nejde centrum zabezpečení win 7

Zpráva

Archik · #1 Příspěvek od **Archik** » 05 dub 2011 13:44

Zdravím od včerejsího dne mi nejde spustit centrum zabezpečení na win 7 a proto prosím o pomoc, píše mi to že službu nelze zapnout. Tudíž nejde ani win defender a firewal.

zde je log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Archi at 2011-04-05 14:37:17
Microsoft Windows 7 Professional
System drive C: has 34 GB (34%) free of 100 GB
Total RAM: 3071 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:37:29, on 5.4.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
D:\Kies\KiesTrayAgent.exe
C:\Program Files\Qstarz PC Suite\QTray.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Users\Archi\AppData\Local\Apps\2.0\2R3DMTTY.8Q7\Y3D9PCXJ.7BK\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\SearchFilterHost.exe
E:\download\RSIT.exe
C:\Program Files\trend micro\Archi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zaparit.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Archi\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Archi\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NoteZilla] C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [KiesHelper] D:\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] D:\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QTray.lnk = C:\Program Files\Qstarz PC Suite\QTray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Unibet - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\unibetpokerMPP\MPPoker.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10485 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Kfhfjqt.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Archi\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-10-25 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 297808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2010-12-13 421160]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-11-30 74752]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=c:\program files\steam\steam.exe [2010-11-17 1242448]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"NoteZilla"=C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe [2008-01-06 494080]
"QNPlus"= []
"PlayNC Launcher"= []
""= []
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-02-28 427008]
"KiesHelper"=D:\Kies\KiesHelper.exe [2011-01-30 888120]
"KiesTrayAgent"=D:\Kies\KiesTrayAgent.exe [2011-01-30 3372856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
QTray.lnk - C:\Program Files\Qstarz PC Suite\QTray.exe

