VIRY.CZ

Ahoj jsem zde novej tak prosím mějte na mě ohled děkuji

Už několik dní mi nejde spustit centrum zabezpečení pro win 7 a prvky activex.. prosím o pomoc a rady..
zde co jsem zkoušel ale bez výsledku.
1.zkoušel jsem služby i přepsaní hodnot v registrech a nic nepomohlo po restartu se to vrátí na původní hodnoty.
2.dále jsem vyfotil registry HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones kde se nachází složka co nejde smazat na trvalo. to bude dle mého ten problém..
tady je log..

Logfile of random's system information tool 1.09 (written by random/random)
Run by Chevy opava at 2011-07-22 09:50:19
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 35 GB (41%) free of 87 GB
Total RAM: 1919 MB (39% free)

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000UA.job
C:\Windows\tasks\wngyk.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://autosalon-schromm.cz"
prefs.js - "extensions.enabledItems" - "{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, radiobar@toolbar:1.0.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.23, {6236BA26-C117-4007-928C-DE0716C7FA82}:1.0.2, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.7, {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, bkmrksync@nokia.com:1.0.0.736, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {8675f4b3-2f19-11ed-2d6b-0800600c0a16}:1.0, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {8675f4b3-2f19-11ed-2d6b-0800600c0a17}:1.0, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="

"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
NPOFFICE.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\
radiobar@toolbar
staged-xpis
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{6236BA26-C117-4007-928C-DE0716C7FA80}
{6236BA26-C117-4007-928C-DE0716C7FA82}
{6236BA26-C117-4007-928C-DE0716C7FA96}
{6236BA26-C117-4007-928C-DE0716C7FA99}
{800b5000-a755-47e1-992b-48a1c1357f07}
{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Chevy opava\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-09-01 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T7PKEYSDPX"=C:\Users\CHEVYO~1\AppData\Local\Temp\Tme.exe [2011-07-13 158208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Chevy opava\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-23 815104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T7PKEYSDPX]
C:\Users\CHEVYO~1\AppData\Local\Temp\Tme.exe [2011-07-13 158208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=MSh263.drv
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codec"=l3codecp.acm
"vidc.DIVX"=DivX.dll
"vidc.tscc"=tsccvid.dll
"vidc.yv12"=DivX.dll
"vidc.ffds"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2011-07-22 09:47:09 ----D---- C:\rsit
2011-07-22 09:47:09 ----D---- C:\Program Files\trend micro
2011-07-13 14:59:55 ----A---- C:\Windows\system32\wininet.dll
2011-07-13 14:59:55 ----A---- C:\Windows\system32\urlmon.dll
2011-07-13 14:59:55 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-07-13 14:59:55 ----A---- C:\Windows\system32\msls31.dll
2011-07-13 14:59:55 ----A---- C:\Windows\system32\jsproxy.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-07-13 14:59:54 ----A---- C:\Windows\system32\msrating.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\mshtmler.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\msfeedssync.exe
2011-07-13 14:59:54 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\ieui.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\iesysprep.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\iertutil.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\ieakeng.dll
2011-07-13 14:59:54 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\wextract.exe
2011-07-13 14:59:53 ----A---- C:\Windows\system32\webcheck.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\url.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\mshtmled.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\licmgr10.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\inseng.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\iesetup.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\iernonce.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\ieframe.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\iedkcs32.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\ieapfltr.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\ieapfltr.dat
