zavirovany pc

[martybx]

zdravim, nas poskytovatel netu mi zablokoval net. udajne mam vira nebo brouka.¨
prosim vas o kontrolu logu.¨
antivir a spybot je OK
predem dekuji.
log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Kumiko at 2011-04-22 10:59:13
Microsoft Windows 7 Ultimate
System drive C: has 16 GB (32%) free of 50 GB
Total RAM: 1014 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:06:54, on 22.4.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Kumiko\Desktop\RSIT.exe
C:\Program Files\trend micro\Kumiko.exe
C:\Windows\system32\taskeng.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Startup: IMVU.lnk = C:\Users\Kumiko\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Kumiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7360 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-27 298160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-02-27 848952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-27 298160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"High Definition Audio Property Page Shortcut"=CHDAudPropShortcut.exe []
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-10-19 202032]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-12-18 39408]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\Kumiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Kumiko\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-04-22 10:59:14 ----D---- C:\Program Files\trend micro
2011-04-22 10:59:13 ----D---- C:\rsit
2011-04-22 08:13:14 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2011-04-22 07:26:53 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2011-04-22 07:21:19 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-04-22 07:19:20 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-04-13 16:09:44 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-13 16:09:44 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-13 16:09:44 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-13 16:09:42 ----A---- C:\Windows\system32\vbscript.dll
2011-04-13 16:09:42 ----A---- C:\Windows\system32\jscript.dll
2011-04-13 16:09:40 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-13 16:09:40 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-13 16:09:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-13 16:09:38 ----A---- C:\Windows\system32\atmlib.dll
2011-04-13 16:09:38 ----A---- C:\Windows\system32\atmfd.dll
2011-04-13 16:09:35 ----A---- C:\Windows\system32\mshtml.dll
2011-04-13 16:09:34 ----A---- C:\Windows\system32\ieframe.dll
2011-04-13 16:09:32 ----A---- C:\Windows\system32\urlmon.dll
2011-04-13 16:09:28 ----A---- C:\Windows\system32\wininet.dll
2011-04-13 16:09:27 ----A---- C:\Windows\system32\mstime.dll
2011-04-13 16:09:27 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-13 16:09:27 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-13 16:09:26 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-13 16:09:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-13 16:09:26 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-13 16:09:26 ----A---- C:\Windows\system32\ieui.dll
2011-04-13 16:09:26 ----A---- C:\Windows\system32\iertutil.dll
2011-04-13 16:09:26 ----A---- C:\Windows\system32\iepeers.dll
2011-04-13 16:09:25 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-13 16:09:25 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-13 16:08:40 ----A---- C:\Windows\system32\win32k.sys
2011-04-13 16:08:39 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-13 16:08:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-13 16:08:36 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-13 16:08:34 ----A---- C:\Windows\system32\mfc42.dll
2011-04-13 16:08:33 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-13 16:08:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-13 16:08:31 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-13 16:08:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-13 16:08:30 ----A---- C:\Windows\system32\drivers\bowser.sys

======List of files/folders modified in the last 1 months======

2011-04-22 11:02:54 ----D---- C:\Windows\Prefetch
2011-04-22 10:59:14 ----RD---- C:\Program Files
2011-04-22 10:36:39 ----D---- C:\Windows\temp
2011-04-22 07:25:34 ----D---- C:\Users\Kumiko\AppData\Roaming\Skype
2011-04-22 07:21:45 ----D---- C:\Windows\System32
2011-04-22 07:21:45 ----D---- C:\Windows\inf
2011-04-22 07:21:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-22 07:21:19 ----D---- C:\ProgramData
2011-04-22 07:20:28 ----D---- C:\Windows\system32\drivers
2011-04-22 06:40:04 ----D---- C:\Windows\system32\config
2011-04-22 06:39:21 ----D---- C:\Users\Kumiko\AppData\Roaming\skypePM
2011-04-22 06:37:41 ----SHD---- C:\System Volume Information
2011-04-17 09:23:52 ----D---- C:\Program Files\Mozilla Firefox
2011-04-14 07:05:28 ----D---- C:\Windows\Microsoft.NET
2011-04-14 07:05:25 ----RSD---- C:\Windows\assembly
2011-04-14 06:47:28 ----D---- C:\Windows\winsxs
2011-04-14 06:45:15 ----D---- C:\Program Files\Internet Explorer
2011-04-14 06:45:13 ----D---- C:\Windows\system32\migration
2011-04-13 23:06:48 ----D---- C:\Windows\system32\catroot2
2011-04-13 23:06:48 ----D---- C:\Windows\system32\catroot
2011-04-13 23:06:39 ----SHD---- C:\Windows\Installer
2011-04-13 23:06:37 ----D---- C:\Config.Msi
2011-04-13 23:06:32 ----D---- C:\ProgramData\Microsoft Help
2011-04-13 22:55:13 ----A---- C:\Windows\system32\MRT.exe
2011-04-03 11:52:10 ----D---- C:\Program Files\NosTale(CZ)
2011-04-02 15:35:00 ----D---- C:\Windows\ModemLogs
2011-03-31 20:24:56 ----D---- C:\Program Files\PaintTool SAI English Pack