C:\Users\Archi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-04-05 14:37:17 ----D---- C:\rsit
2011-04-05 14:37:17 ----D---- C:\Program Files\trend micro
2011-04-05 04:55:59 ----D---- C:\Users\Archi\AppData\Roaming\Malwarebytes
2011-04-05 04:55:48 ----D---- C:\ProgramData\Malwarebytes
2011-04-05 04:55:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-04-05 04:55:45 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-04-04 21:02:41 ----RASH---- C:\Windows\system32\stobjecth.dll
2011-04-04 19:54:27 ----D---- C:\Users\Archi\AppData\Roaming\Artisteer
2011-04-04 19:48:35 ----D---- C:\Program Files\Artisteer 3
2011-04-04 19:42:25 ----A---- C:\ChVID.exe
2011-03-26 12:26:04 ----D---- C:\Program Files\CCleaner
2011-03-26 11:01:31 ----D---- C:\ProgramData\Electronic Arts
2011-03-26 11:01:31 ----D---- C:\ProgramData\EA Core
2011-03-25 21:01:53 ----D---- C:\Program Files\Full Tilt Poker
2011-03-25 20:59:20 ----D---- C:\Program Files\WinDjView
2011-03-24 20:05:17 ----D---- C:\Users\Archi\AppData\Roaming\Application Data
2011-03-24 20:05:17 ----D---- C:\ProgramData\Spyware Terminator
2011-03-24 20:05:16 ----D---- C:\Program Files\Spyware Terminator
2011-03-22 16:52:45 ----N---- C:\Windows\Setup1.exe
2011-03-22 16:52:44 ----A---- C:\Windows\ST6UNST.EXE
2011-03-20 16:06:10 ----D---- C:\Program Files\Electronic Arts
2011-03-18 23:30:31 ----D---- C:\Users\Archi\AppData\Roaming\Opera
2011-03-18 23:30:26 ----D---- C:\Program Files\Opera
2011-03-17 23:45:41 ----D---- C:\Users\Archi\AppData\Roaming\HideIPEasy
2011-03-17 23:45:41 ----D---- C:\ProgramData\HideIPEasy
2011-03-17 23:44:55 ----D---- C:\Program Files\HideIPEasy
2011-03-12 18:15:02 ----D---- C:\Program Files\Silabs
2011-03-12 18:14:29 ----D---- C:\Windows\system32\Silabs
2011-03-12 18:13:58 ----D---- C:\Program Files\Qstarz PC Suite
2011-03-12 17:57:43 ----D---- C:\Program Files\Qstarz
2011-03-11 09:36:19 ----D---- C:\Program Files\rajce
2011-03-10 19:27:15 ----D---- C:\ProgramData\Blizzard
2011-03-10 16:50:21 ----D---- C:\Program Files\7-Zip
2011-03-09 17:37:04 ----D---- C:\Program Files\Winamp Detect
2011-03-09 17:36:47 ----D---- C:\Users\Archi\AppData\Roaming\Winamp
2011-03-09 17:36:47 ----D---- C:\Program Files\Winamp
2011-03-09 10:13:41 ----A---- C:\Windows\system32\FntCache.dll
2011-03-09 10:13:41 ----A---- C:\Windows\system32\DWrite.dll
2011-03-09 10:13:40 ----A---- C:\Windows\system32\d2d1.dll
2011-03-09 10:13:39 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 10:13:39 ----A---- C:\Windows\system32\EncDec.dll
2011-03-09 10:13:39 ----A---- C:\Windows\system32\CPFilters.dll
2011-03-09 10:13:38 ----A---- C:\Windows\system32\mstscax.dll
2011-03-09 10:13:37 ----A---- C:\Windows\system32\mstsc.exe
2011-03-08 21:33:00 ----D---- C:\Program Files\Common Files\Java
2011-03-08 21:32:41 ----A---- C:\Windows\system32\javaws.exe
2011-03-08 21:32:41 ----A---- C:\Windows\system32\javaw.exe
2011-03-08 21:32:41 ----A---- C:\Windows\system32\java.exe
2011-03-08 21:31:24 ----D---- C:\ProgramData\McAfee
2011-03-08 21:26:56 ----D---- C:\Program Files\Minecraft-Beta v1.3
2011-03-06 11:53:24 ----D---- C:\Program Files\Ubisoft
2011-03-06 10:46:37 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2011-04-05 14:37:28 ----D---- C:\Windows\Prefetch
2011-04-05 14:37:17 ----RD---- C:\Program Files
2011-04-05 13:39:33 ----D---- C:\Windows\Temp
2011-04-05 13:15:44 ----D---- C:\ProgramData\NVIDIA
2011-04-05 13:15:41 ----D---- C:\Windows\system32\drivers
2011-04-05 13:15:14 ----D---- C:\Program Files\Steam
2011-04-05 05:04:37 ----D---- C:\Windows\system32\config
2011-04-05 05:01:13 ----D---- C:\Windows
2011-04-05 05:00:21 ----D---- C:\Windows\LiveKernelReports
2011-04-05 05:00:13 ----D---- C:\Windows\system32\Tasks
2011-04-05 05:00:10 ----D---- C:\Windows\Tasks
2011-04-05 04:55:48 ----HD---- C:\ProgramData
2011-04-05 00:40:28 ----SHD---- C:\System Volume Information
2011-04-04 22:44:07 ----D---- C:\Users\Archi\AppData\Roaming\uTorrent