2011-07-13 14:59:53 ----A---- C:\Windows\system32\ie4uinit.exe
2011-07-13 14:59:53 ----A---- C:\Windows\system32\icardie.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\dxtrans.dll
2011-07-13 14:59:53 ----A---- C:\Windows\system32\dxtmsft.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\vbscript.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\pngfilt.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\occache.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\mshtml.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\mshta.exe
2011-07-13 14:59:52 ----A---- C:\Windows\system32\msfeeds.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\jscript9.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\jscript.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\imgutil.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\iexpress.exe
2011-07-13 14:59:52 ----A---- C:\Windows\system32\ieUnatt.exe
2011-07-13 14:59:52 ----A---- C:\Windows\system32\iepeers.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\ieakui.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\ieaksie.dll
2011-07-13 14:59:52 ----A---- C:\Windows\system32\admparse.dll
2011-07-13 14:54:12 ----D---- C:\Program Files\Microsoft Security Client
2011-07-13 14:52:38 ----D---- C:\Windows\system32\SPReview
2011-07-13 14:51:47 ----D---- C:\Windows\system32\EventProviders
2011-07-13 14:51:15 ----A---- C:\Windows\system32\MRT.exe
2011-07-13 14:50:57 ----A---- C:\Windows\system32\FntCache.dll
2011-07-13 14:50:57 ----A---- C:\Windows\system32\DWrite.dll
2011-07-13 14:50:56 ----A---- C:\Windows\system32\d2d1.dll
2011-07-13 14:43:13 ----A---- C:\Windows\Tderyb.exe
2011-07-13 11:48:20 ----RASH---- C:\Windows\system32\puiapir.dll
2011-07-13 11:48:13 ----A---- C:\Windows\Tderya.exe
2011-07-13 10:52:26 ----D---- C:\Program Files\Selteco
2011-07-13 08:05:06 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-07-13 08:05:06 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-07-13 08:05:06 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-07-13 08:05:06 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-07-13 08:05:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-07-13 08:05:05 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-07-13 08:05:05 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-07-13 08:05:00 ----A---- C:\Windows\system32\esent.dll
2011-07-13 08:04:59 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-07-13 08:04:59 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-07-13 08:04:58 ----A---- C:\Windows\system32\drivers\storport.sys
2011-07-13 08:04:58 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-07-13 08:04:58 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-07-13 08:04:58 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-07-13 08:04:57 ----A---- C:\Windows\system32\fsutil.exe
2011-07-13 08:04:57 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-07-13 08:04:57 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-07-13 08:04:48 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 08:04:47 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 08:04:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 08:04:45 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 08:04:41 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 08:04:40 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 08:04:40 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 08:04:34 ----A---- C:\Windows\system32\win32k.sys
2011-06-30 09:07:20 ----D---- C:\Program Files\Common Files\Java
2011-06-30 09:06:39 ----A---- C:\Windows\system32\javaws.exe
2011-06-30 09:06:39 ----A---- C:\Windows\system32\javaw.exe
2011-06-30 09:06:39 ----A---- C:\Windows\system32\java.exe
2011-06-29 08:22:50 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 08:22:50 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-06-29 08:22:44 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 08:22:43 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 08:22:43 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 08:22:42 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 08:22:42 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 08:22:42 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 08:22:42 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 08:22:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 08:22:41 ----A---- C:\Windows\system32\msscntrs.dll