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl27b6b2cf;MpKsl27b6b2cf; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKsl27b6b2cf.sys [2011-04-22 28752]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2009-07-14 159232]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-19 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-19 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\Windows\system32\DRIVERS\NETw5x32.sys [2008-06-26 3630080]
R3 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-08-28 169064]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-08-05 49400]
R3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S1 MpKsl03abdb28;MpKsl03abdb28; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B8989E09-796A-48B3-B67F-A41E5C3A7A04}\MpKsl03abdb28.sys []
S1 MpKsl131d92f2;MpKsl131d92f2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B80FE38E-85D0-49FB-9846-1F215DE81AE5}\MpKsl131d92f2.sys []
S1 MpKsl16e6ab14;MpKsl16e6ab14; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99036F10-B1C7-4D35-9FC4-E7EB304BCADF}\MpKsl16e6ab14.sys []
S1 MpKsl22ef4bcd;MpKsl22ef4bcd; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E007676-A54D-420D-94E3-5BDA548AF9C1}\MpKsl22ef4bcd.sys []
S1 MpKsl23dbd12c;MpKsl23dbd12c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F227CF1-ADC0-414B-8365-D1FE8647BA11}\MpKsl23dbd12c.sys []
S1 MpKsl2a60a123;MpKsl2a60a123; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl2a60a123.sys []
S1 MpKsl2fd80d19;MpKsl2fd80d19; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKsl2fd80d19.sys []
S1 MpKsl3005248f;MpKsl3005248f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F5655C96-00F6-40B3-A283-62080EF26DD3}\MpKsl3005248f.sys []
S1 MpKsl3085f780;MpKsl3085f780; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl3085f780.sys []
S1 MpKsl36ded6fc;MpKsl36ded6fc; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6512BA5D-9781-4C7A-BC12-34DB36F0D6BA}\MpKsl36ded6fc.sys []
S1 MpKsl3ae101e5;MpKsl3ae101e5; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{505B241C-1BCF-4A74-8F02-584F0D08A976}\MpKsl3ae101e5.sys []
S1 MpKsl3e272987;MpKsl3e272987; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl3e272987.sys []
S1 MpKsl4905ce51;MpKsl4905ce51; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsl4905ce51.sys []
S1 MpKsl4aab9c45;MpKsl4aab9c45; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F78080EE-3746-4F47-A233-C94F667305F2}\MpKsl4aab9c45.sys []
S1 MpKsl565f16aa;MpKsl565f16aa; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl565f16aa.sys []
S1 MpKsl60502d02;MpKsl60502d02; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsl60502d02.sys []
S1 MpKsl60d3b98c;MpKsl60d3b98c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1836AEEA-4C7B-4FEA-8057-806FEC48A434}\MpKsl60d3b98c.sys []
S1 MpKsl697e1c47;MpKsl697e1c47; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1C8197CC-8567-4F3B-A730-8712CEBC1864}\MpKsl697e1c47.sys []
S1 MpKsl70512cbe;MpKsl70512cbe; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1198CD94-310F-4861-AECD-28FDE530A7AF}\MpKsl70512cbe.sys []
S1 MpKsl721f501e;MpKsl721f501e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl721f501e.sys []
S1 MpKsl75de4ea3;MpKsl75de4ea3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl75de4ea3.sys []
S1 MpKsl77b4b22a;MpKsl77b4b22a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{95973FF2-A563-4574-947B-36630ACF9770}\MpKsl77b4b22a.sys []
S1 MpKsl78b50d4e;MpKsl78b50d4e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A359021-EA68-48B4-B827-A8CD3715B555}\MpKsl78b50d4e.sys []
