Error ve Win7..prosím o kontrolu logu + Vyřešeno

[Juri]

Zdravím všechny,

měl jsem problém ve Win s chybovou hláškou (Error: Can't Find: "Self-deregistering..."), která mi vyskakovala při pravé myši na složku..soubor, ale už je to v pořádku..sám ani nevím, jak jsem to vyřešil ..

Nicméně, byl jsem upozorněn, že mám systém ve velmi špatném stavu, tak bych byl moc rád, kdyby se mi na to někdo z místních rádců ještě mrknul..děkuji předem za reakce

HijackThis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:02:21, on 7.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\system32\taskeng.exe
C:\Windows\MODPS2KEY.EXE
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Fraps\fraps.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
D:\Portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\aida64.exe
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Windows\system32\taskmgr.exe
C:\Portable aplikace\CoreTemp32\Core Temp.exe
C:\Users\Jirka\Desktop\Programy log systemu\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKCU\..\Run: [Core Temp] "C:\Portable aplikace\CoreTemp32\Core Temp.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SmartRAM] "C:\Users\Jirka\Downloads\iobit_toolbox\Tools\Suo10_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Defragmentation-Service (DfSdkS) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\DfSdkS.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files\wLite\wService.exe

--
End of file - 10192 bytes


Malwarebytes' Anti-Malware

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 5702

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

7.2.2011 17:03:20
mbam-log-2011-02-07 (17-03-20).txt

Typ kontroly: Rychlý test
Testované objekty: 195434
Uplynulý čas: 3 minut, 22 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)


DDS

DDS (Ver_10-12-12.02) - NTFSx86
Run by Jirka at 17:11:13,90 on po 07.02.2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.3582.2424 [GMT 1:00]

AV: avast! antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\system32\taskeng.exe
C:\Windows\MODPS2KEY.EXE
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Fraps\fraps.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\aida64.exe
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Portable aplikace\CoreTemp32\Core Temp.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Jirka\Desktop\Programy log systemu\DDS\aadds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyServer = http=
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: ExplorerBHO Class: {449d0d6e-2412-4e61-b68f-1cb625cd9e52} - c:\program files\classic shell\ClassicExplorer32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Classic Explorer Bar: {553891b7-a0d5-4526-be18-d3ce461d6310} - c:\program files\classic shell\ClassicExplorer32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
uRun: [<NO NAME>]
uRun: [Core Temp] "c:\portable aplikace\coretemp32\Core Temp.exe"
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [SmartRAM] "c:\users\jirka\downloads\iobit_toolbox\tools\Suo10_SmartRAM.exe" /m
mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"
mRun: [Classic Start Menu] c:\program files\classic shell\ClassicStartMenu.exe
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
uPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\program files\classic shell\ClassicExplorer32.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 127.0.0.1 http://www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\jirka\appdata\roaming\mozilla\firefox\profiles\8ix8n3ta.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\jirka\appdata\roaming\mozilla\firefox\profiles\8ix8n3ta.default\extensions\cfxhelper@triton\components\dwmxpcom.dll
FF - component: c:\users\jirka\appdata\roaming\mozilla\firefox\profiles\8ix8n3ta.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft research\hd view\nphdview.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npnul32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPOFF12.DLL
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\webzen\webzengamestarter\NPGameWebStarter.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\jirka\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\jirka\appdata\roaming\mozilla\firefox\profiles\8ix8n3ta.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox 4.0 beta 9\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Chromifox Extreme: cfxe@Triton - %profile%\extensions\cfxe@Triton
FF - Ext: Chromifox Extreme Carbon: cfxec@Triton - %profile%\extensions\cfxec@Triton
FF - Ext: Chromifox Companion: cfxHelper@Triton - %profile%\extensions\cfxHelper@Triton
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: Ovi maps browser plugin: maps@ovi.com - %profile%\extensions\maps@ovi.com
FF - Ext: Personas Expression: personasexpression@eddiescorpse.private - %profile%\extensions\personasexpression@eddiescorpse.private
FF - Ext: QuickDrag: quickdrag@mozilla.ktechcomputing.com - %profile%\extensions\quickdrag@mozilla.ktechcomputing.com
FF - Ext: Hide IP Easy: support@easy-hideip.com - %profile%\extensions\support@easy-hideip.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
FF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9976D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9976D7E4B3B9}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TV-Fox: {2f17f610-5e97-4fed-828f-9940b7b577a4} - %profile%\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - Ext: Context Search: {902D2C4A-457A-4EF9-AD43-7014562929FF} - %profile%\extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: UnMHT: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0} - %profile%\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\nokia\nokia pc suite 7\bkmrksync
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\FirefoxExtension

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-2-3 15672]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2010-11-19 752128]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-8-19 114768]
R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2010-6-27 102856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-2-7 218688]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2010-11-19 3975088]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-8-19 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-8-19 53328]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2010-8-19 138680]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-6-27 60936]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-1-5 10448]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-3-1 1153368]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2010-12-3 2222376]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2010-11-19 163232]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;d:\portable aplikace\aida64 extreme edition 1.50.1236 beta\software\kerneld.x32 [2011-2-3 28312]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2010-8-19 254040]
R3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\drivers\AVerA706.sys [2009-6-10 1169920]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2010-6-27 79432]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048]
R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [2010-2-24 178913]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2010-10-8 17792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-1 136176]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2010-8-19 352920]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\drivers\AVerBDA3x.sys [2007-8-29 1183744]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 DfSdkS;Defragmentation-Service;c:\program files\ashampoo\ashampoo uninstaller 4\dfsdks.exe --> c:\program files\ashampoo\ashampoo uninstaller 4\DfSdkS.exe [?]
S3 etdrv;etdrv;c:\windows\etdrv.sys [2010-11-4 17488]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\common files\futuremark shared\futuremark systeminfo\FMSISvc.exe [2011-1-5 129440]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2010-11-4 24944]
S3 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2011-1-19 312152]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2010-4-10 266544]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2009-7-14 20992]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-10-8 27192]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2010-3-11 25088]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\drivers\vpcuxd.sys [2011-1-6 12800]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-1-6 1343400]
S3 wxpSvc;webcamXP Service;c:\program files\wlite\wService.exe [2010-5-2 5027328]
S4 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-3-25 490280]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]

=============== Created Last 30 ================

2011-02-07 14:09:02 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-07 14:08:47 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-02-07 14:08:45 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-02-07 13:54:07 -------- d-----w- c:\users\jirka\appdata\local\{BEB69B3D-5833-4825-93D7-235E9D519EA3}
2011-02-07 13:53:53 -------- d-----w- c:\users\jirka\appdata\roaming\Windows Live Writer
2011-02-07 13:53:53 -------- d-----w- c:\users\jirka\appdata\local\Windows Live Writer
2011-02-07 13:53:03 -------- d-----w- c:\windows\en
2011-02-07 13:52:16 -------- d-----w- c:\windows\cs
2011-02-07 12:43:19 -------- d-----w- c:\users\jirka\appdata\local\Apple
2011-02-06 01:31:12 -------- d-----w- c:\users\jirka\appdata\local\Adobe
2011-02-05 09:16:02 -------- d-----w- c:\users\jirka\appdata\local\Secunia PSI
2011-02-05 09:15:55 -------- d-----w- c:\program files\Secunia
2011-02-05 00:07:58 -------- d-sh--r- C:\bootwiz
2011-02-04 23:35:08 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{5b7cf2f4-de89-4164-b227-0c06de577648}\mpengine.dll
2011-02-03 14:01:57 -------- d-----w- c:\program files\NirSoft
2011-02-03 11:30:04 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2011-02-03 11:30:04 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2011-02-03 11:30:04 -------- d-----w- c:\program files\MyDefrag v4.3.1
2011-02-03 11:21:29 -------- d-----w- c:\users\jirka\appdata\roaming\Smart PC Solutions
2011-02-03 11:21:06 -------- d-----w- c:\program files\Smart PC Solutions
2011-02-03 08:48:17 -------- d-----w- c:\program files\AkelPad
2011-02-03 01:35:14 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-02-03 01:35:14 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-02-02 14:00:52 -------- d-----w- c:\users\jirka\appdata\roaming\Xilisoft
2011-02-02 13:59:12 -------- d-----w- c:\program files\Xilisoft
2011-02-01 01:54:54 312320 ----a-w- c:\windows\system32\proppage.dll
2011-02-01 01:54:54 11264 ----a-w- c:\windows\system32\MMShellHook.dll
2011-02-01 01:54:53 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-02-01 01:54:53 -------- d-----w- c:\users\jirka\appdata\roaming\Media Control
2011-02-01 01:54:53 -------- d-----w- c:\program files\Media Control
2011-01-31 22:26:42 -------- d-----w- c:\program files\iTunes
2011-01-31 22:26:42 -------- d-----w- c:\program files\iPod
2011-01-31 22:25:27 -------- d-----w- c:\program files\Bonjour
2011-01-31 01:01:36 -------- d-----w- c:\users\jirka\appdata\roaming\VOS
2011-01-31 00:46:06 -------- d-----w- c:\windows\XSxS
2011-01-31 00:44:13 -------- d-----w- c:\users\jirka\appdata\local\Thinstall
2011-01-31 00:11:26 -------- d-----w- c:\users\jirka\appdata\local\Hardcoded Software
2011-01-31 00:11:15 -------- d-----w- c:\program files\Hardcoded Software
2011-01-28 05:44:37 -------- d-----w- c:\users\jirka\appdata\roaming\Stardock
2011-01-28 05:44:18 -------- d-----w- c:\users\jirka\appdata\local\PackageAware
2011-01-26 08:49:26 -------- d-----w- c:\program files\MSI Afterburner
2011-01-25 09:51:12 -------- d-----w- c:\windows\$regcmp$
2011-01-25 08:51:38 -------- d-----w- c:\progra~2\Martau
2011-01-25 08:51:36 -------- d-----w- c:\program files\Total Uninstall 5
2011-01-25 02:01:23 -------- d-----w- C:\Documents and Settings
2011-01-24 19:55:53 -------- d-----w- c:\users\jirka\appdata\roaming\2K Sports
2011-01-24 14:39:27 -------- d-----w- c:\progra~2\KONAMI
2011-01-24 14:29:10 -------- d-----w- c:\users\jirka\appdata\roaming\Mikogo
2011-01-24 13:02:27 -------- d-----w- c:\program files\MP3Gain
2011-01-24 11:37:42 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2011-01-24 11:37:42 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2011-01-24 11:37:42 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-24 11:37:42 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-24 11:37:42 319080 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-01-24 11:37:42 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-24 11:37:42 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-24 11:37:42 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2011-01-24 11:37:42 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-24 11:37:42 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-24 11:37:42 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-19 19:06:27 -------- d-----w- c:\users\jirka\appdata\roaming\UseNeXT
2011-01-19 19:06:17 -------- d-----w- c:\program files\UseNeXT
2011-01-19 19:05:14 -------- d-----w- c:\program files\Defraggler
2011-01-19 17:51:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-19 17:51:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-19 17:51:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-17 02:47:41 -------- d-----w- c:\program files\PhotoZoom Pro 4
2011-01-17 00:11:49 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 9
2011-01-11 20:41:59 169064 ----a-w- c:\windows\system32\everest_cpl.cpl
2011-01-11 20:39:03 -------- d-----w- c:\program files\Lavalys
2011-01-11 19:03:14 -------- d-----w- c:\program files\PC Connectivity Solution
2011-01-11 19:02:11 -------- d-----w- c:\progra~2\NokiaInstallerCache
2011-01-11 00:47:00 -------- d-----w- c:\users\jirka\appdata\roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-01-11 00:47:00 -------- d-----w- c:\users\jirka\appdata\roaming\Adobe Mini Bridge CS5
2011-01-10 22:32:50 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-01-10 22:32:50 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-01-10 22:32:11 -------- d-----w- c:\progra~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-10 17:46:09 -------- d-----w- c:\progra~2\Boss Media
2011-01-10 17:46:08 -------- d-----w- c:\users\jirka\appdata\local\Boss Media
2011-01-10 17:32:48 -------- d-----w- c:\users\jirka\appdata\local\IM
2011-01-10 17:32:36 -------- d-----w- c:\progra~2\IncrediMail
2011-01-10 17:32:36 -------- d-----w- c:\progra~2\IM

