VIRY.CZ

jinak doufam ze nic neudelam tim ze navecer vypnu pocitac...protoze jej vypinam
a mohu zapnout nyni opet firewall?...protoze jsem jej zapnul

Soubor schvost.exe je skutečně virus, ALE!! soubor svchost.exe, pokud je v lokaci C:\Windows\System32\ je legitimní proces. Musíš se dívat pečlivě, aby sis neodpálil ten systémový soubor.
Vypnutí počítače na noc samozřejmě nevadí. Ve vypnutém počítači se nic neděje a nemůžeme tu sedět celou noc.
NIC NEZAPÍNEJ, PROSÍM!!! Já nevím... to Ti kolikrát mám napsat, abys dělal přesně, co Ti řeknu?!

Pokud jsi tak ještě neučinil, přesuň ComboFix na Plochu.

• Otevři si Poznámkový blok (Start >> Spustit... (nebo Win+R) >> do okénka napiš notepad >> [Enter]).
• Zkopíruj do něj tento script:

• Ulož vytvořený TXT jako CFScript.txt
• Přetáhni vytvořený CFScript.txt nad ComboFix a pusť (viz obrázek).
  
• Po aplikaci scriptu (a případném restartu PC) na Tebe vyskočí log. Jeho obsah mi sem vlož.

Může se stát, že po aplikaci scriptu nenaběhnou Windows. V tom případě restartuj PC, hned při náběhu mačkej klávesu F8 a zvol Poslední známou konfiguraci.

posilam ten log:

ComboFix 11-10-28.03 - Ivana 28.10.2011 9:54.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4091.2894 [GMT 2:00]
Spuštěný z: c:\users\Ivana\Pictures\zahrada\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ivana\Pictures\zahrada\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\precache.exe
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\Updater\config.xml
c:\program files (x86)\Ask.com\Updater\Updater.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\Seznam.cz\toolbar
c:\program files (x86)\Seznam.cz\toolbar\toolbar.dll
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\defaults.js.bak
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js.bak
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome.manifest
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\bindings.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\button-bindings.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\dynamic-button-manager.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\dynamic-button.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\highlight-to-search.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\http-headers.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\newtab-manager.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\newtab-overlay.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\newtab.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\newtab.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\notification-popup-controller.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\notification-popup-ff3.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\notification-popup.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\notification.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\updateRdf.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\ask_blue_logo.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\ask_kmp1.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\ask_mail.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\asklogo_16x21.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\b-p.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\b.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\bl-pbl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\bl-pbr.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\bl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\br-pbl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\br-pbr.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\br.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\celebrity.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\citysearch_a.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\close.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\cnn_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\default.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\dropmarker.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\email.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\email_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\emailplus.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\facebook_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\games_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\icon_radio_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\KMPnews.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\l.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\newtab.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\newtab_bkg.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\newtab_search_bkg.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\notification.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\personas.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\ptv2_new.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\r.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\radiodigital.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_button.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\searchbar.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\t-p.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\t.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\titlebar_bg.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\tl-ptl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\tl-ptr.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\tl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\tr-ptl.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\tr-ptr.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\tr.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\twitter.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\youtube_16x.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-07-Oct-2011-09-00-35-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-01-Aug-2011-08-19-37-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-01-Oct-2011-05-02-23-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-04-Jun-2011-05-55-01-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-08-Oct-2011-10-57-48-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-23-Jul-2011-10-06-05-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-15-May-2011-16-23-59-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-25-May-2011-14-00-50-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-28-Sep-2011-19-14-50-GMT\ff-config.zip
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\install.rdf
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319709432948.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319710909765.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319719148142.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319720315682.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319720938170.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319721548369.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319722741469.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319722741768.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319726726199.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319727337987.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319729567401.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319730709271.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319731291933.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319739965467.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319744432358.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319745055267.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319748108162.html
c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\extensions\toolbar@ask.com\logs\asktb-log-1319787526691.html
c:\windows\av_ico
c:\windows\av_ico\ico_mcafee_start.ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\ufa
c:\windows\update.8.1
c:\windows\update.tray-3-0-lnk
c:\windows\update.tray-3-0-lnk\svchost.exe
c:\windows\update.tray-3-0
c:\windows\update.tray-3-0\svchost.exe
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-9-0-lnk\svchost.exe
c:\windows\update.tray-9-0
c:\windows\update.tray-9-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ICQ Service
-------\Service_NAUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-28 )))))))))))))))))))))))))))))))
.
.
2011-10-28 08:11 . 2011-10-28 08:11 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F116D07-DA5E-4BEB-B734-FD2192251C06}\offreg.dll
2011-10-28 08:06 . 2011-10-28 08:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-27 13:40 . 2011-10-27 13:40 246272 ----a-w- c:\windows\unrar.exe
2011-10-16 08:15 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F116D07-DA5E-4BEB-B734-FD2192251C06}\mpengine.dll
2011-10-01 22:02 . 2011-10-01 22:17 -------- d-----w- c:\users\Ivana\AppData\Local\Nero
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-27_19.32.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2011-10-28 08:10 42238 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-10-27 13:40 42238 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-02-26 17:33 . 2011-10-28 08:10 6468 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4060187141-1992112991-293610371-1000_UserData.bin
- 2011-10-27 19:31 . 2011-10-27 19:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-28 08:08 . 2011-10-28 08:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-28 08:08 . 2011-10-28 08:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-27 19:31 . 2011-10-27 19:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-10-27 13:45 610094 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-10-28 07:43 610094 c:\windows\system32\perfh009.dat
+ 2010-09-21 09:43 . 2011-10-28 07:43 625914 c:\windows\system32\perfh005.dat
- 2010-09-21 09:43 . 2011-10-27 13:45 625914 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-10-28 07:43 104412 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-10-27 13:45 104412 c:\windows\system32\perfc009.dat
+ 2010-09-21 09:43 . 2011-10-28 07:43 120000 c:\windows\system32\perfc005.dat
- 2010-09-21 09:43 . 2011-10-27 13:45 120000 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:01 . 2011-10-28 08:08 388160 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-27 19:31 388160 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 02:34 . 2011-10-28 07:48 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-10-27 13:48 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-04-01 34392]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [2010-04-23 867360]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 18:06]
.
2011-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-26 18:06]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2010-04-23 861216]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [BU]
"combofix"="c:\combofix\CF29626.3XE" [2009-07-14 344576]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files (x86)\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{97B39DB0-E14A-4974-8F2F-3C32ADB2BDBE}: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
@="131473"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\syswow64\MsiExec.exe
.
**************************************************************************
.
Celkový čas: 2011-10-28 10:28:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-28 08:28
ComboFix2.txt 2011-10-27 19:38
.
Před spuštěním: Volných bajtů: 246 921 076 736
Po spuštění: Volných bajtů: 246 611 599 360
.
- - End Of File - - 92269C828EDF2F453C3AF4D841336CFC