2011-04-04 22:43:58 ----D---- C:\Users\Archi\AppData\Roaming\TS3Client
2011-04-04 22:43:58 ----D---- C:\Users\Archi\AppData\Roaming\Skype
2011-04-04 21:02:41 ----D---- C:\Windows\System32
2011-04-04 20:51:08 ----SHD---- C:\Windows\Installer
2011-04-04 19:54:26 ----D---- C:\Users\Archi\AppData\Roaming\Apple Computer
2011-04-04 16:03:29 ----D---- C:\Users\Archi\AppData\Roaming\skypePM
2011-04-01 22:34:23 ----D---- C:\Windows\inf
2011-04-01 22:34:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-01 14:21:13 ----D---- C:\Windows\system32\catroot2
2011-03-30 12:11:59 ----D---- C:\Windows\system32\catroot
2011-03-30 12:11:58 ----D---- C:\Windows\system32\DriverStore
2011-03-30 12:11:30 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-27 01:31:53 ----D---- C:\Users\Archi\AppData\Roaming\DNA
2011-03-26 12:42:11 ----D---- C:\Users\Archi\AppData\Roaming\Media Player Classic
2011-03-26 12:41:52 ----D---- C:\Windows\Minidump
2011-03-26 12:41:52 ----D---- C:\Windows\debug
2011-03-26 12:38:30 ----D---- C:\Garmin
2011-03-25 20:50:19 ----D---- C:\Users\Archi\AppData\Roaming\Microgaming
2011-03-24 20:01:14 ----D---- C:\Windows\system32\NDF
2011-03-23 23:15:32 ----D---- C:\Program Files\Common Files\Steam
2011-03-23 19:28:55 ----D---- C:\Program Files\Mozilla Firefox
2011-03-21 13:05:14 ----D---- C:\Program Files\Ask.com
2011-03-17 20:46:45 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-03-11 09:05:37 ----D---- C:\Program Files\Mozilla Thunderbird
2011-03-10 17:32:40 ----D---- C:\Program Files\RapidShareManager
2011-03-10 15:59:24 ----D---- C:\Program Files\JDownloader
2011-03-10 09:44:48 ----D---- C:\Windows\winsxs
2011-03-09 23:05:38 ----A---- C:\Windows\system32\MRT.exe
2011-03-09 23:05:27 ----D---- C:\ProgramData\Microsoft Help
2011-03-09 20:12:45 ----D---- C:\Users\Archi\AppData\Roaming\.minecraft
2011-03-09 17:36:50 ----D---- C:\Program Files\Common Files\PX Storage Engine
2011-03-09 10:08:45 ----D---- C:\Program Files\Microsoft Silverlight
2011-03-08 21:33:00 ----D---- C:\Program Files\Common Files
2011-03-08 21:32:36 ----D---- C:\Program Files\Java
2011-03-07 15:55:14 ----D---- C:\Users\Archi\AppData\Roaming\Adobe
2011-03-07 15:53:45 ----D---- C:\ProgramData\hps
2011-03-06 22:35:58 ----D---- C:\ProgramData\tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-04-17 44944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-24 691696]
R1 archlp;archlp; C:\Windows\system32\drivers\archlp.sys [2010-01-13 89728]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-01 281760]
R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-01 25888]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-07-26 36640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2011-01-06 27632]
S2 ASInsHelp;ASInsHelp; \??\C:\Windows\system32\drivers\AsInsHelp32.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 alhb4q42;alhb4q42; C:\Windows\system32\drivers\alhb4q42.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2010-12-01 23456]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-01-06 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-01-06 25512]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 PAC7302;eMessenger 310; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2010-04-27 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2010-04-27 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2010-04-27 123648]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbser;GPS USB Serial Interface Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;Sony Ericsson USB Device sa0101 Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-26 217088]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-02-14 66872]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-12-13 820008]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-19 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-23 403240]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-15 1343400]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 05 dub 2011 13:48