======List of files/folders modified in the last 1 month======

2011-07-22 09:47:09 ----RD---- C:\Program Files
2011-07-22 09:45:41 ----D---- C:\Windows\System32
2011-07-22 09:45:41 ----D---- C:\Windows\inf
2011-07-22 09:45:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-22 09:39:10 ----D---- C:\Windows\system32\Tasks
2011-07-22 09:39:10 ----D---- C:\Windows\system32\drivers
2011-07-22 09:39:06 ----D---- C:\Windows\Tasks
2011-07-22 09:34:13 ----D---- C:\Windows\system32\config
2011-07-22 09:22:27 ----D---- C:\Windows\Temp
2011-07-19 14:47:33 ----D---- C:\Users\Chevy opava\AppData\Roaming\FileZilla
2011-07-19 10:32:53 ----D---- C:\Users\Chevy opava\AppData\Roaming\ICQ
2011-07-19 10:32:27 ----D---- C:\Program Files\ICQ7.5
2011-07-18 12:32:14 ----D---- C:\Users\Chevy opava\AppData\Roaming\Media Player Classic
2011-07-18 08:53:12 ----D---- C:\Windows\Microsoft.NET
2011-07-18 08:52:39 ----RSD---- C:\Windows\assembly
2011-07-15 16:42:34 ----D---- C:\Windows\winsxs
2011-07-15 16:41:52 ----SHD---- C:\System Volume Information
2011-07-15 08:57:15 ----D---- C:\Windows\system32\catroot
2011-07-15 08:57:13 ----D---- C:\Windows\system32\catroot2
2011-07-15 08:52:28 ----D---- C:\Windows
2011-07-14 09:47:55 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-07-14 09:29:49 ----D---- C:\Windows\debug
2011-07-13 17:51:10 ----SHD---- C:\Boot
2011-07-13 17:48:13 ----D---- C:\Windows\system32\DriverStore
2011-07-13 17:42:32 ----D---- C:\Program Files\Windows Sidebar
2011-07-13 17:42:32 ----D---- C:\Program Files\Windows Portable Devices
2011-07-13 17:42:32 ----D---- C:\Program Files\Windows Mail
2011-07-13 17:42:32 ----D---- C:\Program Files\Internet Explorer
2011-07-13 17:42:32 ----D---- C:\Program Files\DVD Maker
2011-07-13 17:42:31 ----D---- C:\Program Files\Windows Photo Viewer
2011-07-13 17:42:31 ----D---- C:\Program Files\Windows Media Player
2011-07-13 17:42:31 ----D---- C:\Program Files\Windows Journal
2011-07-13 17:42:30 ----D---- C:\Windows\servicing
2011-07-13 17:42:30 ----D---- C:\Windows\ehome
2011-07-13 17:42:30 ----D---- C:\Program Files\Windows Defender
2011-07-13 17:42:27 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2011-07-13 17:42:27 ----D---- C:\Windows\system32\oobe
2011-07-13 17:42:27 ----D---- C:\Windows\system32\en-US
2011-07-13 17:42:27 ----D---- C:\Windows\system32\da-DK
2011-07-13 17:42:27 ----D---- C:\Windows\PolicyDefinitions
2011-07-13 17:42:26 ----D---- C:\Windows\system32\sysprep
2011-07-13 17:42:26 ----D---- C:\Windows\system32\Setup
2011-07-13 17:42:26 ----D---- C:\Windows\system32\migration
2011-07-13 17:42:26 ----D---- C:\Windows\system32\cs
2011-07-13 17:42:26 ----D---- C:\Windows\system32\AdvancedInstallers
2011-07-13 17:42:24 ----D---- C:\Windows\system32\cs-CZ
2011-07-13 17:42:23 ----D---- C:\Windows\system32\sppui
2011-07-13 17:42:23 ----D---- C:\Windows\system32\manifeststore
2011-07-13 17:42:23 ----D---- C:\Windows\system32\es-ES
2011-07-13 17:42:22 ----D---- C:\Windows\system32\wbem
2011-07-13 17:42:22 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-13 17:42:22 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-07-13 17:42:21 ----D---- C:\Windows\system32\migwiz
2011-07-13 17:42:21 ----D---- C:\Windows\system32\Dism
2011-07-13 17:42:12 ----RSD---- C:\Windows\Fonts
2011-07-13 17:42:11 ----D---- C:\Windows\AppPatch
2011-07-13 17:42:04 ----D---- C:\Windows\system32\Boot
2011-07-13 17:41:42 ----D---- C:\Windows\system32\wdi
2011-07-13 17:39:26 ----A---- C:\Windows\system32\msclmd.dll
2011-07-13 15:00:38 ----D---- C:\Windows\Logs
2011-07-13 14:54:46 ----SHD---- C:\Windows\Installer
2011-07-13 14:51:56 ----HD---- C:\ProgramData
2011-07-13 14:51:07 ----D---- C:\Program Files\Microsoft Office
2011-07-13 14:01:19 ----A---- C:\Windows\win.ini
2011-07-13 10:26:37 ----SD---- C:\Users\Chevy opava\AppData\Roaming\Microsoft
2011-07-13 09:50:23 ----D---- C:\Windows\Prefetch
2011-07-11 10:10:30 ----D---- C:\TEMP_BAZAR
2011-06-30 09:07:20 ----D---- C:\Program Files\Common Files
2011-06-30 09:06:29 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-14 29184]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-01-11 35328]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-23 181304]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
S1 MpKsl186fba32;MpKsl186fba32; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B0CF6E1B-FB03-405F-8D44-B12FA7EB3AB9}\MpKsl186fba32.sys []
S1 MpKsldf5da647;MpKsldf5da647; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F4B8FB52-885A-482F-8FD3-C5E5E256F3F7}\MpKsldf5da647.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vsbus;Virtual Serial Bus Enumerator; C:\Windows\system32\DRIVERS\vsb.sys [2008-07-24 15264]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys [2008-07-24 47744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SBS_GM_TOMCAT6;SBS_GM_TOMCAT6; C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe [2008-07-21 57344]
R2 SBS_GM_TRANSBASE;SBS_GM_TRANSBASE; C:\Program Files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe [2009-09-03 417792]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-04-19 24576]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-02-07 651720]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-27 1343400]
S4 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]

