VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

FB vir 2

https://forum.viry.cz:443/viewtopic.php?t=114762

Stránka 1 z 1

FB vir 2

Napsal: 22 srp 2011 16:49
od Ivushe
Dobrý den, tady je další log, tentokrát od našeho počítače. :) Předem mockrát děkuju.

Logfile of random's system information tool 1.09 (written by random/random)
Run by VLASTA at 2011-08-22 15:42:52
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 6 GB (2%) free of 305 GB
Total RAM: 2047 MB (55% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\EasyShare Registration Task.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{272F10E7-FE65-4125-8A8B-F0A446E0C1E4}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, toolbar@ask.com:3.9.1.100006, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npBitCometAgent.dll
npdeployJava1.dll
npnul32.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\
info@lingea.com
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll [2009-01-16 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Board Software\NotebookPlugin.dll [2006-11-24 614400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-20 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-05-20 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-20 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-31 4702208]
"FLMOFFICE4DMOUSE"=C:\Program Files\Labtec\Desktop\V5.1\moffice.exe [2007-11-27 958464]
"OFFICEKB"=C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe [2007-11-27 387584]
"NeroCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"SMART Board Service"=C:\Program Files\SMART Board Software\SMARTBoardService.exe [2006-11-24 1003520]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-04 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-04 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-04 81920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"wxpdrv"=C:\Windows\services32.exe [2011-08-21 1213440]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-15-0\svchost.exe [2011-08-21 1213440]
"tray_ico1"=C:\Windows\update.tray-7-0\svchost.exe [2011-08-21 1213440]
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"3307818.exe"=C:\Windows\Temp\3307818.exe [2011-08-21 258048]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-08-21 258048]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-08-21 258048]
"2295369.exe"=C:\Windows\Temp\2295369.exe [2011-08-21 634880]
"81115731-loader2.exe"=C:\Windows\Temp\81115731-loader2.exe [2011-08-21 258048]
"1135696.exe"=C:\Windows\Temp\1135696.exe [2011-08-21 258048]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-08-21 232960]
"systemup"=C:\Windows\systemup.exe [2011-08-22 139776]
"Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-08-28 531272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-25 39408]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2009-01-20 2523960]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-04-01 119608]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Nástroje SMART Board.lnk - C:\Program Files\SMART Board Software\SMARTBoardTools.exe
Software Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Users\VLASTA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableSecureUIAPaths"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLUA"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.tscc"=tsccvid.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-22 15:42:53 ----D---- C:\Program Files\trend micro
2011-08-22 15:42:52 ----D---- C:\rsit
2011-08-22 15:37:40 ----ASH---- C:\hiberfil.sys
2011-08-22 15:35:53 ----A---- C:\Windows\ntbtlog.txt
2011-08-22 10:55:38 ----A---- C:\Windows\systemup.exe
2011-08-21 21:08:41 ----A---- C:\Windows\l1rezerv.exe
2011-08-21 21:08:23 ----D---- C:\Windows\ufa
2011-08-21 21:08:23 ----D---- C:\Windows\rpcminer
2011-08-21 21:08:23 ----D---- C:\Windows\phoenix
2011-08-21 21:08:04 ----A---- C:\Windows\iecheck_iplist.txt
2011-08-21 21:07:26 ----HD---- C:\Windows\update.7.1
2011-08-21 21:07:16 ----A---- C:\Windows\unrar.exe
2011-08-21 21:07:09 ----A---- C:\Windows\btc_client_iplist.txt
2011-08-21 21:07:07 ----HD---- C:\Windows\update.2
2011-08-21 21:02:53 ----HD---- C:\Windows\update.5.0
2011-08-21 21:01:48 ----D---- C:\Windows\av_ico
2011-08-21 21:01:43 ----A---- C:\Windows\iplist.txt
2011-08-21 21:01:35 ----A---- C:\Windows\sysdriver32_.exe
2011-08-21 21:01:21 ----A---- C:\Windows\sysdriver32.exe
2011-08-21 21:01:02 ----A---- C:\Windows\front_ip_list.txt
2011-08-21 20:59:28 ----HD---- C:\Windows\update.1
2011-08-21 20:59:20 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-08-21 20:59:20 ----HD---- C:\Windows\update.tray-7-0
2011-08-21 20:59:20 ----HD---- C:\Windows\update.tray-15-0-lnk
2011-08-21 20:59:20 ----HD---- C:\Windows\update.tray-15-0
2011-08-21 20:47:44 ----A---- C:\Windows\winlog-ids.txt
2011-08-21 20:47:44 ----A---- C:\Windows\winlog-dirs.txt
2011-08-21 20:47:38 ----A---- C:\Windows\services32.exe
2011-08-10 07:41:47 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 07:41:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 07:41:39 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 07:41:39 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 07:41:38 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 07:41:38 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 07:41:38 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 07:41:33 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 07:41:33 ----A---- C:\Windows\system32\ie4uinit.exe
2011-08-10 07:41:32 ----A---- C:\Windows\system32\url.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\occache.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\mstime.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\ieUnatt.exe
2011-08-10 07:41:32 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\iesysprep.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\iesetup.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\iepeers.dll
2011-08-10 07:41:32 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-10 07:41:31 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-10 07:41:31 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-10 07:41:31 ----A---- C:\Windows\system32\iernonce.dll
2011-08-10 07:41:29 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 07:21:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 07:21:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 07:20:58 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-08 13:24:42 ----D---- C:\Users\VLASTA\AppData\Roaming\ZoomBrowser EX
2011-07-28 18:32:50 ----D---- C:\Program Files\Nero
2011-07-28 18:32:28 ----D---- C:\ProgramData\Nero
2011-07-28 18:32:28 ----D---- C:\Program Files\Common Files\Nero