ahoj chtel bych se jeste zeptat...co surfovani po netu kdyz mam vyply firewall a vsechny antiviry?

Arashid píše:ahoj chtel bych se jeste zeptat...co surfovani po netu kdyz mam vyply firewall a vsechny antiviry?

Hele... odvirováváš teď počítač, viď? Máš ho zaflákaný jak auto po Rallye Bohemia, viď? Prosím Tě, kde chceš surfovat, co chceš zapínat a pořád dělat? To jako dáš auto do servisu a za hodinu se ptáš servisáka, jestli si můžeš zajet do města na nákup nebo k jezírku na ryby nebo?!

Stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
  http://oldtimer.geekstogo.com/OTM.com
  http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script: Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

zasilam log:

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PLFSetI not found.
========== FILES ==========
Folder move failed. C:\Windows\msdownld.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA2E3.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp scheduled to be moved on reboot.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt428.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1c1725345550db247e80071b2a61d35b\BIT2A7A.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\a7300a48d28bdba0cd4f921d64700711\BIT2BE2.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\d8c9f069a54911d14bfffb5743770d38\BIT2EB1.tmp moved successfully.
C:\Windows\twain_32\hpqgnds2.tmp moved successfully.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
c:\windows\unrar.exe deleted successfully.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ivana
->Temp folder emptied: 36170 bytes
->Temporary Internet Files folder emptied: 3413623 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 101044154 bytes
->Flash cache emptied: 1863 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2843 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 100.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Ivana
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


Restore point Set: OTM Restore Point

OTM by OldTimer - Version 3.1.19.0 log created on 10282011_133159

Files moved on Reboot...
File C:\Windows\msdownld.tmp not found!
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA2E3.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp scheduled to be moved on reboot.
Folder move failed. C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp scheduled to be moved on reboot.
C:\Users\Ivana\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

OK, tak ještě jeden scan a pak se vrhneme na opravu antivirů a FW.