==================== Find3M ====================

2011-01-25 09:24:43 17488 ----a-w- c:\windows\gdrv.sys
2011-01-24 22:11:25 17488 ----a-w- c:\windows\etdrv.sys
2011-01-05 16:14:10 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-05 16:14:10 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-24 07:45:52 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-11-29 16:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-12 15:13:58 809560 ----a-r- c:\windows\system32\tmpE007.tmp
2010-11-10 01:54:18 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-11-10 01:28:46 301936 ----a-w- c:\windows\WLXPGSS.SCR

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: WDC_WD6401AALS-00L3B2 rev.01.03B01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-4

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: >>UNKNOWN [0x8304A000]<< >>UNKNOWN [0x8D26D000]<< >>UNKNOWN [0x8D25C000]<< >>UNKNOWN [0x8C96B000]<< >>UNKNOWN [0x83013000]<< >>UNKNOWN [0x85D091F8]<<
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x83086458] -> \Device\Harddisk0\DR0[0x86B98740]
\Driver\Disk[0x86B97DD8] -> IRP_MJ_CREATE -> 0x8D27139F
3 [0x8D27159E] -> ntkrnlpa!IofCallDriver[0x83086458] -> [0x86AA5400]
\Driver\ACPI[0x85D7C5F0] -> IRP_MJ_CREATE -> 0x8C9744AA
5 [0x8C9743B2] -> ntkrnlpa!IofCallDriver[0x83086458] -> \Device\Ide\IdeDeviceP2T0L0-2[0x86AA0908]
\Driver\atapi[0x86A91328] -> IRP_MJ_CREATE -> 0x85D091F8
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.

============= FINISH: 17:12:05,04 ===============


GMER

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-07 18:01:31
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 WDC_WD6401AALS-00L3B2 rev.01.03B01
Running: aagmer.exe; Driver: C:\Users\Jirka\AppData\Local\Temp\uwlcypow.sys


---- System - GMER 1.0.15 ----

SSDT 930585E3 ZwLoadDriver
SSDT 930585E8 ZwSetSystemInformation
SSDT 930585A7 ZwTerminateProcess
SSDT 930585A2 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 8308D599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830B1F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 45C 830B996C 4 Bytes [E3, 85, 05, 93]
.text ntkrnlpa.exe!RtlSidHashLookup + 768 830B9C78 4 Bytes CALL D89EA202
.text ntkrnlpa.exe!RtlSidHashLookup + 7B8 830B9CC8 4 Bytes [A7, 85, 05, 93]
.text ntkrnlpa.exe!RtlSidHashLookup + 82C 830B9D3C 4 Bytes [A2, 85, 05, 93]
? System32\Drivers\sppi.sys Systém nemůže nalézt uvedenou cestu. !
.text USBPORT.SYS!DllUnload 9202BCA0 5 Bytes JMP 85D494E0
? C:\Users\Jirka\AppData\Local\Temp\ALSysIO.sys Systém nemůže nalézt uvedený soubor. !
? C:\Users\Jirka\AppData\Local\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8C84B042] \SystemRoot\System32\Drivers\sppi.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8C84B6D6] \SystemRoot\System32\Drivers\sppi.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8C84B800] \SystemRoot\System32\Drivers\sppi.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8C84B13E] \SystemRoot\System32\Drivers\sppi.sys

---- Devices - GMER 1.0.15 ----

Device 85D0B1F8
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice tdrpm273.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \Driver\USBSTOR \Device\0000008f 87C84500
Device \Driver\NetBT \Device\NetBT_Tcpip_{92C1CD9A-9950-4160-AF99-0BCEDA1F4CA2} 86FDF1F8
Device \Driver\volmgr \Device\VolMgrControl 85D071F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd507276
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd507276@001d6ec30d29 0x70 0xA3 0xAF 0x2C ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd507276@727f8b7a6601 0x44 0x80 0xAB 0xF5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x54 0x09 0x4A 0xF4 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0xD3 0x76 0x68 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0xC6 0x01 0x86 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xE7 0x11 0x32 0x52 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd507276 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd507276@001d6ec30d29 0x70 0xA3 0xAF 0x2C ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd507276@727f8b7a6601 0x44 0x80 0xAB 0xF5 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x54 0x09 0x4A 0xF4 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x0E 0xD3 0x76 0x68 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0xC6 0x01 0x86 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xE7 0x11 0x32 0x52 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG12.00.00.01PROFESSIONAL 1668278146EC968E9FB81A89827C6E051A364E755F497832D83F32746AEB372C37E227AECE6E692BB90622DC1E711265010EA2616E67587688227A87BCD7325B33755DBCA4B362FEB12C46666F41C25233C22DC0E50E64F4DE920E59FE7975762C5CB509D0450898FE67FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA2D97226D213B555A9C6AECB7A5D1407A224EF4BB2AFFE5CCCE395D9872A2BFA2E0A2ABDCD1BE8926FC9A087064BEED281C69F029E1549BCF29DF8C529B2F8419375705F6A18E46E6C9E5906B6D81C3000C879E11BA8E219DFC5C4E56163964A14D8E430D226DA594C1D11075D7C1ED16376B8D8F998E5C6B80F795A6C20F1EB52F36AA25004ADC7CCAF306E72EB6CF02800EB5C7F35FEDDD515EA47FE720FBE20693BACA314D475DE2076A4E28514887AF9F4E364F26EB840D341D6BC8A0221883F62477E5E5B5F2A9E73910D4836D5BFDC8BE9D56B8AF939ADF735C1B87633C65EC270088C60C8063D8EA4C75704DC0C053AEDF55B3E84B466DD921BF22A5A4C978FAA5BED973602F301D1D77B49E62B3360F4D8230401582A97A44AD36F40BC9CD37808F548F35E9ED88E7B20E07B1B8B2F8688C86DDA81849C2245182C51F002696790BACD0E10FC7655E1553A6D0E17AF2D7FF
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG14.00.00.01PROFESSIONAL E73102CDA5DB6C955E717EA52E887A53723EC0B68540A1EA9C2CF72AF920DE69AA6D49DF0C47F70AB9CE61A9B4F423D04F789D5944FCAE08770D439A4802BD02F7904520088D1FA9941F9A1F8EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555A6171C11EC38DE3DC038D530D6EB3452767FA4857FD1956491C32F96978F8BB0E5CC7085DB10B57E2A3743AFF7FB136270E04ED40092F1D037391EDAAA7C6C2DC69785A0583A355EE234545A6A90357E4E1E5F8CEC14721496CDCA0991C2D559B7453A847324B11B8D383E34B2039C210FD31807DCB42326E382D563256E4169C455AD7B6BAA2FC1A867B7AE1623FE4C4666717E3AD205A4699C920E96101CB20A8CAF34D5B02B01C6A5B0232E4304A89D7D9495C5528ED0032208926ABB4A2EBA75C3419C9B932A119D494C6AB947835183614F8F99A78DA2E072DEF58B9F7B1DDCA41A7CD34CB5C03ED84989E0D9CAB1A7691400962D664E6740C4E79A67DA0C53BC9604C7ABBEA639671DA498BE14A25E723150B671861F8B95783E0B5F33F42EAE771AE87C03248432AF24C2ED969CDCF8D512EEB6BFC1644B944D01B98DD9074C5DF62EFEE5B3592B4C44C5532DAA9EA8172536B986784E6A95BB241C19D1BA2050278FE36E5DB8F822198CD059EE636

---- EOF - GMER 1.0.15 ----

[Reklama]

[memphisto]

Pěkná sbírka, dodej ještě:

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[Juri]

Tady to je:

ComboFix 11-02-06.02 - Jirka 07.02.2011 19:35:14.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.3582.2265 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: IObit Security 360 *Disabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\Jirka\AppData\Roaming\chrtmp
c:\users\Jirka\AppData\Roaming\inst.exe
c:\windows\system32\out.txt
c:\windows\system32\Temp
c:\windows\system32\Temp\DE99B447R3
c:\windows\XSxS

----- BITS: Možné infikované stránky -----

hxxp://apnmedia.ask.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-07 do 2011-02-07 )))))))))))))))))))))))))))))))
.