-----------------EOF-----------------

Zdravim, pekny den preji a vitam vas u nas na foru

Aplikujte exeHelper by Raktor

Linky ke stazeni
- COM soubor http://vyosek.ic.cz/BE/exeHelper.com
- SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Tak tady je ten log s combofixu

ComboFix 11-07-21.04 - Chevy opava 22.07.2011 11:28:22.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1919.864 [GMT 2:00]
Spuštěný z: c:\users\Chevy opava\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ST6UNST.000
c:\windows\system32\detoured.dll
c:\windows\system32\system
c:\windows\Tderya.exe
c:\windows\Tderyb.exe
c:\windows\UNI.EXE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-22 do 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 09:54 . 2011-07-22 09:58 -------- d-----w- c:\users\Chevy opava\AppData\Local\temp
2011-07-22 09:54 . 2011-07-22 09:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-22 09:17 . 2011-07-22 09:17 -------- d-----w- C:\32788R22FWJFW
2011-07-22 07:47 . 2011-07-22 07:50 -------- d-----w- c:\program files\trend micro
2011-07-22 07:47 . 2011-07-22 07:47 -------- d-----w- C:\rsit
2011-07-13 12:54 . 2011-07-13 12:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-13 12:52 . 2011-07-13 12:52 -------- d-----w- c:\windows\system32\SPReview
2011-07-13 12:51 . 2011-07-13 12:51 -------- d-----w- c:\windows\system32\EventProviders
2011-07-13 12:50 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-07-13 12:50 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-07-13 12:50 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-07-13 09:48 . 2011-07-13 09:48 115712 --sha-r- c:\windows\system32\puiapir.dll
2011-07-13 08:52 . 2011-07-13 08:52 -------- d-----w- c:\program files\Selteco
2011-07-13 06:05 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-07-13 06:05 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-07-13 06:05 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-07-13 06:05 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-07-13 06:05 . 2011-03-25 02:57 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-07-13 06:05 . 2011-03-25 02:57 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-07-13 06:05 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-07-13 06:05 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2011-06-30 07:07 . 2011-06-30 07:07 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 06:22 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 06:22 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2011-06-29 06:22 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 06:22 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 06:22 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 06:22 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 06:22 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 06:22 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 06:22 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 06:22 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 06:22 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 06:05 . 2011-05-27 07:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-13 15:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-26 06:54 . 2011-05-26 06:54 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-05-18 10:37 . 2011-05-26 06:24 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1C79C17B-5F69-422E-A550-2DC3468CCF04}\mpengine.dll
2011-05-04 02:52 . 2010-08-12 08:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-20 06:40 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-20 06:40 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-20 06:40 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-20 06:40 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 13:25 . 2011-04-27 13:25 65024 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2011-04-27 02:17 . 2011-06-20 06:39 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-20 06:39 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-20 06:39 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-20 06:40 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-20 06:40 338944 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-18 12:33 136176 ----atw- c:\users\Chevy opava\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-02-15 17:07 4390912 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-11-23 13:27 815104 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R1 MpKsl186fba32;MpKsl186fba32;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0CF6E1B-FB03-405F-8D44-B12FA7EB3AB9}\MpKsl186fba32.sys [x]
R1 MpKsldf5da647;MpKsldf5da647;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F4B8FB52-885A-482F-8FD3-C5E5E256F3F7}\MpKsldf5da647.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-27 1343400]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 SBS_GM_TOMCAT6;SBS_GM_TOMCAT6;c:\program files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe //RS//SBS_GM_TOMCAT6 [x]
S2 SBS_GM_TRANSBASE;SBS_GM_TRANSBASE;c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe [2009-09-03 417792]
S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-04-19 24576]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér;c:\windows\system32\DRIVERS\l260x86.sys [2009-07-13 29184]
S3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-06-06 1260672]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000Core.job
- c:\users\Chevy opava\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 12:33]
.
2011-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000UA.job
- c:\users\Chevy opava\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 12:33]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.qip.ru
uStart Page = hxxp://www.seznam.cz/
uCustomizeSearch = hxxp://search13.net/
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://autosalon-schromm.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: Get Styles: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Express Tab: {6236BA26-C117-4007-928C-DE0716C7FA82} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: FBFan: {6236BA26-C117-4007-928C-DE0716C7FA99} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-T7PKEYSDPX - c:\users\CHEVYO~1\AppData\Local\Temp\Tme.exe
AddRemove-Convert XLS_is1 - c:\program files\Softinterface
AddRemove-Iron Key - c:\windows\uni.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-22 12:02:25
ComboFix-quarantined-files.txt 2011-07-22 10:02
.
Před spuštěním: Volných bajtů: 36 640 088 064
Po spuštění: Volných bajtů: 36 604 768 256
.
- - End Of File - - 9F873A9BEFD8D9DF5E163C9ADE585BF2

