Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Facebook vir žádám o pomoc

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Pepa
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 05 lis 2011 16:34

Facebook vir žádám o pomoc

#1 Příspěvek od Pepa »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pepor at 2011-11-05 16:51:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 264 GB (57%) free of 465 GB
Total RAM: 4091 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:52:08, on 5.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
c
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\O2 Mobilni internet\O2 Mobilni internet.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe
C:\Program Files\trend micro\Pepor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58n1y291
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58n1y291
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58n1y291
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~2\mcafee\VIRUSS~1\scriptsn.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-9-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\Windows\update.tray-14-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico2] C:\Windows\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [7988733.exe] "C:\Users\Pepor\AppData\Local\Temp\7988733.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [5446515.exe] "C:\Windows\Temp\5446515.exe"
O4 - HKLM\..\Run: [1382869.exe] "C:\Windows\TEMP\1382869.exe"
O4 - HKLM\..\Run: [w_distrib.exe] "C:\Windows\update.3\svchost.exe" stand
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [2757858.exe] "C:\Windows\Temp\2757858.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (file missing)
O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (file missing)
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (file missing)
O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243 (NisSrv) - Unknown owner - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: wxpdrivers - Cronosoft - C:\Windows\update.1\svchost.exe

--
End of file - 15432 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k HsfXAudioService
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\update.5.0\svchost.exe srv
C:\Windows\sysdriver32.exe srv
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\update.1\svchost.exe srv
"C:\Windows\update.5.0\svchost.exe" stand
WLIDSvcM.exe 1048
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\O2 Mobilni internet\O2 Mobilni internet.exe"
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\ufa\ufa.exe -o http://127.0.0.1:26139
\??\C:\Windows\system32\conhost.exe "1160622576-1884252521-77169589-12171244481813073234-5032864088674054211457010606
"C:\Users\Pepor\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe" "C:\Users\Pepor\Music\ghjkl\19_Toca (Bocacabana Cut)_BOCA.mp3"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Pepor\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\BearShareNAG.job
C:\Windows\tasks\McDefragTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll [2011-01-25 1057160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~2\mcafee\msk\mskapbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll [2011-01-24 89008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll [2011-01-25 721288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~2\mcafee\VIRUSS~1\scriptsn.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll []
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll []
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - MediaBar - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll [2011-01-24 89008]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-10-03 16395880]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-11-03 8312352]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-11-23 200704]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-06-15 15141768]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-24 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1100368]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-06 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-06 181480]
"mcagent_exe"=C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /runkey []
"DATAMNGR"=C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE [2011-01-25 1116080]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"wxpdrv"=C:\Windows\services32.exe [2011-10-27 1198080]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-9-0\svchost.exe [2011-10-27 1198080]
"tray_ico1"=C:\Windows\update.tray-14-0\svchost.exe [2011-10-27 1198080]
"tray_ico2"=C:\Windows\update.tray-7-0\svchost.exe [2011-10-27 1198080]
"tray_ico3"= []
"tray_ico4"= []
"7988733.exe"=C:\Users\Pepor\AppData\Local\Temp\7988733.exe [2011-10-27 258048]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-11-02 257024]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-11-02 257024]
"5446515.exe"=C:\Windows\Temp\5446515.exe [2011-10-27 258048]
"1382869.exe"=C:\Windows\TEMP\1382869.exe [2011-10-27 1944576]
"w_distrib.exe"=C:\Windows\update.3\svchost.exe [2011-10-27 273920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