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

• Proveď aktualizaci virové databáze.
• V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
• Předem nic nemaž!!
• MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

posilam log:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 8034

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

28.10.2011 15:01:55
mbam-log-2011-10-28 (15-01-48).txt

Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 291745
Uplynulý čas: 31 minut, 21 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 9

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Qoobox\quarantine\C\Windows\l1rezerv.exe.vir (Trojan.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\sysdriver32.exe.vir (Trojan.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.1\svchost.exe.vir (Trojan.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.7.1\svchostdriver.exe.vir (Spyware.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.tray-3-0\svchost.exe.vir (Trojan.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.tray-3-0-lnk\svchost.exe.vir (Trojan.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.tray-9-0\svchost.exe.vir (Trojan.Agent) -> No action taken.
c:\Qoobox\quarantine\C\Windows\update.tray-9-0-lnk\svchost.exe.vir (Trojan.Agent) -> No action taken.
c:\Users\Ivana\Pictures\zahrada\Desktop\rk_quarantine\sysdriver32.exe.vir (Trojan.Agent) -> No action taken.

Všechny nálezy MBAMu můžeš smazat.

Hoď mi sem aktuální log ze RSITu pro kontrolu, prosím.

posilam log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivana at 2011-10-28 17:03:50
Microsoft Windows 7 Home Premium
System drive C: has 235 GB (81%) free of 292 GB
Total RAM: 4091 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:04:00, on 28.10.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Ivana\Pictures\zahrada\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Ivana.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Atheros Communications - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9664 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default

prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, smartwebprinting@hp.com:4.51, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

"smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Ivana\AppData\Roaming\Mozilla\Firefox\Profiles\1qbqt0bn.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-28 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files (x86)\Seznam.cz\listicka.dll [2011-03-15 2201600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-28 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2011-06-19 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-10-28 17:03:51 ----D---- C:\Program Files (x86)\trend micro
2011-10-28 17:03:50 ----D---- C:\rsit
2011-10-28 14:27:35 ----D---- C:\Users\Ivana\AppData\Roaming\Malwarebytes
2011-10-28 14:27:25 ----D---- C:\ProgramData\Malwarebytes
2011-10-28 14:27:21 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-28 13:32:42 ----SHD---- C:\$RECYCLE.BIN
2011-10-28 13:31:59 ----D---- C:\_OTM
2011-10-28 10:28:28 ----A---- C:\ComboFix.txt
2011-10-27 21:22:30 ----A---- C:\Windows\zip.exe
2011-10-27 21:22:30 ----A---- C:\Windows\SWSC.exe
2011-10-27 21:22:30 ----A---- C:\Windows\SWREG.exe
2011-10-27 21:22:30 ----A---- C:\Windows\sed.exe
2011-10-27 21:22:30 ----A---- C:\Windows\PEV.exe
2011-10-27 21:22:30 ----A---- C:\Windows\NIRCMD.exe
2011-10-27 21:22:30 ----A---- C:\Windows\MBR.exe
2011-10-27 21:22:30 ----A---- C:\Windows\grep.exe
2011-10-27 21:22:25 ----D---- C:\Windows\ERDNT
2011-10-27 21:22:22 ----D---- C:\Qoobox
2011-10-02 00:07:24 ----A---- C:\Windows\NeroDigital.ini

======List of files/folders modified in the last 1 month======

2011-10-28 17:03:53 ----D---- C:\Windows\Temp
2011-10-28 17:03:51 ----D---- C:\Program Files (x86)
2011-10-28 17:02:26 ----D---- C:\Windows\System32
2011-10-28 17:02:26 ----D---- C:\Windows\inf
2011-10-28 16:58:27 ----SHD---- C:\Windows\Installer
2011-10-28 14:29:18 ----D---- C:\Windows\SysWOW64\drivers
2011-10-28 14:27:25 ----D---- C:\ProgramData
2011-10-28 13:32:58 ----SHD---- C:\System Volume Information
2011-10-28 13:32:41 ----D---- C:\Windows
2011-10-28 13:32:21 ----D---- C:\Windows\Tasks
2011-10-28 13:32:07 ----D---- C:\Windows\twain_32
2011-10-28 10:39:06 ----D---- C:\Users\Ivana\AppData\Roaming\ICQ
2011-10-28 10:30:57 ----D---- C:\Config.Msi
2011-10-28 10:09:53 ----A---- C:\Windows\system.ini
2011-10-28 10:01:43 ----D---- C:\Program Files (x86)\Seznam.cz
2011-10-28 09:57:45 ----D---- C:\Windows\SysWOW64
2011-10-28 09:57:45 ----D---- C:\Windows\AppPatch
2011-10-28 09:57:40 ----D---- C:\Program Files (x86)\Common Files
2011-10-28 09:51:22 ----D---- C:\Users\Ivana\AppData\Roaming\uTorrent
2011-10-27 17:31:29 ----D---- C:\Users\Ivana\AppData\Roaming\Skype
2011-10-26 14:27:56 ----D---- C:\Program Files (x86)\ICQ7.4
2011-10-23 09:20:11 ----D---- C:\Windows\Prefetch
2011-10-02 00:07:52 ----SD---- C:\Users\Ivana\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys []
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys []
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-04-01 34392]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2010-04-23 867360]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe []
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-17 182768]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

Tak zdá se, že máme čisto.