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Collect::
C:\Windows\tasks\wngyk.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

File::
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000UA.job
C:\Users\Chevy opava\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T7PKEYSDPX]

Driver::
MpKsl186fba32
MpKsldf5da647

DDS::
uDefault_Search_URL = hxxp://search.qip.ru
uCustomizeSearch = hxxp://search13.net/
uSearchAssistant = hxxp://search.qip.ru/ie

Firefox::
FF - ProfilePath - c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

tady je další log

ComboFix 11-07-22.01 - Chevy opava 22.07.2011 13:34:37.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1919.851 [GMT 2:00]
Spuštěný z: c:\users\Chevy opava\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Chevy opava\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Chevy opava\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Chevy opava\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-265499948-739941371-2329894864-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL186FBA32
-------\Legacy_MPKSLDF5DA647
-------\Service_MpKsl186fba32
-------\Service_MpKsldf5da647
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-22 do 2011-07-22 )))))))))))))))))))))))))))))))
.
.
2011-07-22 12:18 . 2011-07-22 12:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-22 10:02 . 2011-07-22 12:26 -------- d-----w- c:\users\Chevy opava\AppData\Local\temp
2011-07-22 07:47 . 2011-07-22 07:50 -------- d-----w- c:\program files\trend micro
2011-07-22 07:47 . 2011-07-22 07:47 -------- d-----w- C:\rsit
2011-07-13 12:54 . 2011-07-13 12:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-13 12:52 . 2011-07-13 12:52 -------- d-----w- c:\windows\system32\SPReview
2011-07-13 12:51 . 2011-07-13 12:51 -------- d-----w- c:\windows\system32\EventProviders
2011-07-13 12:50 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-07-13 12:50 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-07-13 12:50 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-07-13 09:48 . 2011-07-13 09:48 115712 --sha-r- c:\windows\system32\puiapir.dll
2011-07-13 08:52 . 2011-07-13 08:52 -------- d-----w- c:\program files\Selteco
2011-07-13 06:05 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-07-13 06:05 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-07-13 06:05 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-07-13 06:05 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-07-13 06:05 . 2011-03-25 02:57 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-07-13 06:05 . 2011-03-25 02:57 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-07-13 06:05 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-07-13 06:05 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2011-06-30 07:07 . 2011-06-30 07:07 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 06:22 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 06:22 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2011-06-29 06:22 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 06:22 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 06:22 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 06:22 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 06:22 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 06:22 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 06:22 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 06:22 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 06:22 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 06:05 . 2011-05-27 07:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-13 15:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-26 06:54 . 2011-05-26 06:54 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-05-18 10:37 . 2011-05-26 06:24 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1C79C17B-5F69-422E-A550-2DC3468CCF04}\mpengine.dll
2011-05-04 02:52 . 2010-08-12 08:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-20 06:40 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-20 06:40 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-20 06:40 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-20 06:40 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 13:25 . 2011-04-27 13:25 65024 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2011-04-27 02:17 . 2011-06-20 06:39 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-20 06:39 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-20 06:39 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-20 06:40 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-20 06:40 338944 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-02-15 17:07 4390912 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-11-23 13:27 815104 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-27 1343400]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 SBS_GM_TOMCAT6;SBS_GM_TOMCAT6;c:\program files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe //RS//SBS_GM_TOMCAT6 [x]
S2 SBS_GM_TRANSBASE;SBS_GM_TRANSBASE;c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbmux32.exe [2009-09-03 417792]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-04-19 24576]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér;c:\windows\system32\DRIVERS\l260x86.sys [2009-07-13 29184]
S3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-06-06 1260672]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Chevy opava\AppData\Roaming\Mozilla\Firefox\Profiles\4v1eqds4.default\
FF - prefs.js: browser.startup.homepage - hxxp://autosalon-schromm.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: RadioBar Toolbar: radiobar@toolbar - %profile%\extensions\radiobar@toolbar
FF - Ext: Get Styles: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Express Tab: {6236BA26-C117-4007-928C-DE0716C7FA82} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: FBFan: {6236BA26-C117-4007-928C-DE0716C7FA99} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(848)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\windows\system32\taskhost.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Tomcat\bin\tomcat6.exe
c:\windows\system32\conhost.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATKOSD2\ATKOSD2.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\windows\system32\conhost.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\program files\Snap-on Business Solutions\Global EPC\GM\Transbase\tbkern32.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2011-07-22 14:33:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-22 12:33
ComboFix2.txt 2011-07-22 10:02
.
Před spuštěním: Volných bajtů: 36 426 723 328
Po spuštění: Volných bajtů: 35 991 134 208
.
- - End Of File - - 66AE181B66329CBBD31883F1F50B119B