2011-02-07 18:42 . 2011-02-07 18:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-07 17:47 . 2011-02-07 17:47 -------- d-----w- c:\program files\PicLensIE
2011-02-07 17:45 . 2011-02-07 17:45 -------- d-----w- c:\users\Jirka\AppData\Local\Cooliris
2011-02-07 14:09 . 2011-02-07 14:09 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-07 14:08 . 2011-02-07 14:08 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-02-07 14:08 . 2011-02-07 14:09 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-02-07 13:54 . 2011-02-07 13:54 -------- d-----w- c:\users\Jirka\AppData\Local\{BEB69B3D-5833-4825-93D7-235E9D519EA3}
2011-02-07 13:53 . 2011-02-07 13:54 -------- d-----w- c:\users\Jirka\AppData\Local\Windows Live Writer
2011-02-07 13:53 . 2011-02-07 13:53 -------- d-----w- c:\users\Jirka\AppData\Roaming\Windows Live Writer
2011-02-07 13:53 . 2011-02-07 13:53 -------- d-----w- c:\windows\en
2011-02-07 13:52 . 2011-02-07 13:52 -------- d-----w- c:\windows\cs
2011-02-07 12:43 . 2011-02-07 12:43 -------- d-----w- c:\users\Jirka\AppData\Local\Apple
2011-02-06 01:31 . 2011-02-07 13:15 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2011-02-05 09:16 . 2011-02-05 09:16 -------- d-----w- c:\users\Jirka\AppData\Local\Secunia PSI
2011-02-05 09:15 . 2011-02-05 09:15 -------- d-----w- c:\program files\Secunia
2011-02-05 00:07 . 2011-02-05 01:13 -------- d-----r- C:\bootwiz
2011-02-04 23:38 . 2011-02-04 23:38 -------- d-----w- c:\users\Jirka USER
2011-02-04 23:35 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5B7CF2F4-DE89-4164-B227-0C06DE577648}\mpengine.dll
2011-02-03 14:01 . 2011-02-03 14:01 -------- d-----w- c:\program files\NirSoft
2011-02-03 11:30 . 2011-02-03 22:35 -------- d-----w- c:\program files\MyDefrag v4.3.1
2011-02-03 11:30 . 2010-05-21 11:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2011-02-03 11:30 . 2010-05-21 11:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2011-02-03 11:21 . 2011-02-03 11:21 -------- d-----w- c:\users\Jirka\AppData\Roaming\Smart PC Solutions
2011-02-03 11:21 . 2011-02-03 11:21 -------- d-----w- c:\program files\Smart PC Solutions
2011-02-03 08:48 . 2011-02-03 08:48 -------- d-----w- c:\program files\AkelPad
2011-02-03 01:35 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-02-03 01:35 . 2010-11-26 17:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-02-02 14:00 . 2011-02-02 14:00 -------- d-----w- c:\users\Jirka\AppData\Roaming\Xilisoft
2011-02-02 13:59 . 2011-02-02 13:59 -------- d-----w- c:\program files\Xilisoft
2011-02-01 01:54 . 2010-09-14 13:12 11264 ----a-w- c:\windows\system32\MMShellHook.dll
2011-02-01 01:54 . 2010-02-27 15:34 312320 ----a-w- c:\windows\system32\proppage.dll
2011-02-01 01:54 . 2011-02-01 01:54 -------- d-----w- c:\program files\Media Control
2011-02-01 01:54 . 2011-02-01 01:54 -------- d-----w- c:\users\Jirka\AppData\Roaming\Media Control
2011-02-01 01:54 . 2010-02-27 15:34 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-01-31 22:26 . 2011-01-31 22:27 -------- d-----w- c:\program files\iTunes
2011-01-31 22:26 . 2011-01-31 22:26 -------- d-----w- c:\program files\iPod
2011-01-31 22:25 . 2011-01-31 22:25 -------- d-----w- c:\program files\Bonjour
2011-01-31 22:24 . 2011-01-31 22:25 -------- d-----w- c:\program files\Safari
2011-01-31 01:01 . 2011-01-31 01:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\VOS
2011-01-31 00:44 . 2011-01-31 00:44 -------- d-----w- c:\users\Jirka\AppData\Local\Thinstall
2011-01-31 00:11 . 2011-01-31 00:11 -------- d-----w- c:\users\Jirka\AppData\Local\Hardcoded Software
2011-01-31 00:11 . 2011-01-31 00:11 -------- d-----w- c:\program files\Hardcoded Software
2011-01-28 05:44 . 2011-01-28 05:44 -------- d-----w- c:\users\Jirka\AppData\Roaming\Stardock
2011-01-28 05:44 . 2011-01-28 05:44 -------- d-----w- c:\users\Jirka\AppData\Local\PackageAware
2011-01-26 08:49 . 2011-01-26 08:50 -------- d-----w- c:\program files\MSI Afterburner
2011-01-25 09:51 . 2011-01-25 09:57 -------- d-----w- c:\windows\$regcmp$
2011-01-25 08:51 . 2011-01-25 08:51 -------- d-----w- c:\programdata\Martau
2011-01-25 08:51 . 2011-01-25 08:51 -------- d-----w- c:\program files\Total Uninstall 5
2011-01-25 02:01 . 2011-01-25 02:01 -------- d-----w- C:\Documents and Settings
2011-01-24 19:55 . 2011-01-24 19:55 -------- d-----w- c:\users\Jirka\AppData\Roaming\2K Sports
2011-01-24 14:39 . 2011-01-24 14:39 -------- d-----w- c:\programdata\KONAMI
2011-01-24 14:29 . 2011-01-25 00:29 -------- d-----w- c:\users\Jirka\AppData\Roaming\Mikogo
2011-01-24 13:02 . 2011-01-24 13:06 -------- d-----w- c:\program files\MP3Gain
2011-01-24 11:37 . 2010-10-16 18:55 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2011-01-24 11:37 . 2010-10-16 18:55 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2011-01-24 11:37 . 2010-10-16 18:55 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-24 11:37 . 2010-10-16 18:55 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-24 11:37 . 2010-10-16 18:55 319080 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-01-24 11:37 . 2010-10-16 18:55 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-24 11:37 . 2010-10-16 18:55 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-24 11:37 . 2010-10-16 18:55 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2011-01-24 11:37 . 2010-10-16 18:55 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-24 11:37 . 2010-10-16 18:55 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-24 11:37 . 2010-10-16 18:55 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-19 19:23 . 2011-01-19 19:23 -------- d-----w- C:\rsit
2011-01-19 19:06 . 2011-01-25 01:19 -------- d-----w- c:\users\Jirka\AppData\Roaming\UseNeXT
2011-01-19 19:06 . 2011-01-19 19:06 -------- d-----w- c:\program files\UseNeXT
2011-01-19 19:05 . 2011-02-07 14:10 -------- d-----w- c:\program files\Defraggler
2011-01-19 17:51 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-19 17:51 . 2011-01-19 17:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-19 17:51 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-17 02:47 . 2011-01-17 02:47 -------- d-----w- c:\program files\PhotoZoom Pro 4
2011-01-17 00:11 . 2011-01-17 00:11 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 9
2011-01-11 20:41 . 2010-03-30 23:00 169064 ----a-w- c:\windows\system32\everest_cpl.cpl
2011-01-11 20:39 . 2011-01-11 20:39 -------- d-----w- c:\program files\Lavalys
2011-01-11 19:03 . 2011-01-11 19:03 -------- d-----w- c:\program files\PC Connectivity Solution
2011-01-11 19:02 . 2011-01-11 19:02 -------- d-----w- c:\programdata\NokiaInstallerCache
2011-01-11 00:47 . 2011-01-11 00:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-01-11 00:47 . 2011-01-11 00:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\Adobe Mini Bridge CS5
2011-01-10 22:32 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-01-10 22:32 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-01-10 22:32 . 2011-01-10 22:32 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-10 22:31 . 2011-01-10 22:31 -------- d-----w- c:\program files\Apple Software Update
2011-01-10 17:46 . 2011-01-10 17:46 -------- d-----w- c:\programdata\Boss Media
2011-01-10 17:46 . 2011-01-10 17:46 -------- d-----w- c:\users\Jirka\AppData\Local\Boss Media
2011-01-10 17:32 . 2011-01-10 17:38 -------- d-----w- c:\users\Jirka\AppData\Local\IM
2011-01-10 17:32 . 2011-01-25 00:47 -------- d-----w- c:\programdata\IncrediMail
2011-01-10 17:32 . 2011-01-10 17:33 -------- d-----w- c:\programdata\IM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 09:24 . 2010-11-03 23:02 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2011-01-25 09:24 . 2010-10-28 19:21 17488 ----a-w- c:\windows\gdrv.sys
2011-01-24 22:11 . 2010-11-03 23:03 17488 ----a-w- c:\windows\etdrv.sys
2011-01-05 16:14 . 2010-04-02 23:13 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-05 16:14 . 2010-04-02 23:13 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-04 23:32 . 2011-01-04 23:32 53248 ----a-r- c:\users\Jirka\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-01-04 23:32 . 2010-08-09 17:05 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-24 07:45 . 2010-12-24 07:45 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-19 13:38 . 2010-11-19 13:38 163232 ----a-w- c:\windows\system32\drivers\afcdp.sys
2010-11-19 13:38 . 2010-11-19 13:38 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2010-11-19 13:38 . 2010-11-19 13:38 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-11-19 13:38 . 2010-02-25 10:26 170464 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-11-12 15:13 . 2010-11-12 15:13 809560 ----a-r- c:\windows\system32\tmpE007.tmp
2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-11-10 01:28 . 2010-11-10 01:28 301936 ----a-w- c:\windows\WLXPGSS.SCR
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2010-07-29 05:15 316416 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Core Temp"="c:\portable aplikace\CoreTemp32\Core Temp.exe" [2009-08-05 378384]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"SmartRAM"="c:\users\Jirka\Downloads\iobit_toolbox\Tools\Suo10_SmartRAM.exe" [2010-09-26 817496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2010-07-29 91648]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKLM\~\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
path=c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
backup=c:\windows\pss\Logitech . Registrace produktu.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVI]
2007-07-26 14:05 20480 ----a-w- c:\program files\GIGABYTE\ET6\ETcall.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360]
2010-06-11 17:14 1280344 ----a-w- c:\program files\IObit\IObit Security 360\is360tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowOSD]
2007-01-15 11:56 28672 ----a-w- c:\windows\OSDShow.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SJelite3Launch]
2010-06-28 09:56 180224 ----a-w- c:\users\Jirka\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 136176]
R3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\DRIVERS\AVerBDA3x.sys [2007-08-29 1183744]
R3 cpuz130;cpuz130;c:\users\Jirka\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 cpuz131;cpuz131;c:\users\Jirka\AppData\Local\Temp\cpuz131\cpuz_x32.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo UnInstaller 4\DfSdkS.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-01-24 17488]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-01-03 129440]
R3 GPU-Z;GPU-Z;c:\users\Jirka\AppData\Local\Temp\GPU-Z.sys [x]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [2011-01-25 24944]
R3 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-02-09 3387256]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-06 1343400]
R3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [2010-05-02 5027328]
R4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-24 691696]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-11-19 752128]
S1 aswSP;avast! Self Protection; [x]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2010-06-27 102856]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-07 218688]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-19 3975088]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\Drivers\LBeepKE.sys [2010-08-24 10448]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-11-30 2222376]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-11-19 163232]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;d:\portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\kerneld.x32 [2011-01-26 28312]
S3 ALSysIO;ALSysIO;c:\users\Jirka\AppData\Local\Temp\ALSysIO.sys [x]
S3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\DRIVERS\AVerA706.sys [2009-06-10 1169920]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2010-06-27 79432]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\DRIVERS\V0260Vid.sys [2006-11-03 178913]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - uwlcypow

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 11:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 17:13]

2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 17:13]

2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-459125071-1638264204-2076289922-1000Core.job
- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-23 23:56]

2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-459125071-1638264204-2076289922-1000UA.job
- c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-23 23:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyServer = http=
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\8ix8n3ta.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 9\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Chromifox Extreme: cfxe@Triton - %profile%\extensions\cfxe@Triton
FF - Ext: Chromifox Extreme Carbon: cfxec@Triton - %profile%\extensions\cfxec@Triton
FF - Ext: Chromifox Companion: cfxHelper@Triton - %profile%\extensions\cfxHelper@Triton
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: Ovi maps browser plugin: maps@ovi.com - %profile%\extensions\maps@ovi.com
FF - Ext: Personas Expression: personasexpression@eddiescorpse.private - %profile%\extensions\personasexpression@eddiescorpse.private
FF - Ext: QuickDrag: quickdrag@mozilla.ktechcomputing.com - %profile%\extensions\quickdrag@mozilla.ktechcomputing.com
FF - Ext: Hide IP Easy: support@easy-hideip.com - %profile%\extensions\support@easy-hideip.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
FF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9976D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9976D7E4B3B9}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TV-Fox: {2f17f610-5e97-4fed-828f-9940b7b577a4} - %profile%\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - Ext: Context Search: {902D2C4A-457A-4EF9-AD43-7014562929FF} - %profile%\extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: UnMHT: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0} - %profile%\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: WDC_WD6401AALS-00L3B2 rev.01.03B01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-4

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wxpSvc]
"ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\d:\portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\kerneld.x32"

