rada s MWAV

[MartinW]

po tom restartovani mi to uz asi len 1 alebo 2 krat este zamrzlo a odvtedy to slape ako ma ... tak uvidime do kedy to vydrzi.zatial dakujem

[Rudy]

Zatím nemáte zač!

[motji]

Počítač je již v pořádku?

[Rudy]

Zamykám pro neaktivitu. Pokude budete chtít v tématu pokračovat, kontaktujte mne, nebo některého moderátora přes e-mail. Děkuji.

[MartinW]

mohol by som poprosit o kontrolu,lebo sa mi neskutocne spomalil net

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:31:40, on 14.1.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ivan\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 7693 bytes
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivan at 2013-01-14 10:39:41
Systém Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 102 GB (85%) free of 120 GB
Total RAM: 1014 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:39:53, on 14.1.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\!DATA!\Downloads\RSIT.exe
C:\Program Files\trend micro\Ivan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 7762 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://eu.ask.com?o=14672&l=dis"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.15.4.23821, DTToolbar@toolbarnet.com:1.1.2.0185, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12, jqs@sun.com:1.0, LogMeInClient@logmein.com:1.0.0.395, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... _dtid=&&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\Toolbar\firefox\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
AskHPRFF.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
NPOFFICE.DLL

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
crawlersrch.xml
dunaj-sk.xml
eBay.xml
google.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\
DTToolbar@toolbarnet.com
LogMeInClient@logmein.com
toolbar@ask.com

C:\Documents and Settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\searchplugins\
askcom.xml
daemon-search.xml
icqplugin-1.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-15 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-15 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-15 131072]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
""= []
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-09-07 3673808]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2011-01-14 2942856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"Steam"=C:\Program Files\Steam\Steam.exe [2003-09-11 958464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-23 140568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-23 906648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva]
C:\WINDOWS\system32\amvo.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2008-02-15 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2008-02-15 135168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-06-01 7618560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
NvMCTray.dll,NvTaskbarInit []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2008-02-15 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2008-09-30 16864768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2007-12-14 132624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-23 2615624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2012-05-21 87424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableProfileQuota"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\theHunter\launcher\launcher.exe"="C:\Program Files\theHunter\launcher\launcher.exe:*:Enabled:theHunter Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.LEAD"=LCODCCMP.DLL
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2013-01-14 10:39:41 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2013-01-14 10:39:48 ----D---- C:\Program Files\trend micro
2013-01-14 10:26:32 ----D---- C:\WINDOWS\Temp
2013-01-14 10:26:01 ----D---- C:\Documents and Settings\Ivan\Application Data\Skype
2013-01-14 10:24:56 ----D---- C:\Program Files\Steam
2013-01-14 10:24:52 ----D---- C:\Documents and Settings\All Users\Application Data\LogMeIn
2013-01-13 17:22:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-13 17:19:33 ----D---- C:\Program Files\FitLinie
2013-01-08 16:35:09 ----D---- C:\WINDOWS\Prefetch
2013-01-08 16:34:08 ----D---- C:\WINDOWS
2013-01-04 13:36:32 ----D---- C:\Program Files\PokerStars
2013-01-04 10:15:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2012-12-22 10:38:44 ----D---- C:\Program Files\Microsoft Silverlight
2012-12-21 12:58:46 ----SHD---- C:\WINDOWS\Installer
2012-12-21 12:58:44 ----HD---- C:\Config.Msi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-08-21 105344]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-07-31 43872]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-01-15 129248]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2009-01-15 368736]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2009-01-15 441760]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-02-28 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-11-16 50704]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-01-15 44384]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files\DU Meter\DUM_XP32.SYS []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-02 4878336]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-07-16 106368]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-23 427288]
R2 DUMeterSvc;DU Meter Service; C:\Program Files\DU Meter\DUMeterSvc.exe [2011-01-14 1412488]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-22 152984]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2012-05-21 374152]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2012-05-21 136584]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-12-14 390528]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 495832]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-22 116648]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-06-01 155715]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-22 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-22 194032]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[Rudy]

Poprosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[MartinW]