======List of files/folders modified in the last 1 month======

2011-08-22 15:43:00 ----D---- C:\Windows\Temp
2011-08-22 15:42:53 ----RD---- C:\Program Files
2011-08-22 15:35:53 ----D---- C:\Windows
2011-08-21 21:07:33 ----D---- C:\Windows\system32\drivers\etc
2011-08-21 21:03:28 ----D---- C:\Windows\Prefetch
2011-08-21 20:59:28 ----HD---- C:\ProgramData
2011-08-21 20:59:25 ----SHD---- C:\$Recycle.Bin
2011-08-21 20:57:28 ----D---- C:\Users\VLASTA\AppData\Roaming\OpenOffice.org2
2011-08-21 20:52:22 ----D---- C:\install
2011-08-21 20:50:54 ----D---- C:\Windows\System32
2011-08-21 19:05:02 ----SHD---- C:\Windows\Installer
2011-08-21 12:09:13 ----SHD---- C:\System Volume Information
2011-08-19 19:51:17 ----D---- C:\Windows\inf
2011-08-19 19:51:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-17 20:32:11 ----D---- C:\Program Files\Mozilla Firefox
2011-08-17 11:41:11 ----D---- C:\Windows\system32\catroot2
2011-08-14 22:07:16 ----D---- C:\Users\VLASTA\AppData\Roaming\ICQ
2011-08-11 06:57:49 ----RSD---- C:\Windows\assembly
2011-08-11 06:57:49 ----D---- C:\Windows\Microsoft.NET
2011-08-11 06:55:35 ----D---- C:\Windows\winsxs
2011-08-11 06:45:18 ----D---- C:\Windows\system32\catroot
2011-08-11 06:42:18 ----D---- C:\Windows\system32\migration
2011-08-11 06:42:18 ----D---- C:\Windows\system32\drivers
2011-08-11 06:42:18 ----D---- C:\Program Files\Windows Mail
2011-08-11 06:42:18 ----D---- C:\Program Files\Internet Explorer
2011-08-11 06:24:47 ----A---- C:\Windows\system32\mrt.exe
2011-08-11 06:17:49 ----A---- C:\Windows\win.ini
2011-08-08 13:25:05 ----D---- C:\Windows\system32\FxsTmp
2011-07-28 18:38:14 ----D---- C:\Users\VLASTA\AppData\Roaming\Nero
2011-07-28 18:32:28 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-01 2011224]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-04 7625088]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-01-15 70144]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ddservice;ddservice; C:\Windows\update.7.1\svchostdriver.exe [2011-08-21 382464]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-08-21 355840]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-08-21 634880]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-08-21 258048]
R2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe [2011-08-21 1213440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-03 135664]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-03 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-23 182768]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Re: FB vir 2

Napsal: 22 srp 2011 17:04
od vyosek
Zdravim a pekny den preji :)

:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost 2 a potvrte enterem
  • Utilita provede svou cinnost a da log - ten sem vlozte
  • Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

FB vir 2

Napsal: 26 srp 2011 19:18
od Ivushe
Dobrý den, tady opožděně posílám logy od naše PC.


možnost 2

RogueKiller V5.3.3 [08/18/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: VLASTA [Admin rights]
Mode: Remove -- Date : 08/22/2011 21:59:03