S1 MpKsl7aeaa0e3;MpKsl7aeaa0e3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F78080EE-3746-4F47-A233-C94F667305F2}\MpKsl7aeaa0e3.sys []
S1 MpKsl862919dc;MpKsl862919dc; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl862919dc.sys []
S1 MpKsl8e10bff4;MpKsl8e10bff4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{437B23D9-8FF6-40CE-BB70-671CD6E1DAFE}\MpKsl8e10bff4.sys []
S1 MpKsl99f73b57;MpKsl99f73b57; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{50345178-6A6C-4931-9962-3CF0C782FFFB}\MpKsl99f73b57.sys []
S1 MpKsla0d71042;MpKsla0d71042; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{437B23D9-8FF6-40CE-BB70-671CD6E1DAFE}\MpKsla0d71042.sys []
S1 MpKsla644cdeb;MpKsla644cdeb; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40581240-1305-4760-B329-53BF7AE9C9B8}\MpKsla644cdeb.sys []
S1 MpKslafc062ce;MpKslafc062ce; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKslafc062ce.sys []
S1 MpKslb1935300;MpKslb1935300; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3185308F-1F23-4B66-B1BF-FD2DD182FE7A}\MpKslb1935300.sys []
S1 MpKslb1ad58d8;MpKslb1ad58d8; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{505B241C-1BCF-4A74-8F02-584F0D08A976}\MpKslb1ad58d8.sys []
S1 MpKslb504d16c;MpKslb504d16c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB3B83FD-76E7-4D0A-A668-83D2AF827176}\MpKslb504d16c.sys []
S1 MpKslc0c5d47d;MpKslc0c5d47d; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKslc0c5d47d.sys []
S1 MpKslc9698278;MpKslc9698278; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F452A744-15A8-44D6-91AD-E42432A0DAF9}\MpKslc9698278.sys []
S1 MpKslce8f5900;MpKslce8f5900; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{851F4CBA-A268-467F-A841-204324D6CE90}\MpKslce8f5900.sys []
S1 MpKsld1968695;MpKsld1968695; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9C2E7491-D35E-47CA-8564-DB4C351395CA}\MpKsld1968695.sys []
S1 MpKsle743673f;MpKsle743673f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A359021-EA68-48B4-B827-A8CD3715B555}\MpKsle743673f.sys []
S1 MpKsle7dfccbf;MpKsle7dfccbf; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1836AEEA-4C7B-4FEA-8057-806FEC48A434}\MpKsle7dfccbf.sys []
S1 MpKsle83a7f08;MpKsle83a7f08; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsle83a7f08.sys []
S1 MpKsle96161e1;MpKsle96161e1; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40581240-1305-4760-B329-53BF7AE9C9B8}\MpKsle96161e1.sys []
S1 MpKsle96d3225;MpKsle96d3225; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68F737C7-367D-4BA0-A29A-EA6175D8B82B}\MpKsle96d3225.sys []
S1 MpKslf21cbbc1;MpKslf21cbbc1; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68F737C7-367D-4BA0-A29A-EA6175D8B82B}\MpKslf21cbbc1.sys []
S1 MpKslf315c749;MpKslf315c749; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKslf315c749.sys []
S1 MpKslf6a4f01c;MpKslf6a4f01c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKslf6a4f01c.sys []
S1 MpKslf6ed260e;MpKslf6ed260e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{851F4CBA-A268-467F-A841-204324D6CE90}\MpKslf6ed260e.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 catchme;catchme; \??\C:\Users\Kumiko\AppData\Local\Temp\catchme.sys []
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\HSFHWAZL.sys [2006-08-29 208384]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-12-07 2013992]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-07-30 144752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-18 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-18 654848]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-12-18 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-20 1343400]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