Zdravim a pekny den preji

Spustte MBAM, zalozka protokoly - vsechny mi zabalte do raru a uploadnete sem http://vyosek.ic.cz/havet/uploader.php

Spustte HJT a provedeme fixnuti polozek

HJT najdete zde C:\Program Files\trend micro\Archi.exe
Otevre se Vam okno, kliknete na Do a system scan only
V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Archi\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
Kliknete na Fix checked (vlevo dole)
HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Archik · #3 Příspěvek od **Archik** » 05 dub 2011 14:29

zde vkládám log z combofix požadováné soubory jsem uploadnul:

ComboFix 11-04-04.02 - Archi 05.04.2011 15:07:42.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3071.1963 [GMT 2:00]
Spuštěný z: c:\users\Archi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Archi\Documents\cc_20110326_112729.reg
c:\windows\system32\muzapp.exe
c:\windows\system32\system32
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MaJUtilLib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCaller.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\MetaStore2.dll
c:\windows\system32\system32\Microsoft.Synchronization.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
c:\windows\system32\system32\Synchronization2.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-05 do 2011-04-05 )))))))))))))))))))))))))))))))
.
.
2011-04-05 13:25 . 2011-04-05 13:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-05 12:52 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-05 12:37 . 2011-04-05 12:37 -------- d-----w- C:\rsit
2011-04-05 12:37 . 2011-04-05 12:37 -------- d-----w- c:\program files\trend micro
2011-04-05 02:55 . 2011-04-05 02:55 -------- d-----w- c:\users\Archi\AppData\Roaming\Malwarebytes
2011-04-05 02:55 . 2011-04-05 02:55 -------- d-----w- c:\programdata\Malwarebytes
2011-04-05 02:55 . 2011-04-05 12:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-05 02:55 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-04 19:02 . 2011-04-04 19:02 114688 --sha-r- c:\windows\system32\stobjecth.dll
2011-04-04 17:54 . 2011-04-04 17:54 -------- d-----w- c:\users\Archi\AppData\Roaming\Artisteer
2011-04-04 17:48 . 2011-04-04 18:49 -------- d-----w- c:\program files\Artisteer 3
2011-04-04 17:42 . 2006-11-01 10:05 154424 ----a-w- C:\ChVID.exe
2011-04-01 06:25 . 2011-03-15 04:05 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FCDD3428-388E-4F14-826C-E47A646A8249}\mpengine.dll
2011-03-26 10:26 . 2011-03-26 10:26 -------- d-----w- c:\program files\CCleaner
2011-03-26 09:01 . 2011-03-26 09:01 -------- d-----w- c:\programdata\Electronic Arts
2011-03-26 09:01 . 2011-03-26 09:01 -------- d-----w- c:\programdata\EA Core
2011-03-25 19:04 . 2011-03-25 19:04 -------- d-----w- c:\users\Archi\AppData\Local\cache
2011-03-25 19:02 . 2011-03-25 19:40 -------- d-----w- c:\users\Archi\AppData\Local\FullTiltPoker
2011-03-25 19:01 . 2011-03-25 19:43 -------- d-----w- c:\program files\Full Tilt Poker
2011-03-25 18:59 . 2011-03-25 18:59 -------- d-----w- c:\program files\WinDjView
2011-03-24 18:05 . 2011-03-24 18:07 -------- d-----w- c:\programdata\Spyware Terminator
2011-03-24 18:05 . 2011-04-04 19:25 -------- d-----w- c:\program files\Spyware Terminator
2011-03-22 14:52 . 2011-03-22 14:52 286720 ------w- c:\windows\Setup1.exe
2011-03-22 14:52 . 2011-03-22 14:52 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-03-20 14:06 . 2011-03-20 14:06 -------- d-----w- c:\program files\Electronic Arts
2011-03-19 20:30 . 2011-03-19 20:30 -------- d-----w- c:\users\Archi\AppData\Local\ALI213
2011-03-19 18:44 . 2011-03-19 18:44 -------- d-----w- c:\users\Archi\AppData\Local\3DMGAME
2011-03-18 21:30 . 2011-03-18 21:30 -------- d-----w- c:\users\Archi\AppData\Local\Opera
2011-03-18 21:30 . 2011-03-18 21:30 -------- d-----w- c:\program files\Opera
2011-03-17 21:45 . 2011-03-17 21:45 -------- d-----w- c:\users\Archi\AppData\Roaming\HideIPEasy
2011-03-17 21:45 . 2011-03-17 21:45 -------- d-----w- c:\programdata\HideIPEasy
2011-03-17 21:44 . 2011-03-17 21:44 -------- d-----w- c:\program files\HideIPEasy
2011-03-12 16:15 . 2011-03-12 16:15 -------- d-----w- c:\program files\Silabs
2011-03-12 16:14 . 2011-03-12 16:15 -------- d-----w- c:\windows\system32\Silabs
2011-03-12 16:13 . 2011-03-12 16:14 -------- d-----w- c:\program files\Qstarz PC Suite
2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\program files\Qstarz
2011-03-11 07:36 . 2011-03-11 07:36 -------- d-----w- c:\program files\rajce
2011-03-10 17:27 . 2011-03-10 17:27 -------- d-----w- c:\programdata\Blizzard
2011-03-10 14:50 . 2011-03-10 14:50 -------- d-----w- c:\program files\7-Zip
2011-03-09 15:37 . 2011-03-09 15:37 -------- d-----w- c:\program files\Winamp Detect
2011-03-09 15:36 . 2011-04-04 20:43 -------- d-----w- c:\users\Archi\AppData\Roaming\Winamp
2011-03-09 15:36 . 2011-03-09 15:38 -------- d-----w- c:\program files\Winamp
2011-03-09 08:13 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 08:13 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 08:13 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 08:13 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 08:13 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 08:13 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 08:13 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 08:13 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 08:13 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-03-08 19:33 . 2011-03-08 19:33 -------- d-----w- c:\program files\Common Files\Java
2011-03-08 19:31 . 2011-03-08 19:31 -------- d-----w- c:\programdata\McAfee
2011-03-08 19:26 . 2011-03-08 19:55 -------- d-----w- c:\program files\Minecraft-Beta v1.3
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 18:47 . 2010-11-19 22:25 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-03-17 18:46 . 2010-11-19 22:25 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-02-14 08:15 . 2010-12-29 13:24 22328 ----a-w- c:\users\Archi\AppData\Roaming\PnkBstrK.sys
2011-02-14 08:15 . 2011-02-14 08:15 669184 ----a-w- c:\windows\system32\pbsvc.exe
2011-02-14 08:15 . 2010-11-19 22:24 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-02-03 05:45 . 2011-02-10 13:31 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 20:40 . 2010-08-22 07:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 17:11 . 2010-07-14 13:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-31 01:01 . 2011-02-26 14:36 87340080 ----a-w- c:\users\Archi\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe
2011-01-29 22:16 . 2011-01-29 22:16 30056 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-01-29 16:00 . 2011-02-26 14:42 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-01-29 16:00 . 2011-01-29 16:00 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-01-29 16:00 . 2011-01-29 16:00 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-01-29 16:00 . 2011-01-29 16:00 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-01-29 16:00 . 2011-01-29 16:00 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-01-29 16:00 . 2011-01-29 16:00 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-01-29 16:00 . 2011-01-29 16:00 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-01-29 16:00 . 2011-01-29 16:00 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-01-29 16:00 . 2011-01-29 16:00 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-01-29 16:00 . 2011-01-29 16:00 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-01-29 16:00 . 2011-01-29 16:00 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-01-29 16:00 . 2011-01-29 16:00 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-01-29 16:00 . 2011-01-29 16:00 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-01-29 16:00 . 2011-01-29 16:00 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-01-29 16:00 . 2011-01-29 16:00 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-01-29 16:00 . 2011-01-29 16:00 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-01-29 16:00 . 2011-01-29 16:00 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-01-29 16:00 . 2011-01-29 16:00 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-01-29 16:00 . 2011-01-29 16:00 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-01-29 16:00 . 2011-01-29 16:00 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-01-29 16:00 . 2011-01-29 16:00 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-01-29 16:00 . 2011-01-29 16:00 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-01-29 16:00 . 2011-01-29 16:00 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-01-29 16:00 . 2011-01-29 16:00 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-01-29 16:00 . 2011-01-29 16:00 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-01-29 16:00 . 2011-01-29 16:00 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-01-29 16:00 . 2011-01-29 16:00 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-01-29 16:00 . 2011-01-29 16:00 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-01-29 16:00 . 2011-02-26 14:42 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-01-13 08:47 . 2010-07-14 13:41 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-07-14 13:41 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-07-14 13:44 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-07-14 13:44 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:37 . 2010-07-14 13:44 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-07-14 13:44 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-13 08:37 . 2010-07-14 13:44 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-07 07:31 . 2011-02-23 13:28 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-07 07:31 . 2011-02-23 13:28 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-07 07:27 . 2011-02-10 13:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 05:33 . 2011-02-10 13:31 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-01-06 17:07 . 2011-01-06 17:07 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2011-01-06 15:36 . 2011-01-06 15:36 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-01-06 15:36 . 2011-01-06 15:36 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-01-06 15:36 . 2011-01-06 15:36 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 18:17 1487240 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2010-11-17 1242448]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"NoteZilla"="c:\program files\Conceptworld\NoteZilla\NoteZilla.exe" [2008-01-06 494080]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
"KiesHelper"="d:\kies\KiesHelper.exe" [2011-01-29 888120]
"KiesTrayAgent"="d:\kies\KiesTrayAgent.exe" [2011-01-29 3372856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-11-30 74752]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
c:\users\Archi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-7-14 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
QTray.lnk - c:\program files\Qstarz PC Suite\QTray.exe [2011-2-14 8990720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 136176]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2010-12-01 23456]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-01-06 13224]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-08-16 16472]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-08-16 11104]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-04-27 98560]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-04-27 14848]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-04-27 123648]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-15 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-24 691696]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2010-01-13 89728]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-26 217088]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-07-26 36640]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2011-01-06 27632]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 14:32]
.
2011-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 14:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.zaparit.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
FF - ProfilePath - c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: PandoraTV Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: Hide IP Easy: support@easy-hideip.com - %profile%\extensions\support@easy-hideip.com
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-QNPlus - (no file)
HKCU-Run-PlayNC Launcher - (no file)
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - d:\usb drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - d:\usb drivers\16_Shrewsbury\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - d:\usb drivers\25_escape\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-04-05 15:28:09
ComboFix-quarantined-files.txt 2011-04-05 13:28
.
Před spuštěním: Volných bajtů: 35 715 985 408
Po spuštění: Volných bajtů: 35 639 939 072
.
- - End Of File - - 505C26546B02AD00C9E98DEC7BA60892