Bad processes: 10
[HJ NAME] svchost.exe -- c:\windows\update.5.0\svchost.exe -> KILLED [TermProc]
[HJ NAME] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.5.0\svchost.exe -> KILLED [TermProc]
[SUSP PATH] sysdriver32.exe -- c:\windows\sysdriver32.exe -> KILLED [TermProc]
[HJ NAME] svchost.exe -- c:\windows\update.1\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-15-0\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- c:\windows\update.tray-7-0\svchost.exe -> KILLED [TermProc]
[SUSP PATH] l1rezerv.exe -- c:\windows\l1rezerv.exe -> KILLED [TermProc]
[SUSP PATH] systemup.exe -- c:\windows\systemup.exe -> KILLED [TermProc]

Registry Entries: 25
[SUSP PATH] HKLM\[...]\Run : wxpdrv (C:\Windows\services32.exe) -> DELETED
[HJ NAME] HKLM\[...]\Run : tray_ico0 (C:\Windows\update.tray-15-0\svchost.exe) -> DELETED
[HJ NAME] HKLM\[...]\Run : tray_ico1 (C:\Windows\update.tray-7-0\svchost.exe) -> DELETED
[SUSP PATH] HKLM\[...]\Run : 3307818.exe ("C:\Windows\Temp\3307818.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : sysdriver32.exe ("C:\Windows\sysdriver32.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Run : sysdriver32_.exe ("C:\Windows\sysdriver32_.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Run : 2295369.exe ("C:\Windows\Temp\2295369.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : 81115731-loader2.exe ("C:\Windows\Temp\81115731-loader2.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : 1135696.exe ("C:\Windows\Temp\1135696.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : l1rezerv.exe ("C:\Windows\l1rezerv.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : systemup ("C:\Windows\systemup.exe" stand) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\Windows\update.5.0\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\Windows\update.5.0\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]


Finished : << RKreport[1].txt >>
RKreport[1].txt








možnost 3

RogueKiller V5.3.3 [08/18/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: VLASTA [Admin rights]
Mode: HOSTSFix -- Date : 08/22/2011 21:59:27

Bad processes: 0

HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt








možnost 4

RogueKiller V5.3.3 [08/18/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: VLASTA [Admin rights]
Mode: ProxyFix -- Date : 08/22/2011 21:59:45