ComboFix 13-01-15.02 - Ivan 15.01.2013 15:29:13.1.4 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.2.1250.421.1033.18.1014.388 [GMT 1:00]
Running from: d:\!data!\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\_qbothome
c:\documents and settings\All Users\_qbothome\_qbot_installed
c:\documents and settings\All Users\_qbothome\~efd9452.tmp
c:\documents and settings\All Users\_qbothome\ps_dump_Ivan.txt
c:\documents and settings\All Users\_qbothome\si.txt
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Ivan\Application Data\Desktopicon
c:\documents and settings\Ivan\Application Data\Desktopicon\eBay.ico
c:\documents and settings\Ivan\Application Data\Desktopicon\uninst.exe
C:\install.exe
c:\windows\system32\CddbCdda.dll
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\stu2.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
c:\windows\system32\proquota.exe was missing
Restored copy from - c:\windows\system32\dllcache\proquota.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-15 to 2013-01-15 )))))))))))))))))))))))))))))))
.
.
2013-01-15 14:40 . 2004-08-03 22:56 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2013-01-15 14:40 . 2004-08-03 22:56 50176 ----a-w- c:\windows\system32\proquota.exe
2013-01-14 09:39 . 2013-01-14 09:40 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2011-01-14 2942856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"Steam"="c:\program files\Steam\Steam.exe" [2003-09-11 958464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-06 2777296]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-09-06 3673808]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-05-21 15:32 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-10-23 15:10 140568 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-10-23 16:58 906648 ----a-w- c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 01:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 15:20 57344 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2006-02-28 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 10:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 01:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 10:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-06-01 09:22 7618560 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-06-01 09:22 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-06-01 09:22 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 10:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-09-30 17:01 16864768 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
2007-12-14 16:19 132624 ------w- c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2007-10-23 15:05 2615624 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 13:27 35168]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [17.12.2011 18:56 30656]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [8.8.2012 14:39 32768]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [20.4.2011 11:15 1412488]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 9:16 472280]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [9.1.2011 15:29 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24.7.2008 18:46 12856]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [23.10.2012 9:47 793048]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30.5.2012 12:56 3048136]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [8.8.2012 14:39 587472]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files\DU Meter\DUM_XP32.sys [20.4.2011 11:15 14992]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 7:50 158856]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-14 09:42 1606760 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-22 08:32]
.
2013-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-22 08:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
FF - ProfilePath - c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=14672&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=55B86A7C-61CB-4F96-BC4F-AC42BBCA7704&apn_ptnrs=T8&apn_sauid=41C66328-EE3D-4902-A188-43DD7CDBDBDF&apn_dtid=&&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-amva - c:\windows\system32\amvo.exe
MSConfigStartUp-Google Update - c:\documents and settings\Ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
MSConfigStartUp-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Nero\Lib\NeroCheck.exe
AddRemove-CToolbar_UNINSTALL - c:\progra~1\Crawler\Toolbar\CToolbar.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-eBay Icon - c:\documents and settings\Ivan\Application Data\Desktopicon\uninst.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-Nokia PC Suite - c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_EA.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-15 15:43
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(660)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'lsass.exe'(716)
c:\windows\system32\relog_ap.dll
.
- - - - - - - > 'explorer.exe'(332)
c:\windows\system32\msi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\progra~1\DUMETE~1\DUMeter.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Completion time: 2013-01-15 15:50:29 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-15 14:50
.
Pre-Run: 108 986 839 040 bytes free
Post-Run: 16 adresárov, 109 139 365 888 voľných bajtov
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - D85395136F4E2AB6AC8185F3CC67D362

[Rudy]

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Firefox::
FF - ProfilePath - c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=14672&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... _dtid=&&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[MartinW]