• Nahrady za Spybota:
  • Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
  • SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
• Samozrejme pouzivejte jen jeden z nich
• Osobne doporucuji SuperAntiSpyware

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[martybx]

ComboFix 11-04-21.06 - Kumiko 22.04.2011 20:56:31.2.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.1014.565 [GMT 2:00]
Spuštěný z: c:\users\Kumiko\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-22 do 2011-04-22 )))))))))))))))))))))))))))))))
.
.
2011-04-22 19:01 . 2011-04-22 19:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-04-22 19:01 . 2011-04-22 19:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-22 18:30 . 2011-04-22 18:31 -------- d-----w- c:\program files\Crawler
2011-04-22 18:29 . 2011-04-22 18:29 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-04-22 18:29 . 2011-04-22 18:33 -------- d-----w- c:\users\Kumiko\AppData\Roaming\Spyware Terminator
2011-04-22 18:29 . 2011-04-22 18:39 -------- d-----w- c:\programdata\Spyware Terminator
2011-04-22 18:29 . 2011-04-22 18:39 -------- d-----w- c:\program files\Spyware Terminator
2011-04-22 08:59 . 2011-04-22 09:06 -------- d-----w- c:\program files\trend micro
2011-04-22 08:59 . 2011-04-22 09:06 -------- d-----w- C:\rsit
2011-04-22 06:13 . 2011-04-22 06:13 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2011-04-22 05:26 . 2011-04-22 05:26 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2011-04-22 05:21 . 2011-04-22 06:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-04-22 05:19 . 2011-04-22 05:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-21 06:05 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\mpengine.dll
2011-04-13 14:08 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-04-13 14:08 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-13 14:08 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-13 14:08 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-13 14:08 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-13 14:08 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-13 14:08 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-13 14:08 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-13 14:08 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-13 14:08 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-06 04:40 . 2011-01-12 13:14 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2CA9FFBD-2BDD-46F0-A969-4732346F233D}\gapaengine.dll
2011-04-01 05:16 . 2011-01-12 13:14 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 07:04 . 2010-10-21 16:51 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-04 12:45 . 2011-02-28 05:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-16 05:08 . 2011-01-30 18:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-02-28 05:47 . 2011-02-28 05:47 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-02-19 05:33 . 2011-03-09 05:13 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 05:32 . 2011-03-09 05:13 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 05:32 . 2011-03-09 05:13 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-03 05:45 . 2011-02-10 11:08 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-30 18:14 . 2011-01-30 18:14 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-18 39408]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-04-22 3318784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 202032]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-04-22 2216960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
c:\users\Kumiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IMVU.lnk - c:\users\Kumiko\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-26 2684256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 MpKsl03abdb28;MpKsl03abdb28;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B8989E09-796A-48B3-B67F-A41E5C3A7A04}\MpKsl03abdb28.sys [x]
R1 MpKsl131d92f2;MpKsl131d92f2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B80FE38E-85D0-49FB-9846-1F215DE81AE5}\MpKsl131d92f2.sys [x]
R1 MpKsl16e6ab14;MpKsl16e6ab14;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{99036F10-B1C7-4D35-9FC4-E7EB304BCADF}\MpKsl16e6ab14.sys [x]
R1 MpKsl22ef4bcd;MpKsl22ef4bcd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E007676-A54D-420D-94E3-5BDA548AF9C1}\MpKsl22ef4bcd.sys [x]
R1 MpKsl23dbd12c;MpKsl23dbd12c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F227CF1-ADC0-414B-8365-D1FE8647BA11}\MpKsl23dbd12c.sys [x]
R1 MpKsl2a60a123;MpKsl2a60a123;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl2a60a123.sys [x]
R1 MpKsl2fd80d19;MpKsl2fd80d19;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKsl2fd80d19.sys [x]
R1 MpKsl3005248f;MpKsl3005248f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5655C96-00F6-40B3-A283-62080EF26DD3}\MpKsl3005248f.sys [x]
R1 MpKsl3085f780;MpKsl3085f780;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl3085f780.sys [x]
R1 MpKsl36ded6fc;MpKsl36ded6fc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6512BA5D-9781-4C7A-BC12-34DB36F0D6BA}\MpKsl36ded6fc.sys [x]
R1 MpKsl3ae101e5;MpKsl3ae101e5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{505B241C-1BCF-4A74-8F02-584F0D08A976}\MpKsl3ae101e5.sys [x]
R1 MpKsl3e272987;MpKsl3e272987;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl3e272987.sys [x]
R1 MpKsl4905ce51;MpKsl4905ce51;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsl4905ce51.sys [x]
R1 MpKsl4aab9c45;MpKsl4aab9c45;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F78080EE-3746-4F47-A233-C94F667305F2}\MpKsl4aab9c45.sys [x]