Bad processes: 0

Registry Entries: 0

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

FB vir 2

Napsal: 26 srp 2011 19:19
od Ivushe
ComboFix 11-08-24.06 - VLASTA 26.08.2011 19:51:28.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.2047.1197 [GMT 2:00]
Spuštěný z: c:\users\VLASTA\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\update.7.1
c:\windows\update.7.1\svchostdriver.exe
.
---- Předchozí spuštění -------
.
C:\desktop.ini
c:\users\VLASTA\Documents\2..doc
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\iun6002.exe
c:\windows\l1rezerv.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\proc_list1.log
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\services32.exe
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\system32\Thumbs.db
c:\windows\systemup.exe
c:\windows\ufa.rar
c:\windows\update.1\svchost.exe
c:\windows\update.2\svchost.exe
c:\windows\update.5.0\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_srvbtcclient
-------\Service_srviecheck
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
-------\Service_ddservice
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-26 do 2011-08-26 )))))))))))))))))))))))))))))))
.
.
2011-08-26 17:57 . 2011-08-26 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-22 13:42 . 2011-08-22 13:42 -------- d-----w- c:\program files\trend micro
2011-08-22 13:42 . 2011-08-22 13:43 -------- d-----w- C:\rsit
2011-08-21 19:08 . 2011-08-21 19:08 -------- d-----w- c:\windows\ufa
2011-08-21 19:07 . 2011-08-21 19:08 246272 ----a-w- c:\windows\unrar.exe
2011-08-21 19:01 . 2011-08-21 19:01 -------- d-----w- c:\windows\av_ico
2011-08-21 18:59 . 2011-08-21 18:59 -------- d--h--w- c:\windows\update.tray-7-0
2011-08-21 18:59 . 2011-08-21 18:59 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-08-21 18:59 . 2011-08-21 18:59 -------- d--h--w- c:\windows\update.tray-15-0
2011-08-21 18:59 . 2011-08-21 18:59 -------- d--h--w- c:\windows\update.tray-15-0-lnk
2011-08-21 18:50 . 2011-08-21 18:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-19 07:18 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98D60846-5608-4D67-943A-12AFB6F43239}\mpengine.dll
2011-08-10 05:21 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 05:21 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 05:20 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-08 11:24 . 2011-08-08 11:24 -------- d-----w- c:\users\VLASTA\AppData\Roaming\ZoomBrowser EX
2011-07-28 16:32 . 2011-07-28 16:35 -------- d-----w- c:\program files\Nero
2011-07-28 16:32 . 2011-07-28 16:36 -------- d-----w- c:\program files\Common Files\Nero
2011-07-28 16:32 . 2011-07-28 16:32 -------- d-----w- c:\programdata\Nero
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-09 17:48 . 2011-05-07 09:16 72582 ----a-w- c:\users\VLASTA\AppData\Roaming\mdbu.bin
2011-06-02 13:34 . 2011-07-13 10:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2004-12-02 05:18 222390 --sha-r- c:\windows\ConfigSetRoot\IO.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 20:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-25 39408]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2009-01-20 2523960]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-01 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"FLMOFFICE4DMOUSE"="c:\program files\Labtec\Desktop\V5.1\moffice.exe" [2007-11-27 958464]
"OFFICEKB"="c:\program files\Labtec\Desktop\V5.1\kbdap32a.exe" [2007-11-27 387584]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SMART Board Service"="c:\program files\SMART Board Software\SMARTBoardService.exe" [2006-11-24 1003520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-04 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272]
.
c:\users\VLASTA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-9-11 393216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
N stroje SMART Board.lnk - c:\program files\SMART Board Software\SMARTBoardTools.exe [2006-11-24 3411968]
Software Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 135664]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 135664]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 11:42]
.
2011-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 11:42]
.
2011-08-26 c:\windows\Tasks\User_Feed_Synchronization-{272F10E7-FE65-4125-8A8B-F0A446E0C1E4}.job
- c:\windows\system32\msfeedssync.exe [2011-08-10 09:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/skinit/icq/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
Trusted Zone: microsoft.com\*.update
Trusted Zone: windowsupdate.com\download
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: PandoraTV Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico2 - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
AddRemove-avast5 - c:\program files\Alwil Software\Avast5\aswRunDll.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-26 20:03
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.032"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.abr"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.amr"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ani"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.apd"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.arw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bay"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bmp"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.bwf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cel"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cr2"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.crw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cs1"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.cur"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcr"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dib"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djv"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.djvu"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dng"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.emf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.eps"