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="1668278146EC968E9FB81A89827C6E051A364E755F497832D83F32746AEB372C37E227AECE6E692BB90622DC1E711265010EA2616E67587688227A87BCD7325B33755DBCA4B362FEB12C46666F41C25233C22DC0E50E64F4DE920E59FE7975762C5CB509D0450898FE67FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA2D97226D213B555A9C6AECB7A5D1407A224EF4BB2AFFE5CCCE395D9872A2BFA2E0A2ABDCD1BE8926FC9A087064BEED281C69F029E1549BCF29DF8C529B2F8419375705F6A18E46E6C9E5906B6D81C3000C879E11BA8E219DFC5C4E56163964A14D8E430D226DA594C1D11075D7C1ED16376B8D8F998E5C6B80F795A6C20F1EB52F36AA25004ADC7CCAF306E72EB6CF02800EB5C7F35FEDDD515EA47FE720FBE20693BACA314D475DE2076A4E28514887AF9F4E364F26EB840D341D6BC8A0221883F62477E5E5B5F2A9E73910D4836D5BFDC8BE9D56B8AF939ADF735C1B87633C65EC270088C60C8063D8EA4C75704DC0C053AEDF55B3E84B466DD921BF22A5A4C978FAA5BED973602F301D1D77B49E62B3360F4D8230401582A97A44AD36F40BC9CD37808F548F35E9ED88E7B20E07B1B8B2F8688C86DDA81849C2245182C51F002696790BACD0E10FC7655E1553A6D0E17AF2D7FF422433EE6B9C977A25BBFF5C481036BF89659C0B091A4AFCEDA4DEB40BA79B173D82DD3270EDB3EF88BFE8B42235D850DA7E8CFC23381FA645A724E5A007E83B5DFD1B87E0C9B6B45DDC926BC258B3CFA1698CC9E39EE5392E5F8831782D4CB52192C970A7E5245550A1CED5AB5A7E26A0F07FD9355FA35F9BC400F9098185A00F8FDD04B7E4D859B59384127D3D04126CF945D538CB196DB336A26436C666F9B894AF8287C5D59ACA922AF0FD5A6911B2E691777BAA6DE22325F348DFDE4BEA7665956E9BCD5E4C36EA37DE5E2CE035E0FEE8E7A8B716AD8B649D7B51F3AF248C338E3BE5690BCBD2DCAA2617AF339266F52573C81AB09AE4E9862647713A7C4E33553B5B56AEA9D8067CC9D6A434A4DDD86BCFDF274FEF8207F5C25819DEF0D216606C61B42EE87950FDC17D86FC1D1FDC13B6A08ED042F63F57EE70C8FCE30E8A2144919FEB847319A65313F2C1ED7077E050BC0BEC36B63B63802B81E3EE33D864AFB17872F4A27283031693453A643F9FED0EC925F7002C0ABAB7F87AA0032F2A67F53C92CA1E297BA437846C72993B7C20DB396EAA0B2D7B0012B0AF582710BDCD9DAB57E03E28E33F460A2576CE9FB9D778EFE6C83FD02CE825AE8748CB8B6D5741440674AB87780B7EA0FCF244D5292ACC90262C57F8B4716006DEFE0D8A3AB9CB4E01EF38A7D3963B4D4F4A75B89552C0A593B37E8828C0162E0246A"
"OODEFRAG14.00.00.01PROFESSIONAL"="E73102CDA5DB6C955E717EA52E887A53723EC0B68540A1EA9C2CF72AF920DE69AA6D49DF0C47F70AB9CE61A9B4F423D04F789D5944FCAE08770D439A4802BD02F7904520088D1FA9941F9A1F8EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555A6171C11EC38DE3DC038D530D6EB3452767FA4857FD1956491C32F96978F8BB0E5CC7085DB10B57E2A3743AFF7FB136270E04ED40092F1D037391EDAAA7C6C2DC69785A0583A355EE234545A6A90357E4E1E5F8CEC14721496CDCA0991C2D559B7453A847324B11B8D383E34B2039C210FD31807DCB42326E382D563256E4169C455AD7B6BAA2FC1A867B7AE1623FE4C4666717E3AD205A4699C920E96101CB20A8CAF34D5B02B01C6A5B0232E4304A89D7D9495C5528ED0032208926ABB4A2EBA75C3419C9B932A119D494C6AB947835183614F8F99A78DA2E072DEF58B9F7B1DDCA41A7CD34CB5C03ED84989E0D9CAB1A7691400962D664E6740C4E79A67DA0C53BC9604C7ABBEA639671DA498BE14A25E723150B671861F8B95783E0B5F33F42EAE771AE87C03248432AF24C2ED969CDCF8D512EEB6BFC1644B944D01B98DD9074C5DF62EFEE5B3592B4C44C5532DAA9EA8172536B986784E6A95BB241C19D1BA2050278FE36E5DB8F822198CD059EE63666D430924F3966AB35D8723212707E9E5B88B0C55C743E173C40707393E9C2F49B473679944079B1BB17F2C562DB77A0F6759A3EBBF96DC2AAB49A5D3247CC71A2E9753AD59C689483AC6F53D4536163F8D98DDB7CA1FF2DBB26C5F5D76E9B8577EE1D5E838E6A2950755B7CCAD67A8CE41A6C33B7EB7B10119D130854557D0342CD7794A888C949387F72FEE4848634BFC34E16D17516CC081B0967144C624182556CE4197F1D585124C1C811A653D749E45CABAF1EC39F974911437CB510A9B3A0AE83457E21DE25F49C3574EE06CBE6BB4148093A371BDDB53B064D7231C8E9DF5DFF95BC1E5568DB36F34B270715286ACD712A02034D188A57579887CBA73EA72CF61DD83F1401DA86A55B7E08A8D7B2FB2B7E6A162AEAC9172E8A0B208801CA957AB3AB045B474188665740E3EFEB891C72B52FAA383E0EDBA9B882C6C2012191A0CF2E8A67A5D461709A36B55EB90FBBB9B7894E032A0E9E2ECCCE612719194402D2CDAA20D03C9F555A0FEDD4D3A6A38AC0FE8C84D4A0787AD9DF1E8454343F5ABAECC8B9C788EFE537063A74FCEAFE9F4F0074E21A19BC5224C722325339FEA98E618F28CB3541303364649D24DEE847F1D13A52ACD51C00154203948517750F8E62A31F20CAF1854BD691A6A98213DCA36C24B9ADAA4A0764FC66520F26E6145E283E39D4108F4AF74A43961F5134C4B83E3FA57B7E70E24FC48A64D"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-02-07 19:44:47
ComboFix-quarantined-files.txt 2011-02-07 18:44

Před spuštěním: Volných bajtů: 91 316 342 784
Po spuštění: Volných bajtů: 90 849 263 616

- - End Of File - - E2E4669A3AF809DE42EA5B886A606565

[memphisto]

Máš tam IOBIT 360 a AVAST. IOBIT smažeme?

[Juri]

IOBIT odinstaluju..další postup?

[memphisto]

hned ti sem dodám skript. Odinstaluj ten IOBIT a Spybot. Máš tam toho požehnaně

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\program files\DAEMON Tools Toolbar
c:\program files\Avira

DirLook::
c:\users\Jirka\AppData\Local\{BEB69B3D-5833-4825-93D7-235E9D519EA3}
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
c:\users\Jirka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

File::
c:\windows\system32\tmpE007.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-459125071-1638264204-2076289922-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-459125071-1638264204-2076289922-1000UA.job


Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=-
"EnableUIADesktopToggle"=-

DDS::
uInternet Settings,ProxyServer = http=
uInternet Settings,ProxyOverride = *.local

Firefox::
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\8ix8n3ta.default\
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Juri]

Během čištění použitím toho scriptu a Comba se mi dvakrát restertoval PC ...po prvním dále ComboFix pracoval, po druhém už najely normálně Windows a bylo po akci..
Co je ale hlavní, nejede mě net ...teď píšu z WinXP. kde by mohl být zakopanej pes? Začínám z toho být docela nervozní. Díky.

[memphisto]

Na internet se teď vykašleme. Ten zprovozníme později. První to musíme vyčistit. PC je v otřesném stavu, máš tam pozůstatky po předchozích antivirech (ESET, Avira,....). Podívej se do C:/Combofix jestli tam není log z CF a jestli je tam i ten s provedeným skriptem. Potřebuji vědět, co se již smazalo a co ne. Pokud nikde nic nebude, tak udělej sken pomocí Combofixu bez skriptu (pouze spustíš).

[Juri]

Tak jsem zase tu..

ComboFix 11-02-06.02 - Jirka 07.02.2011 22:54:44.5.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.3582.2559 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: avast! antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2011-01-07 do 2011-02-07 )))))))))))))))))))))))))))))))
.