R1 MpKsl565f16aa;MpKsl565f16aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl565f16aa.sys [x]
R1 MpKsl60502d02;MpKsl60502d02;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsl60502d02.sys [x]
R1 MpKsl60d3b98c;MpKsl60d3b98c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1836AEEA-4C7B-4FEA-8057-806FEC48A434}\MpKsl60d3b98c.sys [x]
R1 MpKsl697e1c47;MpKsl697e1c47;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1C8197CC-8567-4F3B-A730-8712CEBC1864}\MpKsl697e1c47.sys [x]
R1 MpKsl70512cbe;MpKsl70512cbe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1198CD94-310F-4861-AECD-28FDE530A7AF}\MpKsl70512cbe.sys [x]
R1 MpKsl721f501e;MpKsl721f501e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl721f501e.sys [x]
R1 MpKsl75de4ea3;MpKsl75de4ea3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl75de4ea3.sys [x]
R1 MpKsl77b4b22a;MpKsl77b4b22a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{95973FF2-A563-4574-947B-36630ACF9770}\MpKsl77b4b22a.sys [x]
R1 MpKsl78b50d4e;MpKsl78b50d4e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A359021-EA68-48B4-B827-A8CD3715B555}\MpKsl78b50d4e.sys [x]
R1 MpKsl7aeaa0e3;MpKsl7aeaa0e3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F78080EE-3746-4F47-A233-C94F667305F2}\MpKsl7aeaa0e3.sys [x]
R1 MpKsl862919dc;MpKsl862919dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl862919dc.sys [x]
R1 MpKsl8e10bff4;MpKsl8e10bff4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{437B23D9-8FF6-40CE-BB70-671CD6E1DAFE}\MpKsl8e10bff4.sys [x]
R1 MpKsl99f73b57;MpKsl99f73b57;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{50345178-6A6C-4931-9962-3CF0C782FFFB}\MpKsl99f73b57.sys [x]
R1 MpKsla0d71042;MpKsla0d71042;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{437B23D9-8FF6-40CE-BB70-671CD6E1DAFE}\MpKsla0d71042.sys [x]
R1 MpKsla644cdeb;MpKsla644cdeb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40581240-1305-4760-B329-53BF7AE9C9B8}\MpKsla644cdeb.sys [x]
R1 MpKslafc062ce;MpKslafc062ce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKslafc062ce.sys [x]
R1 MpKslb1935300;MpKslb1935300;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3185308F-1F23-4B66-B1BF-FD2DD182FE7A}\MpKslb1935300.sys [x]
R1 MpKslb1ad58d8;MpKslb1ad58d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{505B241C-1BCF-4A74-8F02-584F0D08A976}\MpKslb1ad58d8.sys [x]
R1 MpKslb504d16c;MpKslb504d16c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BB3B83FD-76E7-4D0A-A668-83D2AF827176}\MpKslb504d16c.sys [x]
R1 MpKslc0c5d47d;MpKslc0c5d47d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKslc0c5d47d.sys [x]
R1 MpKslc9698278;MpKslc9698278;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F452A744-15A8-44D6-91AD-E42432A0DAF9}\MpKslc9698278.sys [x]
R1 MpKslce8f5900;MpKslce8f5900;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{851F4CBA-A268-467F-A841-204324D6CE90}\MpKslce8f5900.sys [x]
R1 MpKsld1968695;MpKsld1968695;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C2E7491-D35E-47CA-8564-DB4C351395CA}\MpKsld1968695.sys [x]
R1 MpKsle743673f;MpKsle743673f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A359021-EA68-48B4-B827-A8CD3715B555}\MpKsle743673f.sys [x]
R1 MpKsle7dfccbf;MpKsle7dfccbf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1836AEEA-4C7B-4FEA-8057-806FEC48A434}\MpKsle7dfccbf.sys [x]
R1 MpKsle83a7f08;MpKsle83a7f08;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsle83a7f08.sys [x]
R1 MpKsle96161e1;MpKsle96161e1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40581240-1305-4760-B329-53BF7AE9C9B8}\MpKsle96161e1.sys [x]
R1 MpKsle96d3225;MpKsle96d3225;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68F737C7-367D-4BA0-A29A-EA6175D8B82B}\MpKsle96d3225.sys [x]
R1 MpKslf21cbbc1;MpKslf21cbbc1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68F737C7-367D-4BA0-A29A-EA6175D8B82B}\MpKslf21cbbc1.sys [x]
R1 MpKslf315c749;MpKslf315c749;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKslf315c749.sys [x]
R1 MpKslf6a4f01c;MpKslf6a4f01c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKslf6a4f01c.sys [x]
R1 MpKslf6ed260e;MpKslf6ed260e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{851F4CBA-A268-467F-A841-204324D6CE90}\MpKslf6ed260e.sys [x]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-04-22 142592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-18 136176]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-12-07 2013992]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-20 1343400]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-18 10:25]
.
2011-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-18 10:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/home.php?ref=hp
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Kumiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=102352&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU-ASK&o=102349&locale=en_EU&apn_uid=C186D958-A8BC-4EAD-97CF-B1302F8D6141&apn_ptnrs=Q6&apn_sauid=49F3354B-3B0F-4308-8EB9-41CF98887F17&apn_dtid=YYYYYYYYCZ&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - %profile%\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\Crawler\Toolbar\firefox
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)
WebBrowser-{90B49673-5506-483E-B92B-CA0265BD9CA8} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-RunOnce-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-04-22 21:03:28
ComboFix-quarantined-files.txt 2011-04-22 19:03
ComboFix2.txt 2011-01-10 19:51
.
Před spuštěním: Volných bajtů: 17 206 599 680
Po spuštění: Volných bajtů: 17 734 975 488
.
- - End Of File - - 9A20C98C2B13C050268F62E499DDC309