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.erf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fff"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.flc"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fli"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.fpx"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.gif"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.hdr"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icl"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.icn"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iff"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ilbm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.int"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.inta"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.iw4"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2c"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.j2k"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jbr"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jp2"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpc"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpe"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpeg"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1095548057-3446570268-2725627289-1003)
@Denied: (2) (LocalSystem)
"Progid"="jpegfile"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpk"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jpx"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.kar"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.kdc"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.lbm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.m15"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.m1a"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.m2a"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.m75"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mef"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mos"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mpv"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.mrw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nef"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.nrw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.orf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pbr"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcd"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pct"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pcx"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pef"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pgm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pics"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pict"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pix"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-1095548057-3446570268-2725627289-1003)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.png"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ppm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psd"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.psp"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspbrush"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pspimage"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.qcp"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.qtpf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ras"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.raw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgb"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rgba"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rle"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rsb"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rw2"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.rwl"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sfil"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sgi"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.smil"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sml"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.sr2"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.srf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.swa"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tga"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1095548057-3446570268-2725627289-1003)
"Progid"="ACDSee Photo Manager 12.thm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tif"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.tiff"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttc"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ttf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.ulw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30po"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30pp"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.v30ppf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.vfw"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.wbmp"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1095548057-3446570268-2725627289-1003)
"Progid"="ACDSee Photo Manager 12.wmf"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xbm"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xmp"
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xpm"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\PSIService.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\users\VLASTA\AppData\Local\Temp\setup.exe
c:\users\VLASTA\AppData\Local\Temp\NEWC52D.tmp.exe
.
**************************************************************************
.
Celkový čas: 2011-08-26 20:08:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-26 18:07
.
Před spuštěním: Volných bajtů: 50 788 900 864
Po spuštění: Volných bajtů: 50 624 094 208
.
- - End Of File - - FB5FC11A33B57C7EDE83B940F051D1FC

Re: FB vir 2

Napsal: 27 srp 2011 06:34
od vyosek
Zdravim :)

:arrow: Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou - po ukonceni leceni tam dame nejakou lepsi nahradu

:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\User_Feed_Synchronization-{272F10E7-FE65-4125-8A8B-F0A446E0C1E4}.job
c:\windows\unrar.exe