Odinstaluj McAfee - ten by měl jít klasicky přes Odinstalaci (Uninstall). Podrobný návod zde.
Stejně tak odinstaluj vše, co má v názvu slovo toolbar (Google Toolbar, ICQToolBar, Lištička a podobné).
Dále - opět dle stejného postupu - odinstaluj Malwarebytes' Anti-Malware (MBAM).
Pomocí tohoto postupu odinstaluj ESET.
Až bude čisto, nainstaluj free řešení antiviru, Avast, Avira nebo MSE - pročti toto téma. Osobně bych doporučoval Avast - Free Edition, ne že si tam zase flákneš ten nelegální ESET!!

Ty antiviry bych doporučoval odinstalovat v Nouzovém režimu.

Proveď vše v klidu, v pohodě a hlavně pečlivě, je toho hodně! Až bude hotovo, dej mi sem vědět, budeme pokračovat. Když bude nějaký výraznější problém, napiš sem, ne do SZ, prosím!

vse hotovo antivirus nainstalovany(zvolil jsem tedy avast free) a chtel jsem se zeptat...je pouze na 30dnu pokud se nezaregistruji...a kdyz s echci zaregistrovat, tak je to bezplatne a stale je ten program zdarma?nemusim platit zadne poplatky?jinak muzeme tedy pokracovat dal

Avast si zaregistruj a máš jej na rok zdarma. Registrace Tě nic nestojí, jen pár vteřin na internetu. Za rok si jej znovu zaregistruješ (vlastně oznámíš tvůrcům Avastu, že jsi spokojen a budeš jej i nadále využívat) a hotovo. Není důvod se neregistrovat, Avast je podle mě nejlepší volbou mezi free řešeními, dokonce převyšuje i leckteré placené antiviry. Když si jej nezaregistruješ, po 30ti dnech jej máš v počítači nelegálně, k čemuž opravdu nevidím důvod. A mít cracknutý antivir (jako jsi měl ESET) je jako mít zamčené dveře a otevřená všechna okna. A to se nebavíme o porušování autorských zákonů, že ano.

Jedeme dál - doinstaluj si Windows 7 Service Pack 1 a všechny dostupné aktualizace, které řeší mnoho problémů v zabezpečení systému.
Až to provedeš, hoď mi sem log z OTL na závěrečnou kontrolu a dočištění.

Stáhni OTL z tohoto odkazu a ulož jej na Plochu.

• Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
• Zaškrtni okénko Pro všechny uživatele.
• Zaškrtni okénko Kontrola na havěť "LOP".
• Zaškrtni okénko Kontrola na havěť "Purity".
• Stáři souborů změň z 30 dnů na 7 dnů.
• Do spodního okénka Vlastní skenování/opravy vlož tento script:

• Klikni na tlačítko Prohledat.
• Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
• Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

ahoj objevil se prvni problem a to hned u kroku, kdy mam spustit aktualizace......mam tam zhruba 61 aktualizaci, ale nejdou spustit a zjistil jsem proc....prikladam odkaz: http://imageshack.us/g/844/beznzvu1y.jpg/ kde jsou screeny
popis problemu: jak jsem zde jiz rikal, aktualizace nefunguji...jakmile dam spustit, proces se ukonci na 0% a napise to zpravu(viz. obrazek prvni) pote jsem rozklikl ''zobrazit napovedu k teto chybe" a objevilo se okenko(viz. obrazek druhy)...ta druha moznost na obrazku 2 je v poradku vse jsem nasel a vse bylo tak jak ma byt...ovsem prvni moznost, ta uz v poradku neni...sotva otevru 1. bod, zjistim ze mi chybi Služba inteligentního přenosu na pozadí (BITS) (viz. obrazek 3). Nevim co mam delat jelikoz bez toho asi ty aktualizace nespustim...premyslel jsem ze bych zkusil stahnout ten balicek z internetu, ale radeji dam na tvou radu.
Jinak zitra zde nebudu tak dlouho jako vcera, az k veceru spise.