#4 Příspěvek od **vyosek** » 05 dub 2011 14:44

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Driver::
gupdate

File::
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Kfhfjqt.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

Firefox::
FF - ProfilePath - c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - Ext: PandoraTV Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Folder::
c:\program files\Ask.com

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"AdobeAAMUpdater-1.0"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"QuickTime Task"=-
"iTunesHelper"=-
"SunJavaUpdateSched"=-
"WinampAgent"=-
"Malwarebytes' Anti-Malware (reboot)"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"DAEMON Tools Lite"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Archik · #5 Příspěvek od **Archik** » 05 dub 2011 15:09

Log po aplikaci skriptu:

ComboFix 11-04-04.02 - Archi 05.04.2011 15:49:04.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3071.2086 [GMT 2:00]
Spuštěný z: c:\users\Archi\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Archi\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\Kfhfjqt.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_dfe6.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.xpt
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences\prefs.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome.manifest
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content\ff-overlay.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content\ff-overlay.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content\overlay.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US\overlay.dtd
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US\overlay.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin\overlay.css
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\install.rdf
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\defaults.js.bak
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js.bak
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome.manifest
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\bindings.xml
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\button-bindings.xml
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\dynamic-button-manager.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\dynamic-button.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\http-headers.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\issigned.exe
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\newtab-manager.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\newtab-overlay.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\newtab.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\newtab.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\notification-popup-controller.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\notification-popup-ff3.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\notification-popup.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\notification.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\suggestions.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\abc.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\as.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ask_kmp1.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ask_mail.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\b-p.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\b.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\bbc_news.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\beppe_grillo.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\bild.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\bl-pbl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\bl-pbr.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\bl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\br-pbl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\br-pbr.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\br.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\business.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\businessRU.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\celebrity.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\close.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\cnn_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\corriere_della_sera.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\el_mundo.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\email_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\expansion.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\facebook_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\film1.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\folha.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ft.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ftd.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\g1.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\games_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\gazzetta_dello_sport.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\highlight_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\history.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\hola.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_film1_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_history_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_news_ru_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_nu_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_radiodigital_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_sports_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_sportsru_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icon_vk_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\icons_business_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\kicker.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\l.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\laposte.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\lemonde.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\lequipe.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\libero_it.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\magnify_search_grey_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\mtv.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\newsNL.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\newsRU.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\newtab.css
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\newtab_bkg.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\newtab_search_bkg.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\notification.css
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\oglobo.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\orkut.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\personas.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ptv.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\ptv2_new.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\r.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\radiodigital.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\sports.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\sportsNL.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\sportsRU.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\t-p.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\t.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\terra.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\titlebar_bg.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tl-ptl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tl-ptr.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tr-ptl.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tr-ptr.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tr.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tv.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\tv_movie_de.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\uol.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\vk.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\voici_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\weather_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\web_de.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\youtube_16x.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-14-Mar-2011-21-49-37-GMT\ff-config.zip
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-21-Mar-2011-11-30-27-GMT\ff-config.zip
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-16-Oct-2010-08-23-14-GMT\ff-config.zip
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-26-Aug-2010-14-45-16-GMT\ff-config.zip
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\install.rdf
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301943279230.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301945119302.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301945326712.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301945331492.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301947614254.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301949545375.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301949602796.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1301971930011.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1302002324684.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1302005996052.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1302006243401.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1302006635389.html
c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\extensions\toolbar@ask.com\logs\asktb-log-1302010125655.html
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-05 do 2011-04-05 )))))))))))))))))))))))))))))))
.
.
2011-04-05 14:01 . 2011-04-05 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-05 12:52 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-05 12:37 . 2011-04-05 12:37 -------- d-----w- C:\rsit
2011-04-05 12:37 . 2011-04-05 12:37 -------- d-----w- c:\program files\trend micro
2011-04-05 02:55 . 2011-04-05 02:55 -------- d-----w- c:\users\Archi\AppData\Roaming\Malwarebytes
2011-04-05 02:55 . 2011-04-05 02:55 -------- d-----w- c:\programdata\Malwarebytes