"2757858.exe"=C:\Windows\Temp\2757858.exe [2011-11-02 257024]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Pepor\AppData\Local\Opera\Opera\temporary_downloads\Flash-Player.exe"="C:\Users\Pepor\AppData\Local\Opera\Opera\temporary_downloads\Flash-Player.exe:*:Enabled:C:\Users\Pepor\AppData\Local\Opera\Opera\temporary_downloads\Flash-Player.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\services32.exe"="C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe"
"C:\Windows\update.tray-9-0\svchost.exe"="C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"
"C:\Windows\update.3\svchost.exe"="C:\Windows\update.3\svchost.exe:*:Enabled:C:\Windows\update.3\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-05 16:45:30 ----D---- C:\rsit
2011-11-05 16:45:30 ----D---- C:\Program Files\trend micro
2011-11-01 20:33:41 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-11-01 20:33:41 ----HD---- C:\Windows\update.tray-7-0
2011-11-01 20:31:17 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-11-01 20:31:17 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-11-01 20:31:16 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-11-01 20:31:14 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-11-01 20:31:13 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-11-01 20:31:10 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-11-01 20:31:10 ----A---- C:\Windows\system32\aswBoot.exe
2011-11-01 20:30:50 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-11-01 20:30:50 ----A---- C:\Windows\avastSS.scr
2011-11-01 20:14:08 ----HD---- C:\Windows\update.tray-14-0-lnk
2011-11-01 20:14:08 ----HD---- C:\Windows\update.tray-14-0
2011-11-01 20:12:22 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-11-01 20:12:20 ----D---- C:\Program Files (x86)\Microsoft Security Client
2011-11-01 20:12:16 ----D---- C:\Program Files\Microsoft Security Client
2011-10-29 10:33:35 ----D---- C:\Windows\ufa
2011-10-29 10:33:35 ----D---- C:\Windows\rpcminer
2011-10-29 10:33:35 ----D---- C:\Windows\phoenix
2011-10-29 10:32:01 ----A---- C:\Windows\btc_client_iplist.txt
2011-10-29 10:31:25 ----HD---- C:\Windows\update.5.0
2011-10-27 18:20:08 ----A---- C:\Windows\w_distrib_iplist.txt
2011-10-27 18:18:16 ----HD---- C:\Windows\update.3
2011-10-27 18:17:46 ----A---- C:\Windows\unrar.exe
2011-10-27 18:17:19 ----A---- C:\Windows\iecheck_iplist.txt
2011-10-27 18:16:57 ----HD---- C:\Windows\update.2
2011-10-27 18:16:37 ----A---- C:\Windows\iplist.txt
2011-10-27 18:16:27 ----A---- C:\Windows\sysdriver32_.exe
2011-10-27 18:16:13 ----A---- C:\Windows\sysdriver32.exe
2011-10-27 18:15:40 ----D---- C:\Windows\av_ico
2011-10-27 18:15:20 ----A---- C:\Windows\front_ip_list.txt
2011-10-27 18:14:05 ----HD---- C:\Windows\update.1
2011-10-27 18:13:38 ----HD---- C:\Windows\update.tray-9-0-lnk
2011-10-27 18:13:38 ----HD---- C:\Windows\update.tray-9-0
2011-10-27 18:03:15 ----A---- C:\Windows\winlog-ids.txt
2011-10-27 18:03:15 ----A---- C:\Windows\winlog-dirs.txt
2011-10-27 18:03:04 ----A---- C:\Windows\services32.exe
2011-10-26 18:07:33 ----D---- C:\Program Files (x86)\iLivid
2011-10-26 18:07:17 ----D---- C:\Program Files (x86)\Windows iLivid Toolbar
2011-10-26 18:07:14 ----D---- C:\Program Files (x86)\SearchCore for Browsers
2011-10-26 17:40:26 ----D---- C:\Program Files (x86)\Cain
2011-10-26 17:36:22 ----D---- C:\Program Files (x86)\Passware
2011-10-12 20:46:55 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 20:46:42 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 20:46:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-12 20:46:37 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 20:46:35 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 20:46:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 20:46:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 20:46:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 20:46:34 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 20:46:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-10-12 20:46:32 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-12 20:46:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 20:46:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 20:46:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 20:46:31 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 20:46:31 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 20:46:31 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 20:46:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 20:46:30 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 20:46:29 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 20:46:29 ----A---- C:\Windows\system32\url.dll
2011-10-12 20:46:22 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 20:46:22 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 20:46:00 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-12 20:46:00 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 20:45:59 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 20:45:59 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-10 16:10:08 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======List of files/folders modified in the last 1 month======