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\program files\Ask.com
  
  Registry::
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
  [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
  [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Skype"=-
  "swg"=-
  "SpywareTerminatorUpdate"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "HP Software Update"=-
  
  Driver::
  gupdate
  
  File::
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  
  Firefox::
  FF - ProfilePath - c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\
  FF - prefs.js: browser.search.selectedEngine - Ask.com
  FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=102352&l=dis
  FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... YYYYYCZ&q=
  FF - Ext: aTube Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[martybx]

ComboFix 11-04-22.01 - Kumiko 22.04.2011 21:42:30.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.1014.246 [GMT 2:00]
Spuštěný z: c:\users\Kumiko\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kumiko\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_35f0.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\defaults.js.bak
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome.manifest
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\suggestions.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\abc.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\as.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\bbc_news.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\beppe_grillo.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\bild.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\business.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\close.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\cnn_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\corriere_della_sera.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\el_mundo.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\email_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\expansion.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\facebook_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\folha.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\ft.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\ftd.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\g1.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\games_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\gazzetta_dello_sport.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\glove_logo_atubecatcher.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\highlight_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\hola.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_film1_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_history_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_news_ru_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_nu_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_radiodigital_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_sports_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_sportsru_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icon_vk_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\icons_business_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\kicker.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\laposte.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\lemonde.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\lequipe.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\libero_it.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\magnify_search_grey_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\marmiton.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\mtv.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\oglobo.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\orkut.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\searchbox.xml
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\sports.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\supportedsites.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\terra.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\titlebar_bg.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\tv.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\tv_movie_de.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\uol.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\video_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\weather_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\web_de.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\youtube_16x.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-26-Dec-2010-13-50-37-GMT\ff-config.zip
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-16-Mar-2011-14-06-18-GMT\ff-config.zip
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\install.rdf
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303366220224.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303381620662.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303381622985.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303381929881.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303390341195.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303398326922.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303398378329.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303412306607.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303412338639.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303447215388.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303497879450.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\logs\asktb-log-1303499391136.html