Folder::
c:\windows\ufa
c:\windows\av_ico
c:\windows\update.tray-7-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-15-0
c:\windows\update.tray-15-0-lnk
c:\program files\Ask.com
c:\program files\ICQ6Toolbar
c:\users\VLASTA\AppData\Local\Temp\

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"BitComet"=-
"SpybotSD TeaTimer"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroCheck"=-
"Adobe Reader Speed Launcher"=-
"SSBkgdUpdate"=-
"SunJavaUpdateSched"=-
"QuickTime Task"=-
"Corel Photo Downloader"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000

Driver::
gupdate
gupdatem
ICQ Service

DDS::
uStart Page = hxxp://www.centrum.cz/skinit/icq/
Trusted Zone: microsoft.com\*.update
Trusted Zone: windowsupdate.com\download

Firefox::
FF - ProfilePath - c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: PandoraTV Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

RegLock::
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Re: FB vir 2

Napsal: 27 srp 2011 09:45
od Ivushe
Dobrý den,
Spybot odinstalován a zde je nový log z ComboFix:

ComboFix 11-08-24.06 - VLASTA 27.08.2011 10:21:24.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.2047.1103 [GMT 2:00]
Spuštěný z: c:\users\VLASTA\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VLASTA\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\User_Feed_Synchronization-{272F10E7-FE65-4125-8A8B-F0A446E0C1E4}.job"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_12eb.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\VLASTA\AppData\Local\Temp
c:\users\VLASTA\AppData\Local\Temp\APNLogs\ci.log
c:\users\VLASTA\AppData\Local\Temp\APNLogs\iw.log
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\defaults.js.bak
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome.manifest
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\suggestions.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\abc.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\as.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ask_kmp1.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ask_mail.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\bbc_news.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\beppe_grillo.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\bild.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\business.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\celebrity.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\close.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\cnn_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\corriere_della_sera.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\el_mundo.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\email_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\expansion.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\facebook_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\folha.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ft.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ftd.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\g1.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\games_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\gazzetta_dello_sport.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\highlight_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\hola.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_film1_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_history_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_news_ru_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_nu_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_radiodigital_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_sports_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_sportsru_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icon_vk_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\icons_business_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\kicker.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\laposte.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\lemonde.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\lequipe.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\libero_it.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\magnify_search_grey_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\mtv.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\oglobo.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\orkut.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\personas.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ptv.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\ptv2_new.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\searchbox.xml
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\sports.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\terra.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\titlebar_bg.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\tv.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\tv_movie_de.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\uol.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\voici_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\weather_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\web_de.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\youtube_16x.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-04-Jul-2011-17-38-57-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Jul-2010-20-27-04-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-28-May-2011-21-15-22-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-18-Jul-2010-09-45-23-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-14-Oct-2010-18-18-30-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Mar-2011-07-12-35-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-26-Apr-2011-19-27-00-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-10-Aug-2011-06-14-48-GMT\ff-config.zip
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\install.rdf
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\logs\asktb-log-1313952393773.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\logs\asktb-log-1313952480869.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\logs\asktb-log-1313952571003.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\logs\asktb-log-1313952590354.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\logs\asktb-log-1313952885600.html
c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\toolbar@ask.com\logs\asktb-log-1314123426114.html
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_defender_start.ico
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\User_Feed_Synchronization-{272F10E7-FE65-4125-8A8B-F0A446E0C1E4}.job
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-15-0-lnk
c:\windows\update.tray-15-0-lnk\svchost.exe
c:\windows\update.tray-15-0
c:\windows\update.tray-15-0\svchost.exe
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\svchost.exe
c:\windows\update.tray-7-0
c:\windows\update.tray-7-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-27 do 2011-08-27 )))))))))))))))))))))))))))))))
.
.
2011-08-27 08:31 . 2011-08-27 08:32 -------- d-----w- c:\users\VLASTA\AppData\Local\Temp
2011-08-22 13:42 . 2011-08-22 13:42 -------- d-----w- c:\program files\trend micro
2011-08-22 13:42 . 2011-08-22 13:43 -------- d-----w- C:\rsit
2011-08-21 18:50 . 2011-08-21 18:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-19 07:18 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98D60846-5608-4D67-943A-12AFB6F43239}\mpengine.dll
2011-08-10 05:21 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 05:21 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 05:20 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-08 11:24 . 2011-08-08 11:24 -------- d-----w- c:\users\VLASTA\AppData\Roaming\ZoomBrowser EX
2011-07-28 16:32 . 2011-07-28 16:35 -------- d-----w- c:\program files\Nero
2011-07-28 16:32 . 2011-07-28 16:36 -------- d-----w- c:\program files\Common Files\Nero
2011-07-28 16:32 . 2011-07-28 16:32 -------- d-----w- c:\programdata\Nero
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-09 17:48 . 2011-05-07 09:16 72582 ----a-w- c:\users\VLASTA\AppData\Roaming\mdbu.bin
2011-06-02 13:34 . 2011-07-13 10:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2004-12-02 05:18 222390 --sha-r- c:\windows\ConfigSetRoot\IO.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"FLMOFFICE4DMOUSE"="c:\program files\Labtec\Desktop\V5.1\moffice.exe" [2007-11-27 958464]
"OFFICEKB"="c:\program files\Labtec\Desktop\V5.1\kbdap32a.exe" [2007-11-27 387584]
"SMART Board Service"="c:\program files\SMART Board Software\SMARTBoardService.exe" [2006-11-24 1003520]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-04 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
.
c:\users\VLASTA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-9-11 393216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
N stroje SMART Board.lnk - c:\program files\SMART Board Software\SMARTBoardTools.exe [2006-11-24 3411968]
Software Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-27 c:\windows\Tasks\User_Feed_Synchronization-{272F10E7-FE65-4125-8A8B-F0A446E0C1E4}.job
- c:\windows\system32\msfeedssync.exe [2011-08-10 09:26]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1095548057-3446570268-2725627289-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.m1a"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\PSIService.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\OpenOffice.org 2.3\program\soffice.exe
c:\program files\OpenOffice.org 2.3\program\soffice.BIN
c:\program files\SMART Board Software\Aware.exe
c:\program files\SMART Board Software\Marker.exe
.
**************************************************************************
.
Celkový čas: 2011-08-27 10:38:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-27 08:38
ComboFix2.txt 2011-08-26 18:08
.
Před spuštěním: Volných bajtů: 50 903 003 136
Po spuštění: Volných bajtů: 50 860 503 040
.
- - End Of File - - EB08AFDA815C7FFB7886B6B772ABA76A

