VIRY.CZ

F-Secure pryc a Skype uz nabiha! Aspon se diky tomu prislo na ty ostatni nesvary. Je jeste neco,co mam odstranit?

Aplikujte ten skript pro ComboFix jak jsem psal...dva antiviry v PC muzou delat peknou neplechu...

ComboFix 11-01-11.03 - lm 12.01.2011 22:22:29.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1918.1288 [GMT 1:00]
Spuštěný z: c:\documents and settings\lm\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\lm\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\NetScreen-Remote.lnk.disabled"
"c:\documents and settings\lm\reader_s.exe"
"c:\windows\system32\internet.exe"
"c:\windows\System32\reader_s.exe"
"c:\windows\system32\xrfhnfop.dll"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome.manifest
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\content\hoster.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\content\illimitux.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\content\illimitux.xul
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\content\megaupload.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\content\preferences.xul
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\content\xmlhttprequester.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\cz_CZ\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\de_DE\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\en_US\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\es_CA\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\es_ES\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\fr_FR\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\he_IL\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\it_IT\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\no_NO\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\pl_PL\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\ru_RU\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\locale\sr_RS\lang.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\skin\ff_box.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\skin\ff_btn.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\skin\ff_btnmu.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\skin\ff_close.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\skin\icon.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\skin\iconMain.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\chrome\skin\illimitux.css
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\illimitux@illimitux.net\install.rdf
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\defaults.js.bak
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome.manifest
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\suggestions.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\abc.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\as.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ask_kmp1.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ask_mail.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\bbc_news.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\beppe_grillo.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\bild.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\business.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\celebrity.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\close.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\cnn_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\corriere_della_sera.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\el_mundo.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\email_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\expansion.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\facebook_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\folha.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ft.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ftd.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\g1.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\games_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\gazzetta_dello_sport.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\highlight_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\hola.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_film1_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_history_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_news_ru_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_nu_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_radiodigital_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_sports_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_sportsru_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icon_vk_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\icons_business_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\kicker.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\laposte.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\lemonde.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\lequipe.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\libero_it.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\magnify_search_grey_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\mtv.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\oglobo.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\orkut.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\personas.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\ptv.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\sports.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\terra.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\titlebar_bg.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\tv.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\tv_movie_de.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\uol.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\voici_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\weather_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\web_de.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\youtube_16x.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-19-Sep-2010-18-44-13-GMT\ff-config.zip
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-21-Sep-2010-16-06-26-GMT\ff-config.zip
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-12-Jan-2011-17-35-26-GMT\ff-config.zip
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\install.rdf
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294689953160.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294691163038.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294692136300.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294693612183.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294699550087.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294704860279.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294758134908.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294774600452.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294778416978.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294784449112.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294784737553.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294786316345.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294810691142.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294811561584.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294848855169.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294851417865.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294851879867.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294853725962.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294853740705.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294856412086.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294856412446.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294858009681.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294859111355.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294860524912.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294864084008.html
c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\extensions\toolbar@ask.com\logs\asktb-log-1294864229280.html
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml

.
--------------- FCopy ---------------

c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-12 do 2011-01-12 )))))))))))))))))))))))))))))))
.

