ExtSQL: 2014-01-11 17:25; ascsurfingprotection@iobit.com; c:\documents and settings\Dominik CZ\Data aplikacĂ­\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2014-01-10 18:17; ext@VideoPlayerV3beta382.net; c:\program files\VideoPlayerV3\VideoPlayerV3beta382\ff
FF - ExtSQL: !HIDDEN! 2014-01-11 16:25; savingsslider@mybrowserbar.com; c:\documents and settings\Dominik CZ\Data aplikacĂ­\Mozilla\Firefox\Profiles\nixi07xl.default\extensions\savingsslider@mybrowserbar.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-11 21:21
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2928)
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Celkový čas: 2014-01-11 21:23:01
ComboFix-quarantined-files.txt 2014-01-11 20:22
ComboFix2.txt 2014-01-11 19:16
.
Před spuštěním: Volných bajtů: 21 709 451 264
Po spuštění: Volných bajtů: 21 706 289 152
.
- - End Of File - - D55732FCB4620C3588A5AE1E22EB3F13
413FC2A0C716421B3158746D63736515

[Damned]

Torch máš prohlížeč?

Na Virustotalu zkontroluj podle návodu tyto soubory:

c:\documents and settings\All Users\Data aplikací\InstallMate\3DDEE433\cfg\6.ini
c:\documents and settings\Dominik CZ\Local Settings\Data aplikací\genienext\nengine.dll
c:\program files\greatsuaVeer\HmK8Sp.x64.dll
c:\program files\greatsuaVeer\HmK8Sp.dat
c:\program files\Size\BoG V\BoG.dll
c:\program files\Size\BoG V\Source\CSXGuard.dpr
c:\windows\system32\winrm\0405\winrm.ini

Vlož mi sem pak odkazy po kontrole. Pokud ti VT nabídne, že je již kontroloval, nechej je zkontrolovat znovu

[rangar009]

1)https://www.virustotal.com/cs/file/6631989abc8be194ec5cfe817d5ed176160a74228c14d1cdfd150bfbbd482381/analysis/1389473720/
2)https://www.virustotal.com/cs/file/63eb9f4a508fd03cc44db0b761faf5986cc8a7c9947adfd957d1a28fb956ddbc/analysis/1389473608/
3)https://www.virustotal.com/cs/file/da5bb0aed926d21e050bcf7fd8f56244abe8a7902b644553447b9bb35254de0d/analysis/1389473772/
4)https://www.virustotal.com/cs/file/124bd12898bc7373507a63a24ec68c01daa5c3c11fddf69e5e4fddd62397410a/analysis/1389474008/
5)Už není,jsem smazal,byl to program do Counter Strike.
6)To samé
7)https://www.virustotal.com/cs/file/a774b3fcb818ce550eb96ac02b3ced228d804b771f0206c1a39382dd05ec65c8/analysis/1389473946/

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

KillAll::
Folder::
c:\program files\greatsuaVeer
c:\documents and settings\All Users\Data aplikací\greatsuaVeer
c:\documents and settings\All Users\Data aplikací\67dabb73536b8b2b
c:\program files\Size



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.