Re: FB vir 2

Napsal: 27 srp 2011 20:00
od vyosek
:arrow: Omlouvam se za zdrzeni - pracovni povinnosti

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate :arrow: Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

:arrow: Dejte novy log z RSIT a napiste jak se chova PC

Re: FB vir 2

Napsal: 28 srp 2011 11:42
od Ivushe
PC se již po připojení k internetu nerestartuje a celkově vypadá, že je opět v pořádku.
Zde je nový log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by VLASTA at 2011-08-28 12:32:13
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 42 GB (14%) free of 305 GB
Total RAM: 2047 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:32:32, on 28.8.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Labtec\Desktop\V5.1\MOffice.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Windows\system32\SearchFilterHost.exe
C:\Users\VLASTA\Desktop\Odvirovaci SOFT\RSIT.exe
C:\Program Files\trend micro\VLASTA.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Board Software\NotebookPlugin.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6207030902
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

--
End of file - 6472 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{272F10E7-FE65-4125-8A8B-F0A446E0C1E4}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npBitCometAgent.dll
npdeployJava1.dll
npnul32.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\extensions\
info@lingea.com
{20a82645-c095-46ed-80e3-08825760534b}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll [2009-01-16 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Board Software\NotebookPlugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-31 4702208]
"FLMOFFICE4DMOUSE"=C:\Program Files\Labtec\Desktop\V5.1\moffice.exe [2007-11-27 958464]
"OFFICEKB"=C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe []
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-04 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-04 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-04 81920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Software Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Users\VLASTA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableSecureUIAPaths"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.tscc"=tsccvid.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-28 12:32:13 ----D---- C:\rsit
2011-08-28 11:57:24 ----D---- C:\Users\VLASTA\AppData\Roaming\SMART Technologies
2011-08-28 11:55:38 ----A---- C:\Windows\system32\smrtlocalui.dll
2011-08-28 11:55:38 ----A---- C:\Windows\system32\smrtlocalmon.dll
2011-08-28 11:04:20 ----D---- C:\ProgramData\SMART Technologies
2011-08-28 11:03:09 ----D---- C:\Program Files\National Instruments
2011-08-28 11:02:40 ----D---- C:\Program Files\SMART Technologies
2011-08-28 11:02:40 ----D---- C:\Program Files\Common Files\SMART Technologies
2011-08-28 11:01:37 ----D---- C:\ProgramData\Downloaded Installations
2011-08-28 09:47:48 ----D---- C:\Users\VLASTA\AppData\Roaming\KodakCredentialStore
2011-08-28 00:41:46 ----A---- C:\Windows\system32\wininet.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\urlmon.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-08-28 00:41:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-08-28 00:41:46 ----A---- C:\Windows\system32\msrating.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\msls31.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\mshtmler.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\ieui.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\iesysprep.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\iertutil.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\ieframe.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\dxtrans.dll
2011-08-28 00:41:46 ----A---- C:\Windows\system32\dxtmsft.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\wextract.exe
2011-08-28 00:41:45 ----A---- C:\Windows\system32\webcheck.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\vbscript.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\url.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\pngfilt.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\occache.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\mshtml.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\mshta.exe
2011-08-28 00:41:45 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\jscript9.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\jscript.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\inseng.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\imgutil.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\iexpress.exe
2011-08-28 00:41:45 ----A---- C:\Windows\system32\ieUnatt.exe
2011-08-28 00:41:45 ----A---- C:\Windows\system32\iesetup.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\iernonce.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\iepeers.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\ieapfltr.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\ieapfltr.dat
2011-08-28 00:41:45 ----A---- C:\Windows\system32\ieakui.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\ieaksie.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\ie4uinit.exe
2011-08-28 00:41:45 ----A---- C:\Windows\system32\icardie.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\advpack.dll
2011-08-28 00:41:45 ----A---- C:\Windows\system32\admparse.dll
2011-08-28 00:41:44 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-28 00:41:44 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-28 00:41:44 ----A---- C:\Windows\system32\ieakeng.dll
2011-08-28 00:41:44 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-08-28 00:34:00 ----A---- C:\Windows\system32\tzres.dll
2011-08-28 00:14:00 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-08-28 00:14:00 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-08-28 00:13:55 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-08-28 00:13:55 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-08-28 00:13:54 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-08-28 00:13:53 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-08-28 00:13:28 ----A---- C:\Windows\system32\aswBoot.exe
2011-08-28 00:13:08 ----D---- C:\ProgramData\AVAST Software
2011-08-28 00:13:08 ----D---- C:\Program Files\AVAST Software
2011-08-28 00:11:09 ----ASH---- C:\hiberfil.sys
2011-08-28 00:07:56 ----A---- C:\Windows\ntbtlog.txt
2011-08-27 23:59:55 ----D---- C:\Program Files\CCleaner
2011-08-27 23:44:03 ----SD---- C:\Uninstall
2011-08-27 23:43:57 ----SD---- C:\32788R22FWJFW
2011-08-27 10:32:11 ----SHD---- C:\$RECYCLE.BIN
2011-08-27 10:30:08 ----D---- C:\Windows\temp
2011-08-22 22:00:57 ----D---- C:\Windows\ERDNT
2011-08-22 15:56:47 ----A---- C:\info.txt
2011-08-22 15:56:27 ----A---- C:\log.txt
2011-08-22 15:42:53 ----D---- C:\Program Files\trend micro
2011-08-10 07:41:47 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 07:41:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 07:41:29 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 07:21:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 07:21:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 07:20:58 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-08 13:24:42 ----D---- C:\Users\VLASTA\AppData\Roaming\ZoomBrowser EX