Jak se chova PC

když se spustil pc po restartu combo fixem tak nešlo nic spustit tak jsem restartoval pc znova spustil přes poslední známou konfiguraci a běží jako předtím defender ani centrum zabezpečení na dále nejde spustit když se snažím zapnout defender tak to vyhodí kód chyby OX80070422..

Odinstalujte Combofix

Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
Napiste ComboFix /Uninstall
Stisknete Enter
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

LOG Z MBAM

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 7230

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

22.7.2011 15:33:46
mbam-log-2011-07-22 (15-33-37).txt

Typ kontroly: Rychlý test
Testované objekty: 168094
Uplynulý čas: 6 minut, 40 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 2
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\L36VCKHTEC (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\T7PKEYSDPX (Trojan.FakeAlert.SA) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Nalezy smazat

Udelejte uplny sken - log opet sem

Úplný test nejde udělat vždy se to po delší době testu sekne a naskočí hláška že byl program ukončen jelikož neodpovídá..

Zkuste v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

se omlouvám za dlouhou odezvu ale přes víkendy nejsem na tom to pc. ani v nouzovém režimu to nejde.. stejný problém program byl ukončen s důvodu neodpovídaní..

Tak tam pustime AVPTool - navod zde http://viry.cz/forum/viewtopic.php?f=29&t=58179

Tady je ten log z AVPTool

Status: Detected (events: 6)
25.7.2011 14:27:59 Detected Trojan program Trojan-Spy.Win32.KeyLogger.sq C:\Documents and Settings\Chevy opava\Desktop\mojinko\zkousky\KeySnitchInstall.v1.0 (1).rar//KeySnitchInstall.v1.0 (1).exe//KeySnitchRename.exe High
25.7.2011 14:27:59 Detected Trojan program Trojan-Spy.Win32.KeyLogger.anp C:\Documents and Settings\Chevy opava\Desktop\mojinko\zkousky\KeySnitchInstall.v1.0 (1).rar//KeySnitchInstall.v1.0 (1).exe//KeySnitch.exe High
25.7.2011 14:28:00 Detected Trojan program Trojan-Spy.Win32.KeyLogger.sq C:\Documents and Settings\Chevy opava\Desktop\mojinko\zkousky\KeySnitchInstall.v1.0 (1).rar//KeySnitchInstall.v1.0 (1).exe//KeySnitchs.exe High
25.7.2011 16:52:03 Detected Trojan program Trojan-Spy.Win32.KeyLogger.sq C:\Users\Chevy opava\Desktop\mojinko\zkousky\KeySnitchInstall.v1.0 (1).rar//KeySnitchInstall.v1.0 (1).exe//KeySnitchRename.exe High
25.7.2011 16:52:03 Detected Trojan program Trojan-Spy.Win32.KeyLogger.anp C:\Users\Chevy opava\Desktop\mojinko\zkousky\KeySnitchInstall.v1.0 (1).rar//KeySnitchInstall.v1.0 (1).exe//KeySnitch.exe High
25.7.2011 16:52:03 Detected Trojan program Trojan-Spy.Win32.KeyLogger.sq C:\Users\Chevy opava\Desktop\mojinko\zkousky\KeySnitchInstall.v1.0 (1).rar//KeySnitchInstall.v1.0 (1).exe//KeySnitchs.exe High
Status: Quarantined (events: 1)
25.7.2011 17:33:32 Quarantined virus HEUR:Trojan.Win32.Generic C:\Windows\System32\puiapir.dll High

VIRY.CZ

nejde spustit centrum zabezpečení ve win 7 a activex prvky

nejde spustit centrum zabezpečení ve win 7 a activex prvky

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv

Re: nejde spustit centrum zabezpečení ve win 7 a activex prv