2011-01-12 19:21 . 2011-01-12 18:58 286720 ----a-w- C:\swreg.exe
2011-01-12 19:00 . 2011-01-12 19:00 -------- d-----w- C:\_OTM
2011-01-12 17:47 . 2010-12-31 19:56 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-12 17:46 . 2010-12-31 20:00 293968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-12 17:46 . 2010-12-31 19:59 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-12 17:46 . 2010-12-31 19:56 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-12 17:46 . 2010-12-31 19:59 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-12 17:46 . 2010-12-31 19:59 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-12 17:46 . 2010-12-31 19:56 29264 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-12 17:46 . 2010-12-31 20:06 38848 ----a-w- c:\windows\avastSS.scr
2011-01-12 17:46 . 2010-12-31 20:06 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-12 17:46 . 2011-01-12 17:46 -------- d-----w- c:\program files\Alwil Software
2011-01-12 17:46 . 2011-01-12 17:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alwil Software
2011-01-12 17:12 . 2011-01-12 17:12 -------- d-----w- c:\program files\Common Files\Skype
2011-01-12 17:12 . 2011-01-12 21:26 -------- d-----w- c:\documents and settings\lm\Data aplikací\Skype
2011-01-12 16:55 . 2011-01-12 17:12 -------- d-----r- c:\program files\Skype
2011-01-11 22:15 . 2011-01-11 22:15 -------- d-----w- c:\documents and settings\lm\Local Settings\Data aplikací\VS Revo Group
2011-01-11 22:14 . 2009-12-30 10:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-01-11 22:14 . 2011-01-11 22:14 -------- d-----w- c:\program files\VS Revo Group
2011-01-11 22:00 . 2011-01-11 22:00 -------- d-----w- c:\program files\CCleaner
2011-01-11 21:53 . 2011-01-11 21:53 -------- d-----w- c:\program files\RegCleaner
2011-01-10 22:43 . 2011-01-10 22:43 -------- d-----w- c:\documents and settings\lm\Local Settings\Data aplikací\RapidSharing.eu
2011-01-10 22:39 . 2011-01-10 22:40 -------- d-----w- c:\program files\Rapid
2011-01-10 22:37 . 2010-09-28 18:09 1585896 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\RapgetRS.exe
2011-01-10 22:37 . 2010-09-28 18:06 192512 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\sk\RapgetRS.resources.dll
2011-01-10 22:37 . 2009-08-16 17:04 245760 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\packers\UnRAR.exe
2011-01-10 22:37 . 2007-12-06 09:32 147968 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\packers\7z.exe
2011-01-10 22:37 . 2010-09-28 18:06 208896 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\hu\RapgetRS.resources.dll
2011-01-10 22:37 . 2010-09-28 18:06 204800 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\en\RapgetRS.resources.dll
2011-01-10 22:37 . 2010-09-28 18:06 106496 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\cs\RapgetRS.resources.dll
2011-01-10 22:37 . 2008-06-24 16:09 365610 ----a-w- c:\program files\Mozilla Firefox\Rapget.RS_Premium_v1.1.1.1_cz\Cli_LP.dll
2011-01-09 16:38 . 2011-01-09 16:38 -------- d-----w- c:\program files\Common Files\Windows Live
2011-01-06 18:12 . 2011-01-06 18:12 -------- d-----w- c:\program files\Common Files\Adobe AIR

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-31 15:55 . 2009-10-05 15:27 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.

((((((((((((((((((((((((((((( SnapShot@2011-01-12_20.23.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2001-10-25 14:00 . 2011-01-12 21:06 61634 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2011-01-12 21:06 72620 c:\windows\system32\perfc005.dat
+ 2001-10-25 14:00 . 2011-01-12 21:06 402234 c:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2011-01-12 21:06 399950 c:\windows\system32\perfh005.dat
+ 2004-08-03 21:14 . 2008-06-20 11:59 361600 c:\windows\system32\dllcache\tcpip.sys
- 2008-06-20 11:51 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-01-12 2908160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-06-10 286720]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-12-31 3395600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
NetScreen-Remote.lnk.disabled [2009-4-17 1748]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"<NO NAME>"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\DC\\StrongDC.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"g:\\Program Files\\EA SPORTS\\NHL07\\nhl2007.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Program Files\\StreamTorrent 1.0\\StreamTorrent.exe"=
"c:\\Documents and Settings\\lm\\Plocha\\lucka\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\iSpy\\iSpy Console\\iSpy.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Juniper\\NetScreen-Remote\\IreIKE.exe"=
"c:\program files\Juniper\NetScreen-Remote\ViewLog.exe"= c:\program files\Juniper\NetScreen-Remote\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog
"c:\program files\Juniper\NetScreen-Remote\CmonApp.exe"= c:\program files\Juniper\NetScreen-Remote\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp
"c:\program files\Juniper\NetScreen-Remote\vpn.exe"= c:\program files\Juniper\NetScreen-Remote\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [26.4.2008 21:22 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [26.4.2008 21:22 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.1.2008 0:35 685816]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12.1.2011 18:46 293968]
R1 IPSECDRV;SafeNet IPSec Plugin;c:\windows\system32\drivers\IpSecDrv.sys [17.4.2009 16:23 138296]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.1.2011 18:47 17744]
R2 Crypto;Crypto;c:\windows\system32\drivers\Crypto.sys [17.4.2009 16:23 536634]
R3 DniVap;SafeNet WAN Miniport (VA);c:\windows\system32\drivers\vap.sys [17.4.2009 16:23 29184]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [19.1.2008 22:20 15872]
R4 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys --> c:\windows\system32\drivers\fsdfw.sys [?]
S1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\DRIVERS\wfcxacap.sys --> c:\windows\system32\DRIVERS\wfcxacap.sys [?]
S2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys --> c:\windows\system32\drivers\wfcxatun.sys [?]
S2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys --> c:\windows\system32\drivers\wfcxvcap.sys [?]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [22.2.2010 7:27 16512]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [17.5.2008 18:32 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [17.5.2008 18:32 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [21.5.2008 23:29 32377]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [20.9.2010 18:10 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [20.9.2010 18:10 11104]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11.1.2011 23:14 27064]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys --> c:\windows\system32\drivers\wfcxdtun.sys [?]
S3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys --> c:\windows\system32\drivers\wfcxxbar.sys [?]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - F-Secure Gatekeeper
*Deregistered* - fsbts
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\lm\Data aplikací\Mozilla\Firefox\Profiles\sxyq48tv.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Sothink Web Video Downloader for Firefox: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} - %profile%\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-12 22:26
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN]
"ImagePath"="\Sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1547161642-839522115-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:3a,4e,b1,9e,d5,71,22,df,8f,c9,a9,fb,3f,20,d6,44,1e,c3,93,1e,f4,99,0b,
3d,f8,69,57,36,4c,56,cd,60,68,4a,4e,30,f4,85,b9,a4,cc,ce,77,da,25,3c,bb,8d,\
"??"=hex:1e,49,e4,6d,b0,7f,bd,b5,a5,79,81,8f,e4,92,f2,48
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1048)
c:\windows\system32\Ati2evxx.dll
c:\program files\f-secure\hips\fshook32.dll