2011-04-05 02:55 . 2011-04-05 12:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-05 02:55 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-04 19:02 . 2011-04-04 19:02 114688 --sha-r- c:\windows\system32\stobjecth.dll
2011-04-04 17:54 . 2011-04-04 17:54 -------- d-----w- c:\users\Archi\AppData\Roaming\Artisteer
2011-04-04 17:48 . 2011-04-04 18:49 -------- d-----w- c:\program files\Artisteer 3
2011-04-04 17:42 . 2006-11-01 10:05 154424 ----a-w- C:\ChVID.exe
2011-04-01 06:25 . 2011-03-15 04:05 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FCDD3428-388E-4F14-826C-E47A646A8249}\mpengine.dll
2011-03-26 10:26 . 2011-03-26 10:26 -------- d-----w- c:\program files\CCleaner
2011-03-26 09:01 . 2011-03-26 09:01 -------- d-----w- c:\programdata\Electronic Arts
2011-03-26 09:01 . 2011-03-26 09:01 -------- d-----w- c:\programdata\EA Core
2011-03-25 19:04 . 2011-03-25 19:04 -------- d-----w- c:\users\Archi\AppData\Local\cache
2011-03-25 19:02 . 2011-03-25 19:40 -------- d-----w- c:\users\Archi\AppData\Local\FullTiltPoker
2011-03-25 19:01 . 2011-03-25 19:43 -------- d-----w- c:\program files\Full Tilt Poker
2011-03-25 18:59 . 2011-03-25 18:59 -------- d-----w- c:\program files\WinDjView
2011-03-24 18:05 . 2011-03-24 18:07 -------- d-----w- c:\programdata\Spyware Terminator
2011-03-24 18:05 . 2011-04-04 19:25 -------- d-----w- c:\program files\Spyware Terminator
2011-03-22 14:52 . 2011-03-22 14:52 286720 ------w- c:\windows\Setup1.exe
2011-03-22 14:52 . 2011-03-22 14:52 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-03-20 14:06 . 2011-03-20 14:06 -------- d-----w- c:\program files\Electronic Arts
2011-03-19 20:30 . 2011-03-19 20:30 -------- d-----w- c:\users\Archi\AppData\Local\ALI213
2011-03-19 18:44 . 2011-03-19 18:44 -------- d-----w- c:\users\Archi\AppData\Local\3DMGAME
2011-03-18 21:30 . 2011-03-18 21:30 -------- d-----w- c:\users\Archi\AppData\Local\Opera
2011-03-18 21:30 . 2011-03-18 21:30 -------- d-----w- c:\program files\Opera
2011-03-17 21:45 . 2011-03-17 21:45 -------- d-----w- c:\users\Archi\AppData\Roaming\HideIPEasy
2011-03-17 21:45 . 2011-03-17 21:45 -------- d-----w- c:\programdata\HideIPEasy
2011-03-17 21:44 . 2011-03-17 21:44 -------- d-----w- c:\program files\HideIPEasy
2011-03-12 16:15 . 2011-03-12 16:15 -------- d-----w- c:\program files\Silabs
2011-03-12 16:14 . 2011-03-12 16:15 -------- d-----w- c:\windows\system32\Silabs
2011-03-12 16:13 . 2011-03-12 16:14 -------- d-----w- c:\program files\Qstarz PC Suite
2011-03-12 15:57 . 2011-03-12 15:57 -------- d-----w- c:\program files\Qstarz
2011-03-11 07:36 . 2011-03-11 07:36 -------- d-----w- c:\program files\rajce
2011-03-10 17:27 . 2011-03-10 17:27 -------- d-----w- c:\programdata\Blizzard
2011-03-10 14:50 . 2011-03-10 14:50 -------- d-----w- c:\program files\7-Zip
2011-03-09 15:37 . 2011-03-09 15:37 -------- d-----w- c:\program files\Winamp Detect
2011-03-09 15:36 . 2011-04-04 20:43 -------- d-----w- c:\users\Archi\AppData\Roaming\Winamp
2011-03-09 15:36 . 2011-03-09 15:38 -------- d-----w- c:\program files\Winamp
2011-03-09 08:13 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 08:13 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 08:13 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 08:13 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 08:13 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 08:13 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 08:13 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 08:13 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 08:13 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-03-08 19:33 . 2011-03-08 19:33 -------- d-----w- c:\program files\Common Files\Java
2011-03-08 19:31 . 2011-03-08 19:31 -------- d-----w- c:\programdata\McAfee
2011-03-08 19:26 . 2011-03-08 19:55 -------- d-----w- c:\program files\Minecraft-Beta v1.3
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 18:47 . 2010-11-19 22:25 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-03-17 18:46 . 2010-11-19 22:25 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-02-14 08:15 . 2010-12-29 13:24 22328 ----a-w- c:\users\Archi\AppData\Roaming\PnkBstrK.sys
2011-02-14 08:15 . 2011-02-14 08:15 669184 ----a-w- c:\windows\system32\pbsvc.exe
2011-02-14 08:15 . 2010-11-19 22:24 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-02-03 05:45 . 2011-02-10 13:31 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 20:40 . 2010-08-22 07:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 17:11 . 2010-07-14 13:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-31 01:01 . 2011-02-26 14:36 87340080 ----a-w- c:\users\Archi\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe
2011-01-29 22:16 . 2011-01-29 22:16 30056 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-01-29 16:00 . 2011-02-26 14:42 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-01-29 16:00 . 2011-01-29 16:00 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-01-29 16:00 . 2011-01-29 16:00 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-01-29 16:00 . 2011-01-29 16:00 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-01-29 16:00 . 2011-01-29 16:00 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-01-29 16:00 . 2011-01-29 16:00 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-01-29 16:00 . 2011-01-29 16:00 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-01-29 16:00 . 2011-01-29 16:00 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-01-29 16:00 . 2011-01-29 16:00 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-01-29 16:00 . 2011-01-29 16:00 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-01-29 16:00 . 2011-01-29 16:00 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-01-29 16:00 . 2011-01-29 16:00 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-01-29 16:00 . 2011-01-29 16:00 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-01-29 16:00 . 2011-01-29 16:00 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-01-29 16:00 . 2011-01-29 16:00 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-01-29 16:00 . 2011-01-29 16:00 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-01-29 16:00 . 2011-01-29 16:00 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-01-29 16:00 . 2011-01-29 16:00 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-01-29 16:00 . 2011-01-29 16:00 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-01-29 16:00 . 2011-01-29 16:00 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-01-29 16:00 . 2011-01-29 16:00 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-01-29 16:00 . 2011-01-29 16:00 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-01-29 16:00 . 2011-01-29 16:00 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-01-29 16:00 . 2011-01-29 16:00 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-01-29 16:00 . 2011-01-29 16:00 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-01-29 16:00 . 2011-01-29 16:00 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-01-29 16:00 . 2011-01-29 16:00 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-01-29 16:00 . 2011-01-29 16:00 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-01-29 16:00 . 2011-02-26 14:42 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-01-13 08:47 . 2010-07-14 13:41 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-07-14 13:41 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-07-14 13:44 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-07-14 13:44 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:37 . 2010-07-14 13:44 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-07-14 13:44 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-13 08:37 . 2010-07-14 13:44 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-07 07:31 . 2011-02-23 13:28 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-07 07:31 . 2011-02-23 13:28 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-07 07:27 . 2011-02-10 13:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 05:33 . 2011-02-10 13:31 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-01-06 17:07 . 2011-01-06 17:07 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2011-01-06 15:36 . 2011-01-06 15:36 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-01-06 15:36 . 2011-01-06 15:36 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-01-06 15:36 . 2011-01-06 15:36 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NoteZilla"="c:\program files\Conceptworld\NoteZilla\NoteZilla.exe" [2008-01-06 494080]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
"KiesHelper"="d:\kies\KiesHelper.exe" [2011-01-29 888120]
"KiesTrayAgent"="d:\kies\KiesTrayAgent.exe" [2011-01-29 3372856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
c:\users\Archi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-7-14 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
QTray.lnk - c:\program files\Qstarz PC Suite\QTray.exe [2011-2-14 8990720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2010-12-01 23456]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-01-06 13224]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-08-16 16472]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-08-16 11104]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-04-27 98560]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-04-27 14848]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-04-27 123648]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-15 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-24 691696]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2010-01-13 89728]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-26 217088]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-07-26 36640]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2011-01-06 27632]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.zaparit.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
FF - ProfilePath - c:\users\Archi\AppData\Roaming\Mozilla\Firefox\Profiles\1p7852yi.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Hide IP Easy: support@easy-hideip.com - %profile%\extensions\support@easy-hideip.com
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2436)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2011-04-05 16:07:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-05 14:07
ComboFix2.txt 2011-04-05 13:28
.
Před spuštěním: Volných bajtů: 35 712 487 424
Po spuštění: Volných bajtů: 35 505 176 576
.
- - End Of File - - 3E3C3E8CCC8D585452E9E63159B104E3