======List of files/folders modified in the last 1 month======

2011-08-28 12:27:13 ----D---- C:\Users\VLASTA\AppData\Roaming\OpenOffice.org2
2011-08-28 12:26:56 ----D---- C:\Windows
2011-08-28 12:03:17 ----SHD---- C:\Windows\Installer
2011-08-28 12:03:10 ----SHD---- C:\System Volume Information
2011-08-28 11:55:56 ----D---- C:\Windows\winsxs
2011-08-28 11:55:40 ----D---- C:\Windows\inf
2011-08-28 11:55:38 ----D---- C:\Windows\System32
2011-08-28 11:55:37 ----D---- C:\Windows\system32\catroot
2011-08-28 11:04:20 ----D---- C:\ProgramData
2011-08-28 11:03:14 ----RSD---- C:\Windows\Fonts
2011-08-28 11:03:14 ----D---- C:\Windows\twain_32
2011-08-28 11:03:09 ----RD---- C:\Program Files
2011-08-28 11:02:40 ----D---- C:\Program Files\Common Files
2011-08-28 09:48:38 ----D---- C:\Windows\system
2011-08-28 09:26:30 ----D---- C:\Windows\rescache
2011-08-28 01:23:30 ----D---- C:\install
2011-08-28 00:48:44 ----D---- C:\Windows\Prefetch
2011-08-28 00:43:12 ----RD---- C:\Windows\Offline Web Pages
2011-08-28 00:43:12 ----D---- C:\Windows\system32\cs-CZ
2011-08-28 00:43:12 ----D---- C:\Program Files\Internet Explorer
2011-08-28 00:43:11 ----SD---- C:\Windows\Downloaded Program Files
2011-08-28 00:43:11 ----D---- C:\Windows\system32\wbem
2011-08-28 00:43:11 ----D---- C:\Windows\system32\migration
2011-08-28 00:43:11 ----D---- C:\Windows\system32\en-US
2011-08-28 00:43:11 ----D---- C:\Windows\PolicyDefinitions
2011-08-28 00:42:16 ----D---- C:\Windows\system32\catroot2
2011-08-28 00:42:02 ----D---- C:\Windows\Logs
2011-08-28 00:34:47 ----D---- C:\Program Files\Microsoft Office
2011-08-28 00:14:00 ----D---- C:\Windows\system32\drivers
2011-08-28 00:13:29 ----D---- C:\Program Files\Windows Sidebar
2011-08-28 00:02:21 ----D---- C:\Users\VLASTA\AppData\Roaming\Winamp
2011-08-28 00:02:21 ----D---- C:\Users\VLASTA\AppData\Roaming\Skype
2011-08-28 00:02:05 ----D---- C:\Windows\Minidump
2011-08-28 00:02:05 ----D---- C:\Windows\Debug
2011-08-28 00:01:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-27 10:35:35 ----D---- C:\Windows\Tasks
2011-08-27 10:31:53 ----A---- C:\Windows\system.ini
2011-08-27 10:31:49 ----D---- C:\Windows\system32\drivers\etc
2011-08-27 10:30:26 ----D---- C:\Windows\system32\config
2011-08-27 10:27:24 ----D---- C:\Windows\AppPatch
2011-08-27 10:19:17 ----D---- C:\Users\VLASTA\AppData\Roaming\ICQ
2011-08-27 10:17:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-08-27 10:16:41 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-08-27 10:14:26 ----D---- C:\ProgramData\Google
2011-08-27 10:14:26 ----D---- C:\Program Files\Google
2011-08-17 20:32:11 ----D---- C:\Program Files\Mozilla Firefox
2011-08-11 06:57:49 ----RSD---- C:\Windows\assembly
2011-08-11 06:57:49 ----D---- C:\Windows\Microsoft.NET
2011-08-11 06:42:18 ----D---- C:\Program Files\Windows Mail
2011-08-11 06:24:47 ----A---- C:\Windows\system32\mrt.exe
2011-08-11 06:17:49 ----A---- C:\Windows\win.ini
2011-08-08 13:25:05 ----D---- C:\Windows\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-01 2011224]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-04 7625088]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-01-15 70144]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Re: FB vir 2

Napsal: 28 srp 2011 19:44
od vyosek
:arrow: Stahnete OTM (viz muj podpis)
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]

:files
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin*.xml
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Kliknete na cervene tlacitko MoveIt!
  • Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

FB vir 2

Napsal: 02 zář 2011 12:23
od Ivushe
Dobrý den, posílám vám se zpožděním log z našeho PC.

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}\ deleted successfully.
========== FILES ==========
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\VLASTA\AppData\Roaming\Mozilla\Firefox\Profiles\ounoh6db.default\searchplugins\icqplugin.xml moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: VLASTA
->Temp folder emptied: 27909201 bytes
->Temporary Internet Files folder emptied: 18903156 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 84128324 bytes
->Google Chrome cache emptied: 6530502 bytes
->Flash cache emptied: 3059 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14631 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 3588 bytes

Total Files Cleaned = 131,00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 09022011_131347

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: FB vir 2

Napsal: 02 zář 2011 12:28
od vyosek
Zdravim a pekne patecni odpoledne preji :)

Nic se nedeje, tohle byla uz jen drobnost :wink:

:arrow: Spustte znovu OTM a kliknete na CleanUp! - tim po sobe uklidi

:arrow: Napiste co nas pacient, je uz v poradku :???:

Re: FB vir 2

Napsal: 02 zář 2011 12:38
od Ivushe
Všechno jsem udělala a počítat šlape tak jak má. Mockrát Vám děkuju za váší pomoc a čas, jste fakt skvělý. Snad je v pořádku i ten notebook, který jsme spolu taky dávali dohromady. Ještě jednou díky :thumbsup:

Re: FB vir 2

Napsal: 02 zář 2011 12:39
od vyosek
Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek


A na rozloucenou vam zahraje nase kapela :guitar: :150: :151: :152: :153: :154: :196:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz