Nález Malwarebytes a avastu

[kristynkai7]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Tomáš on so 07.09.2013 at 12:39:11,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet

Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 07.09.2013 at 12:44:52,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[kristynkai7]

Log z OTL

All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS byla úspěšně vyprázdněna.
C:\Documents and Settings\Tomáš\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Tomáš\Plocha\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Tomáš
->Temp folder emptied: 2850657 bytes
->Temporary Internet Files folder emptied: 64962 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 71395730 bytes
->Opera cache emptied: 18720582 bytes
->Flash cache emptied: 602 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 89,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09072013_125745

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[kristynkai7]

ComboFix 13-09-06.01 - Tomáš 07.09.2013 13:35:44.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.670 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tomáš\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-07 do 2013-09-07 )))))))))))))))))))))))))))))))
.
.
2013-09-07 10:57 . 2013-09-07 10:57 -------- d-----w- C:\_OTL
2013-09-07 10:39 . 2013-09-07 10:39 -------- d-----w- c:\windows\ERUNT
2013-09-07 10:26 . 2013-09-07 10:27 -------- d-----w- C:\AdwCleaner
2013-09-07 10:02 . 2013-09-07 10:19 -------- d-----w- C:\UsbFix
2013-09-07 07:16 . 2013-09-07 07:16 -------- d-----w- C:\rsit
2013-08-17 13:40 . 2013-09-07 06:48 -------- d-----w- c:\documents and settings\Tomáš\Data aplikací\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-07 09:08 . 2013-09-07 09:08 164352 ------w- C:\kk.zip
2013-08-30 07:48 . 2013-08-07 13:41 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-08-07 13:41 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-08-07 13:41 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-08-07 13:41 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-08-30 07:48 . 2013-08-07 13:41 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-08-07 13:41 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-08-07 13:41 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-08-07 13:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-08-07 13:40 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-08-07 13:41 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 13:55 . 2012-05-27 13:48 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-07 13:55 . 2011-08-26 07:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 17:48 . 2013-06-12 17:48 17617288 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 17331200]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.cz/cz.special-uninstalla ... =10.0.1432" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-17 13:49 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-10-28 09:18 17331200 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office2007\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\Tomáš\\Dokumenty\\Tomáš\\Vysoká škola\\MirandaPack - stará\\miranda32.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [7.8.2013 15:41 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [7.8.2013 15:41 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.8.2013 15:41 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.8.2013 15:41 369584]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [13.5.2008 23:44 12856]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [13.5.2008 23:44 8576]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.8.2013 15:41 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [7.8.2013 15:41 66336]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe --> c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [4.1.2013 8:50 35144]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [12.8.2011 1:38 116608]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-27 13:55]
.
2013-09-07 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-07 07:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI3369~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz
IE: {{2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz
IE: {{2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz
IE: {{2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz
IE: {{2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz
IE: {{309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz
IE: {{49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/
IE: {{8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz
IE: {{8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz
IE: {{A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz
IE: {{BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz
IE: {{DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/
IE: {{FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\o229hanx.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - ExtSQL: 2013-08-07 15:41; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-09 14:49; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\o229hanx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-08-09 15:08; firegestures@xuldev.org; c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\o229hanx.default\extensions\firegestures@xuldev.org.xpi
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-07 13:41
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1220945662-2077806209-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3544)
c:\windows\system32\msi.dll
.
Celkový čas: 2013-09-07 13:44:05
ComboFix-quarantined-files.txt 2013-09-07 11:44
.
Před spuštěním: Volných bajtů: 140 306 059 264
Po spuštění: Volných bajtů: 140 265 504 768
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 49DBBDA79C730B2C2043A1392B036C31
413FC2A0C716421B3158746D63736515


Tak snad jsem vše udělala dobře a je hotovo, combofix měl trochu problémy, na konci skončil normálně, udělal log a hned vyskočilo hlášení windows o chybě - V aplikaci generic host process for win32 services došlo k problému a je třeba ji zavřít a nakonec to skončilo resetem, ale naběhlo to, jen po náběhu se zapnul windows firewall a chvíli nato se vypnul a výstraha zabezpečení zobrazila že program AVG Firewall není aktivní (avg bylo na PC dřív, ale nyní už tam není, je tam jen avast antivir a firewall windows), tak nevím co to bylo

[stell]

No este je tan zopar systemovych problemov.
aplikaci generic host process for win32 services došlo k problému
Najprv sprav combofix CFScript. a potom ti napisem ako tento problem odstranime>
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex:

Kód: Vybrat vše

KILLALL::
SecCenter::
{8decf618-9569-4340-b34a-d78d28969b66}
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Adobe ARM"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-
Driver::
AVG Security Toolbar Service
Folder::
c:\program files\AVG
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log .

[kristynkai7]

Tak jsem udělala snad přesně podle návodu

ComboFix 13-09-06.01 - Tomáš 07.09.2013 14:21:38.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.670 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tomáš\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tomáš\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AVG
c:\program files\AVG\AVG10\idpfixx.exe
c:\program files\AVG\AVG10\mfada.lns
c:\program files\AVG\AVG10\mfaes.lns
c:\program files\AVG\AVG10\mfafr.lns
c:\program files\AVG\AVG10\mfage.lns
c:\program files\AVG\AVG10\mfahu.lns
c:\program files\AVG\AVG10\mfaid.lns
c:\program files\AVG\AVG10\mfain.lns
c:\program files\AVG\AVG10\mfait.lns
c:\program files\AVG\AVG10\mfajp.lns
c:\program files\AVG\AVG10\mfako.lns
c:\program files\AVG\AVG10\mfams.lns
c:\program files\AVG\AVG10\mfanl.lns
c:\program files\AVG\AVG10\mfapb.lns
c:\program files\AVG\AVG10\mfapl.lns
c:\program files\AVG\AVG10\mfapt.lns
c:\program files\AVG\AVG10\mfaru.lns
c:\program files\AVG\AVG10\mfasc.lns
c:\program files\AVG\AVG10\mfask.lns
c:\program files\AVG\AVG10\mfasp.lns
c:\program files\AVG\AVG10\mfatr.lns
c:\program files\AVG\AVG10\mfavera.txt
c:\program files\AVG\AVG10\mfazh.lns
c:\program files\AVG\AVG10\mfazt.lns
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\23_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\26_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\27_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\29_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\38_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\39_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\40_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\41_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\42_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\43_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\44_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\45_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\46_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\48_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\49_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\50_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\56_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\57_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\58_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\59_sp.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\autocomplete.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\avgapi.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\facebook.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils.xpt
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\IGeared_tavgp_xputils4.dll
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\notifications.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\sp.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\xpavgdatabaseversion.xpt
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\xpavgprogramversion.xpt
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\xpavgsearchratingsconfig.xpt
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\xpavgtbapi.dll
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\xpavgtbapi.xpt
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\xpavgtbapi4.dll
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\components\xpavgverdicts.xpt
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\channels.dat
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome.manifest
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\26_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\27_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\29_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\38_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\39_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\40_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\41_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\42_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\43_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\44_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\45_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\46_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\48_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\49_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\50_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\56_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\57_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\58_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\59_config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\autocomplete-popup.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\config.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\contexthtml.xul
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\custom.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\26_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\27_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\29_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\38_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\41_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\42_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\43_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\44_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\45_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\46_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\49_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\50_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\56_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\58_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\59_tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\about.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bg_arr.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bg_body.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bg_main-heading.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bg_rule-overlay.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bg_rule.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bg_tab.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_AB.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_ABSearch.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_arrow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_bottom_shadow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirm.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmAVGSafe.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmEmail.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmFacebook.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_fb.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_notifier.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmIco_weather.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmTbr.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_confirmWeather.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_egs.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_general.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_logo.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_protection.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_search.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBox.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBaidu.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_searchSearchBoxBlank.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_SPupdate.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_SPupdateSearchBox.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_style.css
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_top_shadow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\bubble_update.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\deletehistory_processing.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_config.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifier.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBackground.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierBullet.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierClose.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDown.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownActive.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierDownDisabled.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierIco.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNext.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextActive.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierNextDisabled.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPrevious.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousActive.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierPreviousDisabled.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierScrollbar.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierSettings.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUp.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpActive.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\emailchecker_notifierUpDisabled.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\Facebook_config.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\Facebook_error.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\facebook_logo.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\Facebook_notifier.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\Facebook_notifierIco.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\Facebook_status.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\facebook_style.css
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\facebook_textbox.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\Facebook_user.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBAccess.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBCalc.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBExcel.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBExplorer.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBMediaPlayer.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBNotepad.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBOutlook.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBOutlookExpress.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBPaint.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBPowerPoint.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBSkype.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\icoUBWord.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundGrey.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!backgroundRed.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!bullet.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!close.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoiDNES.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRead.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoRSS.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoSimple.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!icoUnread.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!logo.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!settings.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_!tabHilighted.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.css
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_advanced.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_bullet-1.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_config.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\rssreader_simple.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_askdialog.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_background.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_closedialog.htm.old
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg1.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_closedialog_bg2.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_checkboxdialog.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icohelp.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icohelp.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoQuest.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoRisk.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoSafe.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_icoUnkn.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_loading.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_logo.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_main.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu1.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu2.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu3.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_menu4.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\settings_style.css
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_arrow_gray.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_arrow_green.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_arrow_orange.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_arrow_red.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_arrow_yellow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_gray.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_green.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_orange.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_red.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_middle_yellow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_top_gray.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_top_green.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_top_orange.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_top_red.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_background_top_yellow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_blocked.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_gray.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_green.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_orange.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_red.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_bottom_yellow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_top_gray.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_top_green.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_top_orange.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_top_red.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_border_top_yellow.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_caution.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_dangerous.html
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_icons_blocked.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_icons_caution.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_icons_close.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_icons_safe.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_icons_unknown.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_icons_warning.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_LS_Logo_Results.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_questionable.html
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_risky.html
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_safe.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_safe.html
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_unknown.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_unknown.html
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_waiting.html
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\ssb_warning.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_button.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_button_hilight.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_buttonHilight.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7footer.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_ie7header.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByBlank.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tabswelcome_poweredByYahoo.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\tbapi.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\toolbarprotector_window.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\updater_error.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\updater_ok.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\updater_processing.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\weather_bg.gif
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\weather_error.htm
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\weather_img.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\html\weather_x.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\htmlwindow.xul
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\imageButton.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\26_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\38_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\39_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\40_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\41_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\42_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\43_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\44_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\45_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\46_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\48_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\49_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\50_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\56_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\57_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\58_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\59_en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\en.ini
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\Languages\languages.cfg
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\include.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\include_lite.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\marquee.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\overlay.js
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\overlay.xul
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\content\searchProviders.xml
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\icons\default\htmlwindow.ico
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\38_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\38_spBaidu.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\39_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\40_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\40_spYandex.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\41_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\41_spYandex.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\42_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\43_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\43_spYandex.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\44_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\45_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\45_spYandex.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\46_spGeneralSearch.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\48_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\48_spBaidu.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\49_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\49_spBaidu.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\50_searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\50_spBaidu.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\56_spYahoo.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\57_spYahoo.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\58_spYahoo.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\59_spYahoo.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\contexthtml.css
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\dragdrop.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmail.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\emailchecker_icoEmailNew.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\gripper.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\chevron.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoAbout.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoAVGInfo.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoFacebook_facebook.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoFacebook_FriendReq.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoFacebook_messages.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoFacebook_pokes.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoGoButtonBG.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoHomepage.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoOptions.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoProtection.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoProtectionLimited.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSS.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSSBlue.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSSGray.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoRSSGreen.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_D.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_Q.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_R.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_S.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_U.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoShieldButtonBG_W.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoTrash.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBAccess.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBCalc.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBExcel.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBExplorer.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBMediaPlayer.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBNotepad.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBOutlook.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBOutlookExpress.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBPaint.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBPowerPoint.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBSkype.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUBWord.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoUpdate.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\icoWeather.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\logo.ico
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\logo.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\overlay.css
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\rssreader_!icoRead.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\rssreader_!icoUnread.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\Search_provider_drop.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\searchProvider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\settings_icon.ico
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\slider.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spImages.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spLocal.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spSearch.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spShopping.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spVideo.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spWiki.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spYahooBG.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\spYahooBG_small.png
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\chrome\skin\toolbarprotector_icon.ico
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\install.rdf
c:\program files\AVG\AVG10\Toolbar.old\Firefox\avg@igeared\xpfunc.dll
c:\program files\AVG\AVG10\Toolbar.old\Firefox\sp.xml
c:\program files\AVG\AVG10\Toolbar.old\IE8Lib.dll
c:\program files\AVG\AVG10\Toolbar.old\IEToolbar.dll
c:\program files\AVG\AVG10\Toolbar.old\ToolbarBroker.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVG_SECURITY_TOOLBAR_SERVICE
-------\Service_AVG Security Toolbar Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-07 do 2013-09-07 )))))))))))))))))))))))))))))))
.
.
2013-09-07 12:04 . 2013-09-07 12:05 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-07 11:34 . 2013-09-07 11:34 10220 ----a-w- c:\windows\system32\x
2013-09-07 10:57 . 2013-09-07 10:57 -------- d-----w- C:\_OTL
2013-09-07 10:39 . 2013-09-07 10:39 -------- d-----w- c:\windows\ERUNT
2013-09-07 10:26 . 2013-09-07 10:27 -------- d-----w- C:\AdwCleaner
2013-09-07 10:02 . 2013-09-07 10:19 -------- d-----w- C:\UsbFix
2013-09-07 07:16 . 2013-09-07 07:16 -------- d-----w- C:\rsit
2013-08-17 13:40 . 2013-09-07 06:48 -------- d-----w- c:\documents and settings\Tomáš\Data aplikací\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-07 09:08 . 2013-09-07 09:08 164352 ------w- C:\kk.zip
2013-08-30 07:48 . 2013-08-07 13:41 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-08-07 13:41 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-08-07 13:41 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-08-07 13:41 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-08-30 07:48 . 2013-08-07 13:41 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-08-07 13:41 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-08-07 13:41 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-08-07 13:41 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-08-07 13:40 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-08-07 13:41 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 13:55 . 2012-05-27 13:48 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-07 13:55 . 2011-08-26 07:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 17:48 . 2013-06-12 17:48 17617288 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 17331200]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-17 13:49 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-10-28 09:18 17331200 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office2007\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\Tomáš\\Dokumenty\\Tomáš\\Vysoká škola\\MirandaPack - stará\\miranda32.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [7.8.2013 15:41 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [7.8.2013 15:41 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.8.2013 15:41 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.8.2013 15:41 369584]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [13.5.2008 23:44 12856]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [13.5.2008 23:44 8576]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.8.2013 15:41 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [7.8.2013 15:41 66336]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [4.1.2013 8:50 35144]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [7.9.2013 14:04 40776]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [12.8.2011 1:38 116608]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-27 13:55]
.
2013-09-07 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-07 07:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI3369~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{141D2E4F-F313-4991-B61A-EE5D6D849361} - http://bleskove.centrum.cz
IE: {{2A5CFB1C-AAA2-4760-8462-1B61CF74B7D8} - http://www.centrum.cz
IE: {{2BCB61BF-DC41-4738-A149-BDAAAD7FF0BD} - http://www.xchat.cz
IE: {{2E01031B-AB09-4455-823D-25F1A1C11F48} - http://aktualne.centrum.cz
IE: {{2F741D0A-150E-40F9-A602-1B2421475F1D} - http://slovniky.centrum.cz
IE: {{309176E6-E204-40A0-8D13-7F19C0498C40} - http://www.supermapy.cz
IE: {{49681216-5BF4-41A2-AAFA-129A6BD625DA} - http://mp3.centrum.cz/
IE: {{8B6E8E01-D262-4980-8C27-B8B2802285C1} - http://www.zena.cz
IE: {{8FD64249-590C-4FBC-B181-12A6BAF516AF} - http://www.fotoalba.cz
IE: {{A5050656-2286-454F-A489-C605ED1B461C} - http://pocasi.centrum.cz
IE: {{BC78516C-9DC9-40C5-A91E-74593222EF89} - http://sportplus.centrum.cz
IE: {{DAE865E8-970E-4931-A172-119CB56BBAF5} - http://www.digitalne.cz/
IE: {{FC29EB7D-EDBA-4299-AEE4-D1BDC70EFA15} - http://www.stahuj.cz/
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\o229hanx.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - ExtSQL: 2013-08-07 15:41; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-09 14:49; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\o229hanx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-08-09 15:08; firegestures@xuldev.org; c:\documents and settings\Tomáš\Data aplikací\Mozilla\Firefox\Profiles\o229hanx.default\extensions\firegestures@xuldev.org.xpi
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-07 14:32
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1220945662-2077806209-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3576)
c:\windows\system32\MSCTF.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
.
**************************************************************************
.
Celkový čas: 2013-09-07 14:36:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-07 12:36
ComboFix2.txt 2013-09-07 11:44
.
Před spuštěním: Volných bajtů: 140 254 461 952
Po spuštění: Volných bajtů: 140 234 121 216
.
- - End Of File - - FB8E71C4AFD7AD5FC398C0469D6DD99C
413FC2A0C716421B3158746D63736515




Jiu a do tray se vrátila ikona připojení k místní síti, ale zase prozměnu zmizela ikona centra zabezpečení, skáčou si jak se jim to hodí

[kristynkai7]

Ach jiu, tak avast právě vyhodil info že našel nějaký rootkit někde na C: asi, a doporučil hned smazat a nyní vyskočilo že pro dokončení čištění doporučujeme spustit test po restartu, tedy restartovat počítač a nechat avast provést test ještě před tím než operační systém plně nastartuje, Chcete nyní naplánovat test po restartu a zároveň hned restartovat počítač? a možnosti ano / ne

[stell]

NIE, zrus to.
rob co som napisal.
Aha uz to mas.. pockaj napisem ti dalsi navod.

[kristynkai7]

Dobře dala jsem ne a čekám na instrukce, omlouvám se, jsem hloupá

[stell]

Spust TDSSKILLER>.log vloz sem
http://www.viruskasino.com/2010/12/odst ... kitov.html

[kristynkai7]

Ehmm......problém, nejde mi otevřít ten web viruskasino.com......zkoušela jsem i ty předešlé odkazy a také nejdou, ale net přitom jede:( antivirové weby také nejdou

[stell]

ako to?/mne iden akym prehliadacom to zkusas??

[kristynkai7]

Antivirové weby také nejdou , ten virus zabíjí vše

Zkouším přes operu, zkusím i foxe


Přes firefox to samé, buď to nejde nebo to hodí něco takového
hyba parsování XML: Neočekávaný stav parseru
Adresa: jar:file:///C:/Program%20Files/Mozilla%20Firefox/omni.ja!/chrome/toolkit/content/global/netError.xhtml
Řádek 308, sloupec 50: <div id="ed_netReset">&netReset.longDesc;</div>

ale jen u webů jako avg, avast, eset a toho z tvého odkazu, jiné jdou zatím

[stell]

Ten virus uz tam nevidim, vypni Avast,stit a odskusaj ci ide moja stranka.

[stell]

1:Spusťte FireFox ,kliknite na záložku -Pomocník (Nápověda) a tu zvoľte položku Technické informácie.
2:V pravom hornom rohu stránky kliknite na tlačidlo Obnoviť aplikáciu Firefox.
3:kliknite v potvrdzujúcom dialógu na tlačidlo Obnoviť Firefox.
4:Firefox sa ukončí a obnoví do východzieho nastavenia.
5:Akonáhle to bude hotové, zobrazí sa okno s informáciou o tom, čo bolo importované (obnovené).
6:Kliknite na tlačidlo Dokončiť a Firefox sa znovu otvorí.

a odskusaj.

[kristynkai7]

Ani vypnutí avastu ani firewalu nemá vliv, vše jede jen ta stránka a stránky antivirových společností ne, a začíná se nějak zpomalovat PC