2011-02-07 22:01 . 2011-02-07 22:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-07 21:36 . 2011-02-07 22:01 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2011-02-07 17:47 . 2011-02-07 17:47 -------- d-----w- c:\program files\PicLensIE
2011-02-07 17:45 . 2011-02-07 18:45 -------- d-----w- c:\users\Jirka\AppData\Local\Cooliris
2011-02-07 14:09 . 2011-02-07 14:09 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-07 14:08 . 2011-02-07 14:09 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-02-07 13:54 . 2011-02-07 13:54 -------- d-----w- c:\users\Jirka\AppData\Local\{BEB69B3D-5833-4825-93D7-235E9D519EA3}
2011-02-07 13:53 . 2011-02-07 13:54 -------- d-----w- c:\users\Jirka\AppData\Local\Windows Live Writer
2011-02-07 13:53 . 2011-02-07 13:53 -------- d-----w- c:\users\Jirka\AppData\Roaming\Windows Live Writer
2011-02-07 13:53 . 2011-02-07 13:53 -------- d-----w- c:\windows\en
2011-02-07 13:52 . 2011-02-07 13:52 -------- d-----w- c:\windows\cs
2011-02-07 12:43 . 2011-02-07 12:43 -------- d-----w- c:\users\Jirka\AppData\Local\Apple
2011-02-06 01:31 . 2011-02-07 13:15 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2011-02-05 09:16 . 2011-02-05 09:16 -------- d-----w- c:\users\Jirka\AppData\Local\Secunia PSI
2011-02-05 09:15 . 2011-02-05 09:15 -------- d-----w- c:\program files\Secunia
2011-02-05 00:07 . 2011-02-05 01:13 -------- d-----r- C:\bootwiz
2011-02-04 23:38 . 2011-02-04 23:38 -------- d-----w- c:\users\Jirka USER
2011-02-04 23:35 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5B7CF2F4-DE89-4164-B227-0C06DE577648}\mpengine.dll
2011-02-03 14:01 . 2011-02-03 14:01 -------- d-----w- c:\program files\NirSoft
2011-02-03 11:30 . 2011-02-03 22:35 -------- d-----w- c:\program files\MyDefrag v4.3.1
2011-02-03 11:30 . 2010-05-21 11:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2011-02-03 11:30 . 2010-05-21 11:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2011-02-03 11:21 . 2011-02-03 11:21 -------- d-----w- c:\users\Jirka\AppData\Roaming\Smart PC Solutions
2011-02-03 11:21 . 2011-02-03 11:21 -------- d-----w- c:\program files\Smart PC Solutions
2011-02-03 08:48 . 2011-02-03 08:48 -------- d-----w- c:\program files\AkelPad
2011-02-03 01:35 . 2010-12-13 16:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-02-03 01:35 . 2010-11-26 17:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-02-02 14:00 . 2011-02-02 14:00 -------- d-----w- c:\users\Jirka\AppData\Roaming\Xilisoft
2011-02-02 13:59 . 2011-02-02 13:59 -------- d-----w- c:\program files\Xilisoft
2011-02-01 01:54 . 2010-09-14 13:12 11264 ----a-w- c:\windows\system32\MMShellHook.dll
2011-02-01 01:54 . 2010-02-27 15:34 312320 ----a-w- c:\windows\system32\proppage.dll
2011-02-01 01:54 . 2011-02-01 01:54 -------- d-----w- c:\program files\Media Control
2011-02-01 01:54 . 2011-02-01 01:54 -------- d-----w- c:\users\Jirka\AppData\Roaming\Media Control
2011-02-01 01:54 . 2010-02-27 15:34 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-01-31 22:26 . 2011-01-31 22:27 -------- d-----w- c:\program files\iTunes
2011-01-31 22:26 . 2011-01-31 22:26 -------- d-----w- c:\program files\iPod
2011-01-31 22:25 . 2011-01-31 22:25 -------- d-----w- c:\program files\Bonjour
2011-01-31 22:24 . 2011-01-31 22:25 -------- d-----w- c:\program files\Safari
2011-01-31 01:01 . 2011-01-31 01:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\VOS
2011-01-31 00:44 . 2011-01-31 00:44 -------- d-----w- c:\users\Jirka\AppData\Local\Thinstall
2011-01-31 00:11 . 2011-01-31 00:11 -------- d-----w- c:\users\Jirka\AppData\Local\Hardcoded Software
2011-01-31 00:11 . 2011-01-31 00:11 -------- d-----w- c:\program files\Hardcoded Software
2011-01-28 05:44 . 2011-01-28 05:44 -------- d-----w- c:\users\Jirka\AppData\Roaming\Stardock
2011-01-28 05:44 . 2011-01-28 05:44 -------- d-----w- c:\users\Jirka\AppData\Local\PackageAware
2011-01-26 08:49 . 2011-01-26 08:50 -------- d-----w- c:\program files\MSI Afterburner
2011-01-25 09:51 . 2011-01-25 09:57 -------- d-----w- c:\windows\$regcmp$
2011-01-25 08:51 . 2011-01-25 08:51 -------- d-----w- c:\programdata\Martau
2011-01-25 08:51 . 2011-01-25 08:51 -------- d-----w- c:\program files\Total Uninstall 5
2011-01-25 02:01 . 2011-01-25 02:01 -------- d-----w- C:\Documents and Settings
2011-01-24 19:55 . 2011-01-24 19:55 -------- d-----w- c:\users\Jirka\AppData\Roaming\2K Sports
2011-01-24 14:39 . 2011-01-24 14:39 -------- d-----w- c:\programdata\KONAMI
2011-01-24 14:29 . 2011-01-25 00:29 -------- d-----w- c:\users\Jirka\AppData\Roaming\Mikogo
2011-01-24 13:02 . 2011-01-24 13:06 -------- d-----w- c:\program files\MP3Gain
2011-01-24 11:37 . 2010-10-16 18:55 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2011-01-24 11:37 . 2010-10-16 18:55 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2011-01-24 11:37 . 2010-10-16 18:55 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-24 11:37 . 2010-10-16 18:55 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-24 11:37 . 2010-10-16 18:55 319080 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-01-24 11:37 . 2010-10-16 18:55 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-24 11:37 . 2010-10-16 18:55 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-24 11:37 . 2010-10-16 18:55 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2011-01-24 11:37 . 2010-10-16 18:55 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-24 11:37 . 2010-10-16 18:55 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-24 11:37 . 2010-10-16 18:55 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-19 19:23 . 2011-01-19 19:23 -------- d-----w- C:\rsit
2011-01-19 19:06 . 2011-01-25 01:19 -------- d-----w- c:\users\Jirka\AppData\Roaming\UseNeXT
2011-01-19 19:06 . 2011-01-19 19:06 -------- d-----w- c:\program files\UseNeXT
2011-01-19 19:05 . 2011-02-07 14:10 -------- d-----w- c:\program files\Defraggler
2011-01-19 17:51 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-19 17:51 . 2011-01-19 17:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-19 17:51 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-17 02:47 . 2011-01-17 02:47 -------- d-----w- c:\program files\PhotoZoom Pro 4
2011-01-17 00:11 . 2011-01-17 00:11 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 9
2011-01-11 20:41 . 2010-03-30 23:00 169064 ----a-w- c:\windows\system32\everest_cpl.cpl
2011-01-11 20:39 . 2011-01-11 20:39 -------- d-----w- c:\program files\Lavalys
2011-01-11 19:03 . 2011-01-11 19:03 -------- d-----w- c:\program files\PC Connectivity Solution
2011-01-11 19:02 . 2011-01-11 19:02 -------- d-----w- c:\programdata\NokiaInstallerCache
2011-01-11 00:47 . 2011-01-11 00:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-01-11 00:47 . 2011-01-11 00:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\Adobe Mini Bridge CS5
2011-01-10 22:32 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-01-10 22:32 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-01-10 22:32 . 2011-01-10 22:32 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-10 22:31 . 2011-01-10 22:31 -------- d-----w- c:\program files\Apple Software Update
2011-01-10 17:46 . 2011-01-10 17:46 -------- d-----w- c:\programdata\Boss Media
2011-01-10 17:46 . 2011-01-10 17:46 -------- d-----w- c:\users\Jirka\AppData\Local\Boss Media
2011-01-10 17:32 . 2011-01-10 17:38 -------- d-----w- c:\users\Jirka\AppData\Local\IM
2011-01-10 17:32 . 2011-01-25 00:47 -------- d-----w- c:\programdata\IncrediMail
2011-01-10 17:32 . 2011-01-10 17:33 -------- d-----w- c:\programdata\IM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 09:24 . 2010-11-03 23:02 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2011-01-25 09:24 . 2010-10-28 19:21 17488 ----a-w- c:\windows\gdrv.sys
2011-01-24 22:11 . 2010-11-03 23:03 17488 ----a-w- c:\windows\etdrv.sys
2011-01-05 16:14 . 2010-04-02 23:13 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-05 16:14 . 2010-04-02 23:13 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-04 23:32 . 2011-01-04 23:32 53248 ----a-r- c:\users\Jirka\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-01-04 23:32 . 2010-08-09 17:05 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-24 07:45 . 2010-12-24 07:45 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-19 13:38 . 2010-11-19 13:38 163232 ----a-w- c:\windows\system32\drivers\afcdp.sys
2010-11-19 13:38 . 2010-11-19 13:38 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2010-11-19 13:38 . 2010-11-19 13:38 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-11-19 13:38 . 2010-02-25 10:26 170464 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-11-10 01:28 . 2010-11-10 01:28 301936 ----a-w- c:\windows\WLXPGSS.SCR
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2010-07-29 05:15 316416 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Core Temp"="c:\portable aplikace\CoreTemp32\Core Temp.exe" [2009-08-05 378384]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"SmartRAM"="c:\users\Jirka\Downloads\iobit_toolbox\Tools\Suo10_SmartRAM.exe" [2010-09-26 817496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2010-07-29 91648]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKLM\~\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
path=c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
backup=c:\windows\pss\Logitech . Registrace produktu.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVI]
2007-07-26 14:05 20480 ----a-w- c:\program files\GIGABYTE\ET6\ETcall.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360]
c:\program files\IObit\IObit Security 360\IS360tray.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowOSD]
2007-01-15 11:56 28672 ----a-w- c:\windows\OSDShow.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SJelite3Launch]
2010-06-28 09:56 180224 ----a-w- c:\users\Jirka\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-24 691696]
R1 aswSP;avast! Self Protection; [x]
R1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2010-06-27 102856]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-19 3975088]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 136176]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\Drivers\LBeepKE.sys [2010-08-24 10448]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
R2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-11-30 2222376]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-11-19 163232]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;d:\portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\kerneld.x32 [2011-01-26 28312]
R3 ALSysIO;ALSysIO;c:\users\Jirka\AppData\Local\Temp\ALSysIO.sys [x]
R3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\DRIVERS\AVerA706.sys [2009-06-10 1169920]
R3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\DRIVERS\AVerBDA3x.sys [2007-08-29 1183744]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2010-06-27 79432]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 cpuz130;cpuz130;c:\users\Jirka\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 cpuz131;cpuz131;c:\users\Jirka\AppData\Local\Temp\cpuz131\cpuz_x32.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo UnInstaller 4\DfSdkS.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-01-24 17488]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-01-03 129440]
R3 GPU-Z;GPU-Z;c:\users\Jirka\AppData\Local\Temp\GPU-Z.sys [x]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [2011-01-25 24944]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-02-09 3387256]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 V0260VID;Live! Cam Vista IM;c:\windows\system32\DRIVERS\V0260Vid.sys [2006-11-03 178913]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
R3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-06 1343400]
R3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [2010-05-02 5027328]
R4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-11-19 752128]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-07 218688]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 11:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\8ix8n3ta.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 9\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Chromifox Extreme: cfxe@Triton - %profile%\extensions\cfxe@Triton
FF - Ext: Chromifox Extreme Carbon: cfxec@Triton - %profile%\extensions\cfxec@Triton
FF - Ext: Chromifox Companion: cfxHelper@Triton - %profile%\extensions\cfxHelper@Triton
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: Ovi maps browser plugin: maps@ovi.com - %profile%\extensions\maps@ovi.com
FF - Ext: Personas Expression: personasexpression@eddiescorpse.private - %profile%\extensions\personasexpression@eddiescorpse.private
FF - Ext: QuickDrag: quickdrag@mozilla.ktechcomputing.com - %profile%\extensions\quickdrag@mozilla.ktechcomputing.com
FF - Ext: Hide IP Easy: support@easy-hideip.com - %profile%\extensions\support@easy-hideip.com
FF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
FF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9976D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9976D7E4B3B9}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TV-Fox: {2f17f610-5e97-4fed-828f-9940b7b577a4} - %profile%\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
FF - Ext: ReloadEvery: {888d99e7-e8b5-46a3-851e-1ec45da1e644} - %profile%\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
FF - Ext: Context Search: {902D2C4A-457A-4EF9-AD43-7014562929FF} - %profile%\extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: UnMHT: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0} - %profile%\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension

.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-RunOnce-<NO NAME> - (no file)



**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: WDC_WD6401AALS-00L3B2 rev.01.03B01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-5

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wxpSvc]
"ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\d:\portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\kerneld.x32"

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="1668278146EC968E9FB81A89827C6E051A364E755F497832D83F32746AEB372C37E227AECE6E692BB90622DC1E711265010EA2616E67587688227A87BCD7325B33755DBCA4B362FEB12C46666F41C25233C22DC0E50E64F4DE920E59FE7975762C5CB509D0450898FE67FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA2D97226D213B555A9C6AECB7A5D1407A224EF4BB2AFFE5CCCE395D9872A2BFA2E0A2ABDCD1BE8926FC9A087064BEED281C69F029E1549BCF29DF8C529B2F8419375705F6A18E46E6C9E5906B6D81C3000C879E11BA8E219DFC5C4E56163964A14D8E430D226DA594C1D11075D7C1ED16376B8D8F998E5C6B80F795A6C20F1EB52F36AA25004ADC7CCAF306E72EB6CF02800EB5C7F35FEDDD515EA47FE720FBE20693BACA314D475DE2076A4E28514887AF9F4E364F26EB840D341D6BC8A0221883F62477E5E5B5F2A9E73910D4836D5BFDC8BE9D56B8AF939ADF735C1B87633C65EC270088C60C8063D8EA4C75704DC0C053AEDF55B3E84B466DD921BF22A5A4C978FAA5BED973602F301D1D77B49E62B3360F4D8230401582A97A44AD36F40BC9CD37808F548F35E9ED88E7B20E07B1B8B2F8688C86DDA81849C2245182C51F002696790BACD0E10FC7655E1553A6D0E17AF2D7FF422433EE6B9C977A25BBFF5C481036BF89659C0B091A4AFCEDA4DEB40BA79B173D82DD3270EDB3EF88BFE8B42235D850DA7E8CFC23381FA645A724E5A007E83B5DFD1B87E0C9B6B45DDC926BC258B3CFA1698CC9E39EE5392E5F8831782D4CB52192C970A7E5245550A1CED5AB5A7E26A0F07FD9355FA35F9BC400F9098185A00F8FDD04B7E4D859B59384127D3D04126CF945D538CB196DB336A26436C666F9B894AF8287C5D59ACA922AF0FD5A6911B2E691777BAA6DE22325F348DFDE4BEA7665956E9BCD5E4C36EA37DE5E2CE035E0FEE8E7A8B716AD8B649D7B51F3AF248C338E3BE5690BCBD2DCAA2617AF339266F52573C81AB09AE4E9862647713A7C4E33553B5B56AEA9D8067CC9D6A434A4DDD86BCFDF274FEF8207F5C25819DEF0D216606C61B42EE87950FDC17D86FC1D1FDC13B6A08ED042F63F57EE70C8FCE30E8A2144919FEB847319A65313F2C1ED7077E050BC0BEC36B63B63802B81E3EE33D864AFB17872F4A27283031693453A643F9FED0EC925F7002C0ABAB7F87AA0032F2A67F53C92CA1E297BA437846C72993B7C20DB396EAA0B2D7B0012B0AF582710BDCD9DAB57E03E28E33F460A2576CE9FB9D778EFE6C83FD02CE825AE8748CB8B6D5741440674AB87780B7EA0FCF244D5292ACC90262C57F8B4716006DEFE0D8A3AB9CB4E01EF38A7D3963B4D4F4A75B89552C0A593B37E8828C0162E0246A"
"OODEFRAG14.00.00.01PROFESSIONAL"="E73102CDA5DB6C955E717EA52E887A53723EC0B68540A1EA9C2CF72AF920DE69AA6D49DF0C47F70AB9CE61A9B4F423D04F789D5944FCAE08770D439A4802BD02F7904520088D1FA9941F9A1F8EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555A6171C11EC38DE3DC038D530D6EB3452767FA4857FD1956491C32F96978F8BB0E5CC7085DB10B57E2A3743AFF7FB136270E04ED40092F1D037391EDAAA7C6C2DC69785A0583A355EE234545A6A90357E4E1E5F8CEC14721496CDCA0991C2D559B7453A847324B11B8D383E34B2039C210FD31807DCB42326E382D563256E4169C455AD7B6BAA2FC1A867B7AE1623FE4C4666717E3AD205A4699C920E96101CB20A8CAF34D5B02B01C6A5B0232E4304A89D7D9495C5528ED0032208926ABB4A2EBA75C3419C9B932A119D494C6AB947835183614F8F99A78DA2E072DEF58B9F7B1DDCA41A7CD34CB5C03ED84989E0D9CAB1A7691400962D664E6740C4E79A67DA0C53BC9604C7ABBEA639671DA498BE14A25E723150B671861F8B95783E0B5F33F42EAE771AE87C03248432AF24C2ED969CDCF8D512EEB6BFC1644B944D01B98DD9074C5DF62EFEE5B3592B4C44C5532DAA9EA8172536B986784E6A95BB241C19D1BA2050278FE36E5DB8F822198CD059EE63666D430924F3966AB35D8723212707E9E5B88B0C55C743E173C40707393E9C2F49B473679944079B1BB17F2C562DB77A0F6759A3EBBF96DC2AAB49A5D3247CC71A2E9753AD59C689483AC6F53D4536163F8D98DDB7CA1FF2DBB26C5F5D76E9B8577EE1D5E838E6A2950755B7CCAD67A8CE41A6C33B7EB7B10119D130854557D0342CD7794A888C949387F72FEE4848634BFC34E16D17516CC081B0967144C624182556CE4197F1D585124C1C811A653D749E45CABAF1EC39F974911437CB510A9B3A0AE83457E21DE25F49C3574EE06CBE6BB4148093A371BDDB53B064D7231C8E9DF5DFF95BC1E5568DB36F34B270715286ACD712A02034D188A57579887CBA73EA72CF61DD83F1401DA86A55B7E08A8D7B2FB2B7E6A162AEAC9172E8A0B208801CA957AB3AB045B474188665740E3EFEB891C72B52FAA383E0EDBA9B882C6C2012191A0CF2E8A67A5D461709A36B55EB90FBBB9B7894E032A0E9E2ECCCE612719194402D2CDAA20D03C9F555A0FEDD4D3A6A38AC0FE8C84D4A0787AD9DF1E8454343F5ABAECC8B9C788EFE537063A74FCEAFE9F4F0074E21A19BC5224C722325339FEA98E618F28CB3541303364649D24DEE847F1D13A52ACD51C00154203948517750F8E62A31F20CAF1854BD691A6A98213DCA36C24B9ADAA4A0764FC66520F26E6145E283E39D4108F4AF74A43961F5134C4B83E3FA57B7E70E24FC48A64D"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(848)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
Celkový čas: 2011-02-07 23:02:51
ComboFix-quarantined-files.txt 2011-02-07 22:02
ComboFix2.txt 2011-02-07 21:42
ComboFix3.txt 2011-02-07 18:44

Před spuštěním: Volných bajtů: 98 115 465 216
Po spuštění: Volných bajtů: 97 926 275 072

- - End Of File - - DE29225CFBE8E1308EBAE1BB717831D1

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
DirLook::
c:\users\Jirka\AppData\Local\{BEB69B3D-5833-4825-93D7-235E9D519EA3}
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

File::
c:\windows\system32\SmartDefragBootTime.exe
c:\windows\system32\drivers\SmartDefragDriver.sys
c:\windows\system32\DRIVERS\avfwot.sys
d:\portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\kerneld.x32
c:\users\Jirka\AppData\Local\Temp\ALSysIO.sys
c:\windows\system32\DRIVERS\avfwim.sys
c:\users\Jirka\AppData\Local\Temp\cpuz130\cpuz_x32.sys
c:\users\Jirka\AppData\Local\Temp\cpuz131\cpuz_x32.sys
c:\windows\TEMP\cpuz135\cpuz135_x32.sys
c:\users\Jirka\AppData\Local\Temp\GPU-Z.sys
c:\windows\system32\GameMon.des

Folder::
c:\program files\IObit
c:\program files\Spybot - Search & Destroy

Driver::
SmartDefragDriver
avfwot
SBSDWSCService
AIDA64Driver
ALSysIO
avfwim
cpuz130
cpuz131
cpuz135
GPU-Z
npggsvc

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360]
[-HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"=-

DDS::
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Juri]

Zdravím, tak tady je ten log po použití scriptu...bohužel zase nešlo spustit v normálním režimu..je to celý nějaký podělaný

Nevleze mě sem celej ten log ....druhá část od ((((((((((((((((((((((((((( Spouštěcí body v registru ))))))))))))))))))))))))) v druhé odpovědi.

ComboFix 11-02-06.02 - Jirka 08.02.2011 12:10:34.6.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.3582.2782 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: COMODO Antivirus *Enabled/Outdated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ *Enabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení

FILE ::
"c:\users\Jirka\AppData\Local\Temp\ALSysIO.sys"
"c:\users\Jirka\AppData\Local\Temp\cpuz130\cpuz_x32.sys"
"c:\users\Jirka\AppData\Local\Temp\cpuz131\cpuz_x32.sys"
"c:\users\Jirka\AppData\Local\Temp\GPU-Z.sys"
"c:\windows\system32\DRIVERS\avfwim.sys"
"c:\windows\system32\DRIVERS\avfwot.sys"
"c:\windows\system32\drivers\SmartDefragDriver.sys"
"c:\windows\system32\GameMon.des"
"c:\windows\system32\SmartDefragBootTime.exe"
"c:\windows\TEMP\cpuz135\cpuz135_x32.sys"
"d:\portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\kerneld.x32"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 3\AutoCare.exe
c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe
c:\program files\IObit\Advanced SystemCare 3\AWC.exe
c:\program files\IObit\Advanced SystemCare 3\AWC.exe.bak
c:\program files\IObit\Advanced SystemCare 3\AWCInit.exe
c:\program files\IObit\Advanced SystemCare 3\AwcSchedule.dll
c:\program files\IObit\Advanced SystemCare 3\ContextMenu.exe
c:\program files\IObit\Advanced SystemCare 3\CookiesBK.pln
c:\program files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl
c:\program files\IObit\Advanced SystemCare 3\Def.dbd
c:\program files\IObit\Advanced SystemCare 3\DiskMap.dll
c:\program files\IObit\Advanced SystemCare 3\Error_Log.txt
c:\program files\IObit\Advanced SystemCare 3\ESR.exe
c:\program files\IObit\Advanced SystemCare 3\EULA.rtf
c:\program files\IObit\Advanced SystemCare 3\FFSweep.dll
c:\program files\IObit\Advanced SystemCare 3\FileSweep.dll
c:\program files\IObit\Advanced SystemCare 3\Help.html
c:\program files\IObit\Advanced SystemCare 3\chkdskback.exe
c:\program files\IObit\Advanced SystemCare 3\IEFavBK.pln
c:\program files\IObit\Advanced SystemCare 3\Images\care.png
c:\program files\IObit\Advanced SystemCare 3\Images\ds.png
c:\program files\IObit\Advanced SystemCare 3\Images\home.png
c:\program files\IObit\Advanced SystemCare 3\Images\mw.png
c:\program files\IObit\Advanced SystemCare 3\Images\tips.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\tips2.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\ut.png
c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe
c:\program files\IObit\Advanced SystemCare 3\Language\Albanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Brasil.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Czech.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dansk.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dutch.lng
c:\program files\IObit\Advanced SystemCare 3\Language\English.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Finnish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\French.lng
c:\program files\IObit\Advanced SystemCare 3\Language\German.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hebrew.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hungarian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseSimp.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseTrad.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Italiano.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Japanese.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Korean.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Persian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Polish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Polish_Def.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Romanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Russian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Spanish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Srpski.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Svenska.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Swedish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Turkish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Ukrainian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Valencian.lng
c:\program files\IObit\Advanced SystemCare 3\License.dat
c:\program files\IObit\Advanced SystemCare 3\News\bnews.html
c:\program files\IObit\Advanced SystemCare 3\News\Css\bstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\Css\wstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\wnews.html
c:\program files\IObit\Advanced SystemCare 3\NtfsData.dll
c:\program files\IObit\Advanced SystemCare 3\RegeditBK.pln
c:\program files\IObit\Advanced SystemCare 3\Registration.exe
c:\program files\IObit\Advanced SystemCare 3\Registration.exe.bak
c:\program files\IObit\Advanced SystemCare 3\Routine.dll
c:\program files\IObit\Advanced SystemCare 3\rtl70.bpl
c:\program files\IObit\Advanced SystemCare 3\services.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_BottomLine.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\sqlite3.dll
c:\program files\IObit\Advanced SystemCare 3\STFix.dll
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskCleaner.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskDoctor.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_FileShredder.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_GameBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_InternetBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_IS360.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ISD.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_RegistryDefrag.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ShortcutsFixer.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_DriverBackUp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_PIeHelp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemBackup.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemFileScan.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_AutoShutDown.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ClonedFilesFinder.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ContextManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_DiskExplorer.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_RestoreCenter.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstaller.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_StartUpManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SysInfo.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_WinManager.exe
c:\program files\IObit\Advanced SystemCare 3\TBconfig.ini
c:\program files\IObit\Advanced SystemCare 3\TurboBoost.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.dat
c:\program files\IObit\Advanced SystemCare 3\unins000.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.msg
c:\program files\IObit\Advanced SystemCare 3\Update History.txt
c:\program files\IObit\Advanced SystemCare 3\Update\awc3check.upt
c:\program files\IObit\Advanced SystemCare 3\vcl70.bpl
c:\program files\IObit\Advanced SystemCare 3\vclx70.bpl
c:\program files\IObit\Advanced SystemCare 3\winSkinD7R.bpl
c:\program files\IObit\Advanced SystemCare 3\Wizard.exe
c:\program files\IObit\Game Booster\AutoUpdate.exe
c:\program files\IObit\Game Booster\bookmarks.exe
c:\program files\IObit\Game Booster\Boost.exe
c:\program files\IObit\Game Booster\fav.ico
c:\program files\IObit\Game Booster\GameBooster.exe
c:\program files\IObit\Game Booster\GB_FreeSoftwareDownloader.exe
c:\program files\IObit\Game Booster\gbinit.exe
c:\program files\IObit\Game Booster\gbtray.exe
c:\program files\IObit\Game Booster\Language\Arabic.lng
c:\program files\IObit\Game Booster\Language\Catalan.lng
c:\program files\IObit\Game Booster\Language\Croatian.lng
c:\program files\IObit\Game Booster\Language\Czech.lng
c:\program files\IObit\Game Booster\Language\Dansk.lng
c:\program files\IObit\Game Booster\Language\Dutch.lng
c:\program files\IObit\Game Booster\Language\English.lng
c:\program files\IObit\Game Booster\Language\Finnish.lng
c:\program files\IObit\Game Booster\Language\French.lng
c:\program files\IObit\Game Booster\Language\German.lng
c:\program files\IObit\Game Booster\Language\Hungarian.lng
c:\program files\IObit\Game Booster\Language\ChineseSimp.lng
c:\program files\IObit\Game Booster\Language\ChineseTrad.lng
c:\program files\IObit\Game Booster\Language\Indonesian.lng
c:\program files\IObit\Game Booster\Language\Italian.lng
c:\program files\IObit\Game Booster\Language\Korean.lng
c:\program files\IObit\Game Booster\Language\Polish.lng
c:\program files\IObit\Game Booster\Language\Portuguese(BRAZIL).lng
c:\program files\IObit\Game Booster\Language\Romanian.lng
c:\program files\IObit\Game Booster\Language\Russian.lng
c:\program files\IObit\Game Booster\Language\Spanish.lng
c:\program files\IObit\Game Booster\Language\Swedish.lng
c:\program files\IObit\Game Booster\Language\Turkish.lng
c:\program files\IObit\Game Booster\LatestNews\imagenews.png
c:\program files\IObit\Game Booster\LatestNews\LatestNews.ini
c:\program files\IObit\Game Booster\license.dat
c:\program files\IObit\Game Booster\madbasic_.bpl
c:\program files\IObit\Game Booster\maddisAsm_.bpl
c:\program files\IObit\Game Booster\madexcept_.bpl
c:\program files\IObit\Game Booster\PowerConfig.dll
c:\program files\IObit\Game Booster\rtl120.bpl
c:\program files\IObit\Game Booster\sqlite3.dll
c:\program files\IObit\Game Booster\taskMgr.dll
c:\program files\IObit\Game Booster\TaskSchedule.exe
c:\program files\IObit\Game Booster\unins000.dat
c:\program files\IObit\Game Booster\unins000.exe
c:\program files\IObit\Game Booster\unins000.msg
c:\program files\IObit\Game Booster\Update\Update.Ini
c:\program files\IObit\Game Booster\vcl120.bpl
c:\program files\IObit\Game Booster\vclx120.bpl
c:\program files\IObit\Smart Defrag 2\Čti.txt
c:\program files\IObit\Smart Defrag 2\bookmarks.exe
c:\program files\IObit\Smart Defrag 2\Damnedovy češtiny.url
c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\fav.ico
c:\program files\IObit\Smart Defrag 2\Freeware\Check.dll
c:\program files\IObit\Smart Defrag 2\Freeware\Languages\Inno_English.lng
c:\program files\IObit\Smart Defrag 2\Freeware\Languages\Inno_Turkish.lng
c:\program files\IObit\Smart Defrag 2\Freeware\SD_FreeSoftwareDownloader.exe
c:\program files\IObit\Smart Defrag 2\Language\Czech.lng
c:\program files\IObit\Smart Defrag 2\Language\English.lng
c:\program files\IObit\Smart Defrag 2\Language\Turkish.lng
c:\program files\IObit\Smart Defrag 2\LatestNews\LatestNews.ini
c:\program files\IObit\Smart Defrag 2\madbasic_.bpl
c:\program files\IObit\Smart Defrag 2\maddisAsm_.bpl
c:\program files\IObit\Smart Defrag 2\madexcept_.bpl
c:\program files\IObit\Smart Defrag 2\NtfsData.dll
c:\program files\IObit\Smart Defrag 2\rtl120.bpl
c:\program files\IObit\Smart Defrag 2\SDDriverMgr.dll
c:\program files\IObit\Smart Defrag 2\SDInit.exe
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Center.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnDivider.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnHeader.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Bottom.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Hide.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Checked.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Unchecked.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Item_Selected.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Layout.ini
c:\program files\IObit\Smart Defrag 2\Skins\Black\line.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Logo.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Page_Body.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Setting_Text_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Show.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Statistics.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Title.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Center.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnDivider.png
c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnHeader.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Bottom.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Hide.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Checked.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Unchecked.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Item_Selected.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Layout.ini
c:\program files\IObit\Smart Defrag 2\Skins\White\line.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Logo.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Page_Body.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Setting_Text_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Show.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Statistics.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Title.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Top.png
c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files\IObit\Smart Defrag 2\sqlite3.dll
c:\program files\IObit\Smart Defrag 2\taskMgr.dll
c:\program files\IObit\Smart Defrag 2\TaskSchedule.exe
c:\program files\IObit\Smart Defrag 2\unins000.dat
c:\program files\IObit\Smart Defrag 2\unins000.exe
c:\program files\IObit\Smart Defrag 2\unins000.msg
c:\program files\IObit\Smart Defrag 2\vcl120.bpl
c:\program files\IObit\Smart Defrag 2\vclx120.bpl
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\advcheck.dll
c:\program files\Spybot - Search & Destroy\aports.dll
c:\program files\Spybot - Search & Destroy\blindman.exe
c:\program files\Spybot - Search & Destroy\Default configuration.ini
c:\program files\Spybot - Search & Destroy\DelZip179.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.dap.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.data.xml
c:\program files\Spybot - Search & Destroy\Dummies\dummy.default.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.related.htm
c:\program files\Spybot - Search & Destroy\EVMYTDFVMYPBZXKLF.scr
c:\program files\Spybot - Search & Destroy\Help\Brasil.license.txt
c:\program files\Spybot - Search & Destroy\Help\Cesky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Cesky.Resident.chm
c:\program files\Spybot - Search & Destroy\Help\Deutsch.license.txt
c:\program files\Spybot - Search & Destroy\Help\English.chm
c:\program files\Spybot - Search & Destroy\Help\English.license.txt
c:\program files\Spybot - Search & Destroy\Help\Espanol.license.txt
c:\program files\Spybot - Search & Destroy\Help\Francais.license.txt
c:\program files\Spybot - Search & Destroy\Help\Hellenic.license.txt
c:\program files\Spybot - Search & Destroy\Help\Italiano.license.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.txt
c:\program files\Spybot - Search & Destroy\Help\Korean.license.txt
c:\program files\Spybot - Search & Destroy\Help\Nederlands.license.txt
c:\program files\Spybot - Search & Destroy\Help\Polski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Russkiy.license.txt
c:\program files\Spybot - Search & Destroy\Help\Slovensky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Srpski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Suomi.license.txt
c:\program files\Spybot - Search & Destroy\Includes\AdvWhite.sbs
c:\program files\Spybot - Search & Destroy\Includes\Adware.sbi
c:\program files\Spybot - Search & Destroy\Includes\AdwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Browserpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\CLSIDs.sbs
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbi
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbs
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbs
c:\program files\Spybot - Search & Destroy\Includes\DialerC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Domains.sbs
c:\program files\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers.sbi
c:\program files\Spybot - Search & Destroy\Includes\HijackersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\HintOfTheDay.sbs
c:\program files\Spybot - Search & Destroy\Includes\iPhone.sbi
c:\program files\Spybot - Search & Destroy\Includes\Keyloggers.sbi
c:\program files\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Logs.uts
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbi
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbs
c:\program files\Spybot - Search & Destroy\Includes\Malware.sbi
c:\program files\Spybot - Search & Destroy\Includes\MalwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
c:\program files\Spybot - Search & Destroy\Includes\ProcWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\PUPS.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPSC.sbi
c:\program files\Spybot - Search & Destroy\Includes\RegDFLinks.sbs
c:\program files\Spybot - Search & Destroy\Includes\RegWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\RegXLinks.sbs
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbi
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbs
c:\program files\Spybot - Search & Destroy\Includes\Searchpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\Security.sbi
c:\program files\Spybot - Search & Destroy\Includes\SecurityC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Services.sbs
c:\program files\Spybot - Search & Destroy\Includes\Spybots.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpybotsC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpywareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Startup.tnfo
c:\program files\Spybot - Search & Destroy\Includes\Targets.nfo
c:\program files\Spybot - Search & Destroy\Includes\Tracks.uti
c:\program files\Spybot - Search & Destroy\Includes\Trojans.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-02.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-03.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-04.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-05.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC.sbi
c:\program files\Spybot - Search & Destroy\Includes\TTLASSH.sbs
c:\program files\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
c:\program files\Spybot - Search & Destroy\Includes\X509White.sbs
c:\program files\Spybot - Search & Destroy\JPOWWP.scr
c:\program files\Spybot - Search & Destroy\Languages\Afrikaans.sbl
c:\program files\Spybot - Search & Destroy\Languages\Arabic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Azeri.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl
c:\program files\Spybot - Search & Destroy\Languages\Belarusskiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bosanski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Brasil.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bulgarski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Catalan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Cesky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Dansk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Deutsch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Eesti.sbl
c:\program files\Spybot - Search & Destroy\Languages\English.sbl
c:\program files\Spybot - Search & Destroy\Languages\Espanol.sbl
c:\program files\Spybot - Search & Destroy\Languages\Esperanto.sbl
c:\program files\Spybot - Search & Destroy\Languages\Euskera.sbl
c:\program files\Spybot - Search & Destroy\Languages\Farsi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Francais.sbl
c:\program files\Spybot - Search & Destroy\Languages\Furlan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Galego.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hebrew.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hellenic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hindi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hrvatski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (simplified).sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (traditional).sbl
c:\program files\Spybot - Search & Destroy\Languages\Islenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Italiano.sbl
c:\program files\Spybot - Search & Destroy\Languages\Japanese.sbl
c:\program files\Spybot - Search & Destroy\Languages\Korean.sbl
c:\program files\Spybot - Search & Destroy\Languages\Latvian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Letzebuergesch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Lietuviu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Magyar.sbl
c:\program files\Spybot - Search & Destroy\Languages\Makedonski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Melayu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Nederlands.sbl
c:\program files\Spybot - Search & Destroy\Languages\Norsk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Polski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Portugues.sbl
c:\program files\Spybot - Search & Destroy\Languages\Romaneste.sbl
c:\program files\Spybot - Search & Destroy\Languages\Russkiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Shqip.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovenscina.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovensky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Srpski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Suomi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Svenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Thai.sbl
c:\program files\Spybot - Search & Destroy\Languages\Turkce.sbl
c:\program files\Spybot - Search & Destroy\Languages\Ukrainian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Uzbek.sbl
c:\program files\Spybot - Search & Destroy\messages.zres
c:\program files\Spybot - Search & Destroy\OptOut.ini
c:\program files\Spybot - Search & Destroy\OQMCTNCSVUQ.scr
c:\program files\Spybot - Search & Destroy\Plugins\Fennel.dll
c:\program files\Spybot - Search & Destroy\Plugins\Chai.dll
c:\program files\Spybot - Search & Destroy\Plugins\Mate.dll
c:\program files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
c:\program files\Spybot - Search & Destroy\SDFiles.exe
c:\program files\Spybot - Search & Destroy\SDHelper.dll
c:\program files\Spybot - Search & Destroy\SDMain.exe
c:\program files\Spybot - Search & Destroy\SDShred.exe
c:\program files\Spybot - Search & Destroy\SDUpdate.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\Spybot - Search & Destroy\Skins\Colorblind.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.jpg
c:\program files\Spybot - Search & Destroy\Skins\Peace.ini
c:\program files\Spybot - Search & Destroy\Skins\Peace.jpg
c:\program files\Spybot - Search & Destroy\SpybotSD.exe
c:\program files\Spybot - Search & Destroy\sqlite3.dll
c:\program files\Spybot - Search & Destroy\TeaTimer.exe
c:\program files\Spybot - Search & Destroy\TGVCSJBZHOAKAUH.scr
c:\program files\Spybot - Search & Destroy\Tools.dll
c:\program files\Spybot - Search & Destroy\unins000.dat
c:\program files\Spybot - Search & Destroy\unins000.exe
c:\program files\Spybot - Search & Destroy\unins000.msg
c:\program files\Spybot - Search & Destroy\UninsSrv.dll
c:\program files\Spybot - Search & Destroy\Update.exe
c:\program files\Spybot - Search & Destroy\Updates\advcheck165.exe
c:\program files\Spybot - Search & Destroy\Updates\advcheck165.zip
c:\program files\Spybot - Search & Destroy\Updates\clsid.zip
c:\program files\Spybot - Search & Destroy\Updates\desc.english.zip
c:\program files\Spybot - Search & Destroy\Updates\downloaded.ini
c:\program files\Spybot - Search & Destroy\Updates\help.cesky.zip
c:\program files\Spybot - Search & Destroy\Updates\helpres.cesky.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.dialer.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.hijackers.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.iPhone.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.keyloggers.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.malware.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.pups.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.spybots.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.trojans.zip
c:\program files\Spybot - Search & Destroy\Updates\includes.zip
c:\program files\Spybot - Search & Destroy\Updates\lang.cesky.zip
c:\program files\Spybot - Search & Destroy\Updates\online.ini
c:\program files\Spybot - Search & Destroy\Updates\online.ini.uiz
c:\program files\Spybot - Search & Destroy\Updates\startup.zip
c:\program files\Spybot - Search & Destroy\Updates\supplemental.zip
c:\program files\Spybot - Search & Destroy\Updates\teatimer166.exe
c:\program files\Spybot - Search & Destroy\Updates\teatimer166.zip
c:\windows\system32\DRIVERS\avfwim.sys
c:\windows\system32\DRIVERS\avfwot.sys
c:\windows\system32\drivers\SmartDefragDriver.sys
c:\windows\system32\GameMon.des
c:\windows\system32\SmartDefragBootTime.exe
d:\portable aplikace\AIDA64 Extreme Edition 1.50.1236 Beta\Software\kerneld.x32

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AIDA64DRIVER
-------\Legacy_ALSYSIO
-------\Legacy_AVFWOT
-------\Legacy_CPUZ130
-------\Legacy_CPUZ135
-------\Legacy_GPU-Z
-------\Legacy_SMARTDEFRAGDRIVER
-------\Service_AIDA64Driver
-------\Service_ALSysIO
-------\Service_avfwim
-------\Service_avfwot
-------\Service_cpuz130
-------\Service_cpuz131
-------\Service_cpuz135
-------\Service_GPU-Z
-------\Service_npggsvc
-------\Service_SBSDWSCService
-------\Service_SmartDefragDriver


((((((((((((((((((((((((( Soubory vytvořené od 2011-01-08 do 2011-02-08 )))))))))))))))))))))))))))))))
.