2011-11-05 16:52:00 ----D---- C:\Windows\Temp
2011-11-05 16:45:43 ----D---- C:\Windows\Prefetch
2011-11-05 16:45:30 ----RD---- C:\Program Files
2011-11-05 16:41:15 ----D---- C:\Windows\system32\config
2011-11-05 16:40:51 ----D---- C:\Windows\System32
2011-11-05 16:40:51 ----D---- C:\Windows\inf
2011-11-05 16:40:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-05 16:38:00 ----D---- C:\Windows\tracing
2011-11-05 16:31:41 ----D---- C:\Users\Pepor\AppData\Roaming\Skype
2011-11-03 21:32:09 ----D---- C:\Windows\SysWOW64
2011-11-03 21:32:05 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-11-02 17:26:51 ----RD---- C:\Program Files (x86)
2011-11-02 15:42:21 ----SHD---- C:\System Volume Information
2011-11-02 14:33:06 ----D---- C:\Windows\system32\drivers
2011-11-02 14:33:06 ----D---- C:\ProgramData\Norton
2011-11-02 14:33:05 ----D---- C:\Windows\system32\Tasks
2011-11-02 14:33:04 ----D---- C:\Windows\Tasks
2011-11-02 14:32:41 ----SHD---- C:\Windows\Installer
2011-11-02 14:32:41 ----D---- C:\ProgramData\Symantec
2011-11-01 20:34:52 ----D---- C:\Windows\system32\catroot2
2011-11-01 20:33:41 ----D---- C:\Windows
2011-11-01 20:30:39 ----HD---- C:\ProgramData
2011-11-01 20:22:00 ----D---- C:\Program Files (x86)\Common Files
2011-11-01 20:21:37 ----D---- C:\Windows\SYSWOW64\Adobe
2011-11-01 20:21:36 ----D---- C:\Windows\SYSWOW64\Macromed
2011-11-01 20:21:17 ----D---- C:\Program Files (x86)\Adobe
2011-11-01 20:21:12 ----D---- C:\ProgramData\Adobe
2011-11-01 20:12:21 ----D---- C:\Windows\system32\catroot
2011-11-01 20:12:20 ----SD---- C:\ProgramData\Microsoft
2011-11-01 19:01:09 ----SHD---- C:\Users\Pepor\AppData\Roaming\.#
2011-11-01 18:37:15 ----D---- C:\Program Files\Google
2011-11-01 18:37:15 ----D---- C:\Program Files (x86)\WinRAR
2011-11-01 18:37:15 ----D---- C:\Program Files (x86)\Google
2011-11-01 17:46:08 ----D---- C:\ProgramData\Google
2011-11-01 17:43:55 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-01 17:41:33 ----D---- C:\Program Files (x86)\NCH Software
2011-11-01 17:38:06 ----D---- C:\Program Files (x86)\Acer GameZone
2011-11-01 17:32:27 ----D---- C:\ProgramData\Electronic Arts
2011-11-01 17:25:53 ----D---- C:\Program Files\Acer
2011-11-01 17:25:09 ----D---- C:\Program Files (x86)\Acer
2011-11-01 17:18:53 ----D---- C:\Users\Pepor\AppData\Roaming\Audacity
2011-11-01 17:17:24 ----D---- C:\Windows\system32\DriverStore
2011-11-01 17:11:30 ----DC---- C:\Windows\system32\DRVSTORE
2011-11-01 17:09:00 ----D---- C:\Program Files (x86)\Ubisoft
2011-11-01 17:08:04 ----D---- C:\Users\Pepor\AppData\Roaming\NCH Software
2011-11-01 17:06:39 ----D---- C:\Users\Pepor\AppData\Roaming\uTorrent
2011-10-29 16:10:30 ----RSD---- C:\Windows\assembly
2011-10-27 18:17:16 ----D---- C:\Windows\system32\drivers\etc
2011-10-27 18:15:35 ----D---- C:\ProgramData\boost_interprocess
2011-10-27 18:13:59 ----D---- C:\Program Files\Common Files
2011-10-26 09:50:18 ----D---- C:\Windows\winsxs
2011-10-26 09:50:08 ----D---- C:\Program Files\Internet Explorer
2011-10-26 09:50:08 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-25 20:59:48 ----D---- C:\Program Files (x86)\Opera
2011-10-18 14:43:00 ----D---- C:\ProgramData\InstallMate
2011-10-12 23:03:26 ----D---- C:\Windows\Microsoft.NET
2011-10-12 21:42:02 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-12 21:41:12 ----D---- C:\Windows\SYSWOW64\migration
2011-10-12 21:41:11 ----D---- C:\Windows\system32\migration
2011-10-12 21:41:11 ----D---- C:\Windows\ehome
2011-10-12 21:27:33 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-05 503352]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-11-04 308296]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-04-09 176144]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2009-06-10 17024]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2009-02-13 292864]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 hidshim;Service for HID-KMDF Shim layer; C:\Windows\system32\DRIVERS\hidshim.sys [2009-07-21 6656]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2009-02-13 1485824]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 115328]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-11-03 2022304]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 nuvotonhidgeneric;Nuvoton EC Generic HID; C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys [2009-07-21 25088]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-08-21 84512]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2009-02-13 740864]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-02 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-07-08 21832]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-11-04 102472]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-11-04 40904]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-11-04 49480]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-05 216064]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 392296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-08-04 75136]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-10-29 344576]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-11-02 257024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe []
S2 mcmscsvc;McAfee Services; C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe []
S2 McNASvc;McAfee Network Agent; c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe []
S2 McProxy;McAfee Proxy Service; c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe []
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 MpfService;McAfee Personal Firewall Service; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe []
S2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe []
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe []
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe []
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe []
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe []
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-12 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir žádám o pomoc

#2 Příspěvek od vyosek »