ComboFix 13-01-16.01 - Ivan 16.01.2013 16:38:55.2.4 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.2.1250.421.1033.18.1014.601 [GMT 1:00]
Running from: c:\documents and settings\Ivan\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Ivan\Desktop\CFScript.txt..txt
AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active
.
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.xpt
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\about.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AboutWindow.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\accept.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\AddRadioStation.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\as.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_buy.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_download.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_feedback.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_forum.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_home.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astro_lite.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroburn_site.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\astroLite_16.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\az.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\b1.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_files.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_image.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\burn_imgs.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\BurnImage.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\buy.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Config.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\d2.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\daemon_search_site.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_disabled.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_enabled.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dot_on_over.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\download.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ds.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dsearch.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt-home.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_about.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_buy.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_download.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_faq.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_feedback.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_forum.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_line.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_lite.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_manual.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dt_pro.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\DTPro.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt16.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\dtt32.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Dwnl.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\emulation.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\faq.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\favicon.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\features.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\feedback.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\forum.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrix.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixCristals.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixDownload.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixPlayOnline.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameCentrixTop.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameS.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\games_search_SA.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GameSA.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gct16.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\gd.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\genre.xml
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\globe.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\GrabImage.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hb.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\help.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\hide.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\home.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\image_search_SA.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageS.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ImageSA.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\ip.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lang.xml
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\lingvo.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\m.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_disable.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mail_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_disable.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mailc_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\manual.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\map.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioConfig.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRadioStation.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuRSCur.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\MenuTr.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\mount_n_drive.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\next_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\none_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\op.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\play_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\pragma.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prev_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\prod.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Radio.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBg.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioBgMask.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDisp_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioDown_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioE.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioG.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioL.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLDotMask.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeft.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLeftMask.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioLM.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioM.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioN.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioR.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRM.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioRU.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioVolume_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RadioW.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbcheck.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rbtxt.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\refresh_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Rss1.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssA1.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssClose.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssL.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\rssOpen.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\RssRefresh.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\s2.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\show.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_lr.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\size_rl.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\skins.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\soft24_SA.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\spt.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\stop_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\style.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\SupportRequest.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\timer.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\TitleIcon.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\toolbar.xml
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\trans.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_disable.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\Trash_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\u.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\unmount-all.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_back.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_dott_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_mute_check.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\vol_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtClose_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_down.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_m.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wBtText_under.bmp
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_resources.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\web_search_SA.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebS.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\WebSa.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi0.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi1.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi10.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi11.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi12.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi13.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi14.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi2.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi3.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi4.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi5.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi6.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi7.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi8.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\components\Resources\wi9.ico
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\chrome.manifest
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\chrome\dttoolbar.jar
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\DTToolbar@toolbarnet.com\install.rdf
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\chrome.manifest
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\install.rdf
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\META-INF\manifest.mf
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\META-INF\zigbert.rsa
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\META-INF\zigbert.sf
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\plugins\LMIProxyHelper.exe
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\plugins\ractrlkeyhook.dll
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\LogMeInClient@logmein.com\plugins\unicows.dll
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\defaults.js.bak
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js.bak
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome.manifest
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\bindings.xml
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\button-bindings.xml
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\dynamic-button-manager.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\dynamic-button.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\highlight-to-search.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\http-headers.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\newtab-manager.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\newtab-overlay.xul
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\newtab.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\newtab.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\notification-popup-controller.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\notification-popup-ff3.xul
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\notification-popup.xul
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\notification.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\updateRdf.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\ ask_32x.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\ask_16x_wht.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\asklogo_16x21.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\b-p.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\b.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\bl-pbl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\bl-pbr.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\bl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\br-pbl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\br-pbr.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\br.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\citysearch_a.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\default.css
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\dictionary_32x.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\dropmarker.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\email.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\emailplus.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\imesh_32x.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\l.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\newtab.css
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\newtab_bkg.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\newtab_search_bkg.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\notification.css
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\r.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_button.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\searchbar.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\searchresults_32x.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\t-p.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\t.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\tl-ptl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\tl-ptr.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\tl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\tr-ptl.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\tr-ptr.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\tr.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\twitter.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-30-Nov-2009-14-08-27-GMT\ff-config.zip
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-26-Feb-2011-12-57-59-GMT\ff-config.zip
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-26-Nov-2011-14-20-31-GMT\ff-config.zip
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-30-Jun-2010-17-24-33-GMT\ff-config.zip
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\icon.png
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\install.rdf
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1259590099466.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1259590114147.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1262024827305.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1262345557956.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1262964718752.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1277918667064.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1277918682726.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1280260706954.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1298724428695.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1298725097513.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1322317223209.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1322317241739.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\logs\asktb-log-1350895200829.html
c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\extensions\toolbar@ask.com\searchplugins\askcom.xml
c:\program files\Java\jre6\lib\deploy\jqs\ff
c:\program files\Java\jre6\lib\deploy\jqs\ff\chrome.manifest
c:\program files\Java\jre6\lib\deploy\jqs\ff\chrome\content\overlay.js
c:\program files\Java\jre6\lib\deploy\jqs\ff\chrome\content\overlay.xul
c:\program files\Java\jre6\lib\deploy\jqs\ff\install.rdf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.js
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext\ffjcext.dtd
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\install.rdf
c:\windows\host32.exe
c:\windows\svchost.dll
c:\windows\system32\accies98.dll
c:\windows\system32\arprmdg0.dll
c:\windows\system32\avload32.dll
c:\windows\system32\avpe32.dll
c:\windows\system32\avpx32.dll
c:\windows\system32\axxt32.dll
c:\windows\system32\bmtdhh.dll
c:\windows\system32\browsemu.dll
c:\windows\system32\bt848rom.dll
c:\windows\system32\clbdll.dll
c:\windows\system32\directpt.dll
c:\windows\system32\directut.dll
c:\windows\system32\dll.dll
c:\windows\system32\docent0.dll
c:\windows\system32\docent2.dll
c:\windows\system32\dvd4free.dll
c:\windows\system32\dxtpdx.dll
c:\windows\system32\extxerox.dll
c:\windows\system32\hpprintx.dll
c:\windows\system32\iesdl4l.dll
c:\windows\system32\KernelDrv.exe
c:\windows\system32\kernelwind32.exe
c:\windows\system32\ksapgh.dll
c:\windows\system32\lanmui.dll
c:\windows\system32\mmx4xt.dll
c:\windows\system32\msindeo.dll
c:\windows\system32\msliksurcredo.dll
c:\windows\system32\msliksurdns.dll
c:\windows\system32\Mspdnx.dll
c:\windows\system32\msvcrl.dll
c:\windows\system32\ntos.exe
c:\windows\system32\obbn13t.dll
c:\windows\system32\pasksa.dll
c:\windows\system32\pptp16.dll
c:\windows\system32\pptp32.dll
c:\windows\system32\qo.dll
c:\windows\system32\satdll.dll
c:\windows\system32\scsiusr4.dll
c:\windows\system32\sdra64.exe
c:\windows\system32\se500mdm.dll
c:\windows\system32\tcpwrk.dll
c:\windows\system32\twext.exe
c:\windows\system32\xptptt.dll
c:\windows\system32\yvpp01.dll
c:\windows\system32\yvsvga.dll
c:\windows\system32\zopenssl.dll
.