2011-02-08 11:18 . 2011-02-08 11:19 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2011-02-08 11:18 . 2011-02-08 11:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-08 00:26 . 2011-02-08 00:26 1700352 begin_of_the_skype_highlighting              26 1700352      end_of_the_skype_highlighting begin_of_the_skype_highlighting              26 1700352      end_of_the_skype_highlighting begin_of_the_skype_highlighting              26 1700352      end_of_the_skype_highlighting begin_of_the_skype_highlighting              26 1700352      end_of_the_skype_highlighting ----a-w- c:\windows\system32\gdiplus.dll
2011-02-08 00:21 . 2011-02-08 11:18 488961 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-02-08 00:07 . 2011-02-08 00:07 -------- d-----w- C:\VritualRoot
2011-02-08 00:05 . 2011-02-08 00:26 -------- d-----w- c:\program files\COMODO
2011-02-08 00:04 . 2011-02-08 00:08 -------- d-----w- c:\programdata\Comodo
2011-02-07 17:47 . 2011-02-07 17:47 -------- d-----w- c:\program files\PicLensIE
2011-02-07 17:45 . 2011-02-07 18:45 -------- d-----w- c:\users\Jirka\AppData\Local\Cooliris
2011-02-07 14:09 . 2011-02-07 14:09 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-07 14:08 . 2011-02-07 14:09 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-02-07 13:54 . 2011-02-07 13:54 -------- d-----w- c:\users\Jirka\AppData\Local\{BEB69B3D-5833-4825-93D7-235E9D519EA3}
2011-02-07 13:53 . 2011-02-07 13:54 -------- d-----w- c:\users\Jirka\AppData\Local\Windows Live Writer
2011-02-07 13:53 . 2011-02-07 13:53 -------- d-----w- c:\users\Jirka\AppData\Roaming\Windows Live Writer
2011-02-07 13:53 . 2011-02-07 13:53 -------- d-----w- c:\windows\en
2011-02-07 13:52 . 2011-02-07 13:52 -------- d-----w- c:\windows\cs
2011-02-07 12:43 . 2011-02-07 12:43 -------- d-----w- c:\users\Jirka\AppData\Local\Apple
2011-02-06 01:31 . 2011-02-07 13:15 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2011-02-05 09:16 . 2011-02-05 09:16 -------- d-----w- c:\users\Jirka\AppData\Local\Secunia PSI
2011-02-05 09:15 . 2011-02-05 09:15 -------- d-----w- c:\program files\Secunia
2011-02-05 00:07 . 2011-02-05 01:13 -------- d-----r- C:\bootwiz
2011-02-04 23:38 . 2011-02-04 23:38 -------- d-----w- c:\users\Jirka USER
2011-02-04 23:35 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5B7CF2F4-DE89-4164-B227-0C06DE577648}\mpengine.dll
2011-02-03 14:01 . 2011-02-03 14:01 -------- d-----w- c:\program files\NirSoft
2011-02-03 11:30 . 2011-02-03 22:35 -------- d-----w- c:\program files\MyDefrag v4.3.1
2011-02-03 11:30 . 2010-05-21 11:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2011-02-03 11:30 . 2010-05-21 11:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2011-02-03 11:21 . 2011-02-03 11:21 -------- d-----w- c:\users\Jirka\AppData\Roaming\Smart PC Solutions
2011-02-03 11:21 . 2011-02-03 11:21 -------- d-----w- c:\program files\Smart PC Solutions
2011-02-03 08:48 . 2011-02-03 08:48 -------- d-----w- c:\program files\AkelPad
2011-02-02 14:00 . 2011-02-02 14:00 -------- d-----w- c:\users\Jirka\AppData\Roaming\Xilisoft
2011-02-02 13:59 . 2011-02-02 13:59 -------- d-----w- c:\program files\Xilisoft
2011-02-01 01:54 . 2010-09-14 13:12 11264 ----a-w- c:\windows\system32\MMShellHook.dll
2011-02-01 01:54 . 2010-02-27 15:34 312320 ----a-w- c:\windows\system32\proppage.dll
2011-02-01 01:54 . 2011-02-01 01:54 -------- d-----w- c:\program files\Media Control
2011-02-01 01:54 . 2011-02-01 01:54 -------- d-----w- c:\users\Jirka\AppData\Roaming\Media Control
2011-02-01 01:54 . 2010-02-27 15:34 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-01-31 22:26 . 2011-01-31 22:27 -------- d-----w- c:\program files\iTunes
2011-01-31 22:26 . 2011-01-31 22:26 -------- d-----w- c:\program files\iPod
2011-01-31 22:25 . 2011-01-31 22:25 -------- d-----w- c:\program files\Bonjour
2011-01-31 22:24 . 2011-01-31 22:25 -------- d-----w- c:\program files\Safari
2011-01-31 01:01 . 2011-01-31 01:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\VOS
2011-01-31 00:44 . 2011-01-31 00:44 -------- d-----w- c:\users\Jirka\AppData\Local\Thinstall
2011-01-31 00:11 . 2011-01-31 00:11 -------- d-----w- c:\users\Jirka\AppData\Local\Hardcoded Software
2011-01-31 00:11 . 2011-01-31 00:11 -------- d-----w- c:\program files\Hardcoded Software
2011-01-28 05:44 . 2011-01-28 05:44 -------- d-----w- c:\users\Jirka\AppData\Roaming\Stardock
2011-01-28 05:44 . 2011-01-28 05:44 -------- d-----w- c:\users\Jirka\AppData\Local\PackageAware
2011-01-26 08:49 . 2011-01-26 08:50 -------- d-----w- c:\program files\MSI Afterburner
2011-01-25 09:51 . 2011-01-25 09:57 -------- d-----w- c:\windows\$regcmp$
2011-01-25 08:51 . 2011-01-25 08:51 -------- d-----w- c:\programdata\Martau
2011-01-25 08:51 . 2011-01-25 08:51 -------- d-----w- c:\program files\Total Uninstall 5
2011-01-25 02:01 . 2011-01-25 02:01 -------- d-----w- C:\Documents and Settings
2011-01-24 19:55 . 2011-01-24 19:55 -------- d-----w- c:\users\Jirka\AppData\Roaming\2K Sports
2011-01-24 14:39 . 2011-01-24 14:39 -------- d-----w- c:\programdata\KONAMI
2011-01-24 14:29 . 2011-01-25 00:29 -------- d-----w- c:\users\Jirka\AppData\Roaming\Mikogo
2011-01-24 13:02 . 2011-01-24 13:06 -------- d-----w- c:\program files\MP3Gain
2011-01-24 11:37 . 2010-10-16 18:55 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2011-01-24 11:37 . 2010-10-16 18:55 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2011-01-24 11:37 . 2010-10-16 18:55 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-24 11:37 . 2010-10-16 18:55 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-24 11:37 . 2010-10-16 18:55 319080 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-01-24 11:37 . 2010-10-16 18:55 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-24 11:37 . 2010-10-16 18:55 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-24 11:37 . 2010-10-16 18:55 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2011-01-24 11:37 . 2010-10-16 18:55 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-24 11:37 . 2010-10-16 18:55 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-24 11:37 . 2010-10-16 18:55 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-19 19:23 . 2011-01-19 19:23 -------- d-----w- C:\rsit
2011-01-19 19:06 . 2011-01-25 01:19 -------- d-----w- c:\users\Jirka\AppData\Roaming\UseNeXT
2011-01-19 19:06 . 2011-01-19 19:06 -------- d-----w- c:\program files\UseNeXT
2011-01-19 19:05 . 2011-02-07 14:10 -------- d-----w- c:\program files\Defraggler
2011-01-19 17:51 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-19 17:51 . 2011-01-19 17:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-19 17:51 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-17 02:47 . 2011-01-17 02:47 -------- d-----w- c:\program files\PhotoZoom Pro 4
2011-01-17 00:11 . 2011-02-07 22:43 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 9
2011-01-11 20:41 . 2010-03-30 23:00 169064 ----a-w- c:\windows\system32\everest_cpl.cpl
2011-01-11 20:39 . 2011-01-11 20:39 -------- d-----w- c:\program files\Lavalys
2011-01-11 19:03 . 2011-01-11 19:03 -------- d-----w- c:\program files\PC Connectivity Solution
2011-01-11 19:02 . 2011-01-11 19:02 -------- d-----w- c:\programdata\NokiaInstallerCache
2011-01-11 00:47 . 2011-01-11 00:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-01-11 00:47 . 2011-01-11 00:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\Adobe Mini Bridge CS5
2011-01-10 22:32 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-01-10 22:32 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-01-10 22:32 . 2011-01-10 22:32 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-10 22:31 . 2011-01-10 22:31 -------- d-----w- c:\program files\Apple Software Update
2011-01-10 17:46 . 2011-01-10 17:46 -------- d-----w- c:\programdata\Boss Media
2011-01-10 17:46 . 2011-01-10 17:46 -------- d-----w- c:\users\Jirka\AppData\Local\Boss Media
2011-01-10 17:32 . 2011-01-10 17:38 -------- d-----w- c:\users\Jirka\AppData\Local\IM
2011-01-10 17:32 . 2011-01-25 00:47 -------- d-----w- c:\programdata\IncrediMail
2011-01-10 17:32 . 2011-01-10 17:33 -------- d-----w- c:\programdata\IM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 09:24 . 2010-11-03 23:02 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2011-01-25 09:24 . 2010-10-28 19:21 17488 ----a-w- c:\windows\gdrv.sys
2011-01-24 22:11 . 2010-11-03 23:03 17488 ----a-w- c:\windows\etdrv.sys
2011-01-06 16:36 . 2011-01-06 16:36 80064 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-06 16:36 . 2011-01-06 16:36 35768 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-06 16:36 . 2011-01-06 16:36 236600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-06 16:36 . 2011-01-06 16:36 17256 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-05 16:14 . 2010-04-02 23:13 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-05 16:14 . 2010-04-02 23:13 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-04 23:32 . 2011-01-04 23:32 53248 ----a-r- c:\users\Jirka\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-01-04 23:32 . 2010-08-09 17:05 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-29 00:42 . 2010-12-29 00:42 285480 ----a-w- c:\windows\system32\guard32.dll
2010-12-24 07:45 . 2010-12-24 07:45 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-19 13:38 . 2010-11-19 13:38 163232 ----a-w- c:\windows\system32\drivers\afcdp.sys
2010-11-19 13:38 . 2010-11-19 13:38 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2010-11-19 13:38 . 2010-11-19 13:38 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-11-19 13:38 . 2010-02-25 10:26 170464 ----a-w- c:\windows\system32\drivers\snapman.sys
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} ----

2011-01-10 22:32 . 2011-01-31 22:27 1942 ----a-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxInstallLog.txt
2009-06-03 08:32 . 2009-06-03 08:32 7994 ----a-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\gearaspiwdmx86.cat
2009-05-18 12:48 . 2009-05-18 12:48 2763 ----a-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\GEARAspiWDM.inf
2009-05-18 12:17 . 2009-05-18 12:17 26600 ----a-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspiWDM.sys
2009-02-04 12:56 . 2009-02-04 12:56 75112 ----a-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
2008-04-17 11:12 . 2008-04-17 11:12 107368 ----a-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll
2006-11-02 05:21 . 2006-11-02 05:21 319456 ----a-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll

---- Directory of c:\users\Jirka\AppData\Local\{BEB69B3D-5833-4825-93D7-235E9D519EA3} ----