#6 Příspěvek od **vyosek** » 05 dub 2011 15:11

Jak se chova PC

Archik · #7 Příspěvek od **Archik** » 05 dub 2011 15:15

Ochrany již zapnout jdou, všechny programy které běžně nabíhali po spuštění jsou vypnuté. Avast mi to zobrazuje jako zapnutý, ale ikonu na panelu aplikací nevidím.

#8 Příspěvek od **vyosek** » 05 dub 2011 15:20

Nektere zbytecnosti po startu jsem Vam vypnul = nabeh systemu bude rychlejsi...

Avast preinstalujte

Napiste ci je v poradku

Archik · #9 Příspěvek od **Archik** » 05 dub 2011 15:21

Avast přeinstalován a chová se normálně.

#10 Příspěvek od **vyosek** » 05 dub 2011 15:22

Odinstalujte Combofix

Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
Napiste ComboFix /Uninstall
Stisknete Enter
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A pokud nejsou problemy ci dotazy, je to z me strany vse

Archik · #11 Příspěvek od **Archik** » 05 dub 2011 15:33

Vše provedeno, počítač už se chová normálě díky moc za pomoc.
Vážím si Vašeho času a tak posílám nějaké drobné.

#12 Příspěvek od **vyosek** » 05 dub 2011 15:41

Za podporu fora jmenem celeho tymu dekuji

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

kostik258 · #13 Příspěvek od **kostik258** » 12 čer 2011 11:23

vyosek -

Dobrý deň,chcel by som vás poprosiť o radu.Nejde mi spustiť centrum zabezpečení vo Windows 7.Z ničoho nič mi to začalo robiť - asi nejaký vir

Som tu úplne nový a neviem si z tým už rady.Skúsil som to preskenovať ESET Smart Security,Malwarebytes Antimalware,Spybot Search and Destroy,OTL,Microsoft Safety Security,proste nič nepomáha.
Skúsil som to takto -
1.START
2.NÁSTROJE NA SPRÁVU
3.SLUŽBY
4.CENTRUM ZABEZPĚČENÍ
5.TYP SPUŠTĚNÍ-AUTOMATICKY(ZPOŽDĚNÉ SPUŠTĚNÍ)
6.POUŽÍT a potvrdit OK
Ono to na chvílku účinkuje,ale po chvíli tam mám zasa zakázano,tak proste neviem vôbec čo mám robiť.
Skúsil som to aj cez tieto linky,rôzne návody,ale to nejde a nejde spustit.
http://www.zive.cz/poradna/nefunguje-ce ... tanswers=1
http://www.stealthsettings.com/cs/error ... arted.html
http://www.viry.cz/forum/viewtopic.php?f=13&t=111660
a ešte tento váš,ten som zatiaľ neskúšal,ale neviem ako to mám podľa vášho postupu robiť,niesom nijaký odborník na PC,nerozumiem tomu-
http://www.viry.cz/forum/viewtopic.php?f=13&t=110798
Dalo by sa to nejak opraviť,ale tak aby som ako bežný užívateľ vedel ako na to,MOC Vám ĎAKUJEM za pomoc.

#14 Příspěvek od **vyosek** » 12 čer 2011 11:40

Zdravim kostik258 a vitam Vas u nas

Prectete si prosim pravidla fora

U nas plati, ze kazdy uzivatel si zalozi na problem sve nove tema aby se to nepletlo, takze si zalozte sve nove tema a do predmetu dejte pro vyosek - kolegove mi to nechaji a vlozte tam log z RSIT - mrknu na to

Zde

VIRY.CZ

nejde centrum zabezpečení win 7

nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7

Re: nejde centrum zabezpečení win 7