[MartinW]

musel som to dat na polku lebo sa to sem nevoslo naraz


.
((((((((((((((((((((((((( Files Created from 2012-12-16 to 2013-01-16 )))))))))))))))))))))))))))))))
.
.
2013-01-16 10:13 . 2013-01-16 10:32 -------- d-----w- c:\program files\Chovatel 2006 beta
2013-01-15 15:41 . 2013-01-15 15:42 -------- d-----w- c:\program files\Crawler
2013-01-15 14:40 . 2004-08-03 22:56 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2013-01-15 14:40 . 2004-08-03 22:56 50176 ----a-w- c:\windows\system32\proquota.exe
2013-01-14 09:39 . 2013-01-14 09:40 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2011-01-14 2942856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"Steam"="c:\program files\Steam\Steam.exe" [2003-09-11 958464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2013-01-14 2777736]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-01-14 3674248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-05-21 15:32 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-10-23 15:10 140568 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-10-23 16:58 906648 ----a-w- c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 01:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 15:20 57344 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2006-02-28 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-15 10:46 159744 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 01:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-15 10:46 135168 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-06-01 09:22 7618560 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-06-01 09:22 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-06-01 09:22 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-15 10:46 131072 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-09-30 17:01 16864768 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
2007-12-14 16:19 132624 ------w- c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2007-10-23 15:05 2615624 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 13:27 35168]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [17.12.2011 18:56 30656]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [8.8.2012 14:39 32768]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [20.4.2011 11:15 1412488]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 9:16 472280]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [9.1.2011 15:29 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24.7.2008 18:46 12856]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [23.10.2012 9:47 793048]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30.5.2012 12:56 3048136]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [8.8.2012 14:39 587912]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files\DU Meter\DUM_XP32.sys [20.4.2011 11:15 14992]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 7:50 158856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-14 09:42 1606760 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-22 08:32]
.
2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-22 08:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
FF - ProfilePath - c:\documents and settings\Ivan\Application Data\Mozilla\Firefox\Profiles\x84qd7et.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-16 16:55
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(660)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'lsass.exe'(716)
c:\windows\system32\relog_ap.dll
.
- - - - - - - > 'explorer.exe'(2448)
c:\windows\system32\msi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Completion time: 2013-01-16 17:01:19 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-16 16:01
ComboFix2.txt 2013-01-15 14:50
.
Pre-Run: 109 031 567 360 bytes free
Post-Run: 16 adresárov, 109 051 518 976 voľných bajtov
.
- - End Of File - - 5DD53AACCCBA552D28930123B0553E6F

[Rudy]

Log již vypadá OK. Nastala nějaká změna?

[MartinW]

Ano,uz sa to zrychlilo a uz aj kratke videa prehrava bez zasekavania a opatovneho nacitavania.
Zatial dakujem

[Rudy]

Nemáte zač!

[MartinW]

Zdravim
pocitac po zapnuti chvilu ide normalne ,potom sa len nepatrne spomaly net a predtym ako sa mi konecne podari dostat na nejaku stranku mi prve 2-3 pokusy vyhodi,ze prehliadacu sa nepodarilo najst pozadovany server.
vcera mi vyhodilo ,ze v pocitaci je nejaka vazna chyba

[Rudy]

Otevřte adresář, který je uveden jako první v okně "Obsah správy o chybe" a soubor Mini 021209-01.dmp přiloýte k vašemu příštímu postu.