c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\extensions\toolbar@ask.com\searchplugins\askcom.xml
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-22 do 2011-04-22 )))))))))))))))))))))))))))))))
.
.
2011-04-22 20:00 . 2011-04-22 20:00 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKsl1a010b08.sys
2011-04-22 19:57 . 2011-04-22 20:11 -------- d-----w- c:\users\Kumiko\AppData\Local\temp
2011-04-22 19:57 . 2011-04-22 19:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-04-22 19:57 . 2011-04-22 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-22 19:05 . 2011-04-22 19:05 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKsl7e10b3d9.sys
2011-04-22 18:30 . 2011-04-22 18:31 -------- d-----w- c:\program files\Crawler
2011-04-22 18:29 . 2011-04-22 18:29 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-04-22 18:29 . 2011-04-22 18:33 -------- d-----w- c:\users\Kumiko\AppData\Roaming\Spyware Terminator
2011-04-22 18:29 . 2011-04-22 18:39 -------- d-----w- c:\programdata\Spyware Terminator
2011-04-22 18:29 . 2011-04-22 18:39 -------- d-----w- c:\program files\Spyware Terminator
2011-04-22 08:59 . 2011-04-22 09:06 -------- d-----w- c:\program files\trend micro
2011-04-22 08:59 . 2011-04-22 09:06 -------- d-----w- C:\rsit
2011-04-22 06:13 . 2011-04-22 06:13 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2011-04-22 05:26 . 2011-04-22 05:26 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2011-04-22 05:21 . 2011-04-22 06:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-04-22 05:19 . 2011-04-22 05:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-21 06:05 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\mpengine.dll
2011-04-13 14:08 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-04-13 14:08 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-13 14:08 . 2011-02-24 05:32 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-13 14:08 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-13 14:08 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-13 14:08 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-13 14:08 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-13 14:08 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-13 14:08 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-13 14:08 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-06 04:40 . 2011-01-12 13:14 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2CA9FFBD-2BDD-46F0-A969-4732346F233D}\gapaengine.dll
2011-04-01 05:16 . 2011-01-12 13:14 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 07:04 . 2010-10-21 16:51 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-04 12:45 . 2011-02-28 05:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-16 05:08 . 2011-01-30 18:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-02-28 05:47 . 2011-02-28 05:47 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-02-19 05:33 . 2011-03-09 05:13 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 05:32 . 2011-03-09 05:13 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 05:32 . 2011-03-09 05:13 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-03 05:45 . 2011-02-10 11:08 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-30 18:14 . 2011-01-30 18:14 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 202032]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-04-22 2216960]
.
c:\users\Kumiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
IMVU.lnk - c:\users\Kumiko\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-26 2684256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 MpKsl03abdb28;MpKsl03abdb28;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B8989E09-796A-48B3-B67F-A41E5C3A7A04}\MpKsl03abdb28.sys [x]
R1 MpKsl131d92f2;MpKsl131d92f2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B80FE38E-85D0-49FB-9846-1F215DE81AE5}\MpKsl131d92f2.sys [x]
R1 MpKsl16e6ab14;MpKsl16e6ab14;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{99036F10-B1C7-4D35-9FC4-E7EB304BCADF}\MpKsl16e6ab14.sys [x]
R1 MpKsl22ef4bcd;MpKsl22ef4bcd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3E007676-A54D-420D-94E3-5BDA548AF9C1}\MpKsl22ef4bcd.sys [x]
R1 MpKsl23dbd12c;MpKsl23dbd12c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1F227CF1-ADC0-414B-8365-D1FE8647BA11}\MpKsl23dbd12c.sys [x]
R1 MpKsl2a60a123;MpKsl2a60a123;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl2a60a123.sys [x]
R1 MpKsl2fd80d19;MpKsl2fd80d19;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKsl2fd80d19.sys [x]
R1 MpKsl3005248f;MpKsl3005248f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5655C96-00F6-40B3-A283-62080EF26DD3}\MpKsl3005248f.sys [x]
R1 MpKsl3085f780;MpKsl3085f780;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl3085f780.sys [x]
R1 MpKsl36ded6fc;MpKsl36ded6fc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6512BA5D-9781-4C7A-BC12-34DB36F0D6BA}\MpKsl36ded6fc.sys [x]
R1 MpKsl3ae101e5;MpKsl3ae101e5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{505B241C-1BCF-4A74-8F02-584F0D08A976}\MpKsl3ae101e5.sys [x]
R1 MpKsl3e272987;MpKsl3e272987;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl3e272987.sys [x]
R1 MpKsl4905ce51;MpKsl4905ce51;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsl4905ce51.sys [x]
R1 MpKsl4aab9c45;MpKsl4aab9c45;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F78080EE-3746-4F47-A233-C94F667305F2}\MpKsl4aab9c45.sys [x]
R1 MpKsl565f16aa;MpKsl565f16aa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl565f16aa.sys [x]
R1 MpKsl60502d02;MpKsl60502d02;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsl60502d02.sys [x]
R1 MpKsl60d3b98c;MpKsl60d3b98c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1836AEEA-4C7B-4FEA-8057-806FEC48A434}\MpKsl60d3b98c.sys [x]