- - - - - - - > 'lsass.exe'(1104)
c:\program files\f-secure\hips\fshook32.dll
.
Celkový čas: 2011-01-12 22:28:27
ComboFix-quarantined-files.txt 2011-01-12 21:28
ComboFix2.txt 2011-01-12 20:27

Před spuštěním: 9 381 343 232
Po spuštění: 9 354 993 664

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 50CD41AE8A3FA85A3BC055FCE232F8C8

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

@echo off
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauserv" /RESET /Q
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\BITS" /RESET /Q

Soubor ulozte jako del.bat
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit dvojklikem del.bat
Okno jen problikne a provede mazani - soubor muzete smazat

Aplikujte skript pro OTM

Kód: Vybrat vše

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):25,73,79,73,74,65,6D,72,6F,6F,74,25,5C,73,\
  79,73,74,65,6D,33,32,5C,73,76,63,68,6F,73,74,2E,65,78,65,20,2D,6B,20,\
  6E,65,74,73,76,63,73,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):25,73,79,73,74,65,6D,72,6F,6F,74,25,5C,73,\
  79,73,74,65,6D,33,32,5C,73,76,63,68,6F,73,74,2E,65,78,65,20,2D,6B,20,\
  6E,65,74,73,76,63,73,00
"Type"=dword:00000020
"Start"=dword:00000002

:commands
[REBOOT]

========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ImagePath"|hex(2):25,73,79,73,74,65,6D,72,6F,6F,74,25,5C,73,79,73,74,65,6D,33,32,5C,73,76,63,68,6F,73,74,2E,65,78,65,20,2D,6B,20,6E,65,74,73,76,63,73,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Start"|dword:00000002 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ImagePath"|hex(2):25,73,79,73,74,65,6D,72,6F,6F,74,25,5C,73,79,73,74,65,6D,33,32,5C,73,76,63,68,6F,73,74,2E,65,78,65,20,2D,6B,20,6E,65,74,73,76,63,73,00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Start"|dword:00000002 /E : value set successfully!
========== COMMANDS ==========

OTM by OldTimer - Version 3.1.17.2 log created on 01122011_230852

A povedlo se konecne

Jeste overime, ze nam to funguje

Vytvorte si bat soubor (navod vyse), jehoz obsahem bude skript

Kód: Vybrat vše

net stop wuauserv >> "%userprofile%\plocha\kontrola.txt"
net STOP BITS >> "%userprofile%\plocha\kontrola.txt"

net start wuauserv >> "%userprofile%\plocha\kontrola.txt"
net start BITS >> "%userprofile%\plocha\kontrola.txt"

start notepad "%userprofile%\plocha\kontrola.txt"

Mel by na Vas vyskocit log, pokud ne, bude umisten na plose s nazvem kontrola.txt

SpouçtŘnˇ slu§by Automatick‚ aktualizace.
Slu§ba Automatick‚ aktualizace byla ŁspŘçnŘ spuçtŘna.

SpouçtŘnˇ slu§by Slu§ba inteligentnˇho pýenosu na pozadˇ (BITS).
Slu§ba Slu§ba inteligentnˇho pýenosu na pozadˇ (BITS) byla ŁspŘçnŘ spuçtŘna.

Parada

Jak se chova PC

Je to v pohode,skype taky. Diky moc,pane!!!

Tak jeste pouklizime

Odinstalujte Combofix

Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
Napiste ComboFix /Uninstall
Stisknete Enter
Tohle smaze Combofix a jeho slozky

T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A dejte novy log z RSIT

VIRY.CZ

Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu

Re: Prosim o konrolu logu