R1 MpKsl697e1c47;MpKsl697e1c47;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1C8197CC-8567-4F3B-A730-8712CEBC1864}\MpKsl697e1c47.sys [x]
R1 MpKsl70512cbe;MpKsl70512cbe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1198CD94-310F-4861-AECD-28FDE530A7AF}\MpKsl70512cbe.sys [x]
R1 MpKsl721f501e;MpKsl721f501e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl721f501e.sys [x]
R1 MpKsl75de4ea3;MpKsl75de4ea3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5B0CF13-16A4-44D2-A016-A2BEBD63781F}\MpKsl75de4ea3.sys [x]
R1 MpKsl77b4b22a;MpKsl77b4b22a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{95973FF2-A563-4574-947B-36630ACF9770}\MpKsl77b4b22a.sys [x]
R1 MpKsl78b50d4e;MpKsl78b50d4e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A359021-EA68-48B4-B827-A8CD3715B555}\MpKsl78b50d4e.sys [x]
R1 MpKsl7aeaa0e3;MpKsl7aeaa0e3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F78080EE-3746-4F47-A233-C94F667305F2}\MpKsl7aeaa0e3.sys [x]
R1 MpKsl862919dc;MpKsl862919dc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKsl862919dc.sys [x]
R1 MpKsl8e10bff4;MpKsl8e10bff4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{437B23D9-8FF6-40CE-BB70-671CD6E1DAFE}\MpKsl8e10bff4.sys [x]
R1 MpKsl99f73b57;MpKsl99f73b57;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{50345178-6A6C-4931-9962-3CF0C782FFFB}\MpKsl99f73b57.sys [x]
R1 MpKsla0d71042;MpKsla0d71042;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{437B23D9-8FF6-40CE-BB70-671CD6E1DAFE}\MpKsla0d71042.sys [x]
R1 MpKsla644cdeb;MpKsla644cdeb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40581240-1305-4760-B329-53BF7AE9C9B8}\MpKsla644cdeb.sys [x]
R1 MpKslafc062ce;MpKslafc062ce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFBECD27-6DA7-438E-9222-0629C154F02A}\MpKslafc062ce.sys [x]
R1 MpKslb1935300;MpKslb1935300;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3185308F-1F23-4B66-B1BF-FD2DD182FE7A}\MpKslb1935300.sys [x]
R1 MpKslb1ad58d8;MpKslb1ad58d8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{505B241C-1BCF-4A74-8F02-584F0D08A976}\MpKslb1ad58d8.sys [x]
R1 MpKslb504d16c;MpKslb504d16c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BB3B83FD-76E7-4D0A-A668-83D2AF827176}\MpKslb504d16c.sys [x]
R1 MpKslc0c5d47d;MpKslc0c5d47d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKslc0c5d47d.sys [x]
R1 MpKslc9698278;MpKslc9698278;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F452A744-15A8-44D6-91AD-E42432A0DAF9}\MpKslc9698278.sys [x]
R1 MpKslce8f5900;MpKslce8f5900;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{851F4CBA-A268-467F-A841-204324D6CE90}\MpKslce8f5900.sys [x]
R1 MpKsld1968695;MpKsld1968695;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C2E7491-D35E-47CA-8564-DB4C351395CA}\MpKsld1968695.sys [x]
R1 MpKsle743673f;MpKsle743673f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A359021-EA68-48B4-B827-A8CD3715B555}\MpKsle743673f.sys [x]
R1 MpKsle7dfccbf;MpKsle7dfccbf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1836AEEA-4C7B-4FEA-8057-806FEC48A434}\MpKsle7dfccbf.sys [x]
R1 MpKsle83a7f08;MpKsle83a7f08;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BF6F45F5-B206-447B-AA98-3D3C60D0AA17}\MpKsle83a7f08.sys [x]
R1 MpKsle96161e1;MpKsle96161e1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40581240-1305-4760-B329-53BF7AE9C9B8}\MpKsle96161e1.sys [x]
R1 MpKsle96d3225;MpKsle96d3225;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68F737C7-367D-4BA0-A29A-EA6175D8B82B}\MpKsle96d3225.sys [x]
R1 MpKslf21cbbc1;MpKslf21cbbc1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68F737C7-367D-4BA0-A29A-EA6175D8B82B}\MpKslf21cbbc1.sys [x]
R1 MpKslf315c749;MpKslf315c749;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKslf315c749.sys [x]
R1 MpKslf6a4f01c;MpKslf6a4f01c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{447E7DD5-C2ED-43AF-9BB1-2818657D08AB}\MpKslf6a4f01c.sys [x]
R1 MpKslf6ed260e;MpKslf6ed260e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{851F4CBA-A268-467F-A841-204324D6CE90}\MpKslf6ed260e.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-20 1343400]
S1 MpKsl1a010b08;MpKsl1a010b08;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKsl1a010b08.sys [2011-04-22 28752]
S1 MpKsl7e10b3d9;MpKsl7e10b3d9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49F7EAB8-4EF5-49DD-AD06-FC6F2038E767}\MpKsl7e10b3d9.sys [2011-04-22 28752]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-04-22 142592]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-12-07 2013992]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL1A010B08
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.facebook.com/home.php?ref=hp
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Kumiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\Kumiko\AppData\Roaming\Mozilla\Firefox\Profiles\fsdy91d4.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - %profile%\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
.
**************************************************************************
.
Celkový čas: 2011-04-22 22:20:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-22 20:20
ComboFix2.txt 2011-04-22 19:03
ComboFix3.txt 2011-01-10 19:51
.
Před spuštěním: Volných bajtů: 17 535 512 576
Po spuštění: Volných bajtů: 17 678 827 520
.
- - End Of File - - EB0962634F4AB5F630C5E71DC3E51233

[vyosek]

Jak se chova PC

[martybx]

PC se chova daleko lip.. (teda aspon dcera to tvrdi, neb je to jeji ntb).
Co se tyka toho odpojovani poskytovatele, tak to ted nedokazu odpovedet, bo to dela jen poskytovatel ktereho mame v praci a tam se dostanu nejdrive az v utery, mozna to bude ale ok , nebot na vase doporuceni sem tu dal spyware doctor a ten odchytil jeste dalsi brouky oproti spybotu.
Dekuji opet za rady a preji krasne svatky v prodlouzenem vikendu.

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Napiste co PC