Zdravim, pekny podvecer preji a vitam Vas u nas na foru :welcome:

:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost 2 a potvrte enterem
  • Utilita provede svou cinnost a da log - ten sem vlozte
  • Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Pepa
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 05 lis 2011 16:34

Re: Facebook vir žádám o pomoc

#3 Příspěvek od Pepa »

RogueKiller V6.1.7 [11/05/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Pepor [Admin rights]
Mode: Remove -- Date : 11/05/2011 17:53:07

¤¤¤ Bad processes: 3 ¤¤¤
[SUSP PATH] sysdriver32.exe -- C:\Windows\sysdriver32.exe -> KILLED [TermProc]
[HJ NAME] svchost.exe -- C:\Windows\update.5.0\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\Windows\update.5.0\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 14 ¤¤¤
[HJ NAME] HKLM\[...]\Wow6432Node\Run : tray_ico0 (C:\Windows\update.tray-9-0\svchost.exe) -> DELETED
[HJ NAME] HKLM\[...]\Wow6432Node\Run : tray_ico1 (C:\Windows\update.tray-14-0\svchost.exe) -> DELETED
[HJ NAME] HKLM\[...]\Wow6432Node\Run : tray_ico2 (C:\Windows\update.tray-7-0\svchost.exe) -> DELETED
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : 8816596.exe ("C:\Users\Pepor\AppData\Local\Temp\8816596.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : sysdriver32.exe ("C:\Windows\sysdriver32.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : sysdriver32_.exe ("C:\Windows\sysdriver32_.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : 8648458.exe ("C:\Users\Pepor\AppData\Local\Temp\8648458.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : 7222633.exe ("C:\Users\Pepor\AppData\Local\Temp\7222633.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : 7492894.exe ("C:\Windows\TEMP\7492894.exe") -> DELETED
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{6A7EEB4E-101B-4DBD-A31E-E15C863F9F2A} : NameServer (160.218.167.5 160.218.161.60) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED ()
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


Finished : << RKreport[1].txt >>
RKreport[1].txt



RogueKiller V6.1.7 [11/05/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Pepor [Admin rights]
Mode: HOSTSFix -- Date : 11/05/2011 17:54:10

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

RogueKiller V6.1.7 [11/05/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Pepor [Admin rights]
Mode: ProxyFix -- Date : 11/05/2011 17:54:37

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir žádám o pomoc

#4 Příspěvek od vyosek »

Fajn, jdeme dale :James008:

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Pepa
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 05 lis 2011 16:34

Re: Facebook vir žádám o pomoc

#5 Příspěvek od Pepa »

ComboFix 11-11-05.02 - Pepor 05.11.2011 17:20:39.1.2 - x64
Spuštěný z: c:\users\Pepor\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Pepor\AppData\Roaming\.#
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_Essentials_start.ico
c:\windows\av_ico\ico_mcafee_start.ico
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\8796d8f2b0d39cfd770fe1e7befc63fd.elf
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.pyc
c:\windows\phoenix\kernels\phatk\fdb754ad206e4e70b4541c015c8a3f18.elf
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\5897c5ea62938143a579ec5f852ed9d8.elf
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.pyc
c:\windows\phoenix\kernels\poclbm\e18516b3c553e5adb14023814d00706d.elf
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\services32.exe
c:\windows\ST6UNST.000
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.3
c:\windows\update.3\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\w_distrib_iplist.txt
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_srvbtcclient
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-05 do 2011-11-05 )))))))))))))))))))))))))))))))
.
.
2011-11-05 16:27 . 2009-11-04 21:14 6231376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DFBCDD20-290C-4710-B45B-25D212D3B455}\mpengine.dll
2011-11-05 16:26 . 2011-11-05 16:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-05 16:07 . 2011-11-05 16:07 -------- d-----w- c:\program files\CCleaner
2011-11-05 15:45 . 2011-11-05 15:51 -------- d-----w- c:\program files\trend micro
2011-11-05 15:45 . 2011-11-05 15:45 -------- d-----w- C:\rsit
2011-11-01 19:38 . 2011-11-01 19:46 -------- d-----w- c:\users\Pepor\AppData\Local\Solid State Networks
2011-11-01 19:33 . 2011-11-01 19:33 -------- d--h--w- c:\windows\update.tray-7-0
2011-11-01 19:33 . 2011-11-01 19:33 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-11-01 19:31 . 2011-09-06 21:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-01 19:31 . 2011-09-06 21:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-01 19:31 . 2011-09-06 21:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-01 19:31 . 2011-09-06 21:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-01 19:31 . 2011-09-06 21:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-01 19:31 . 2011-09-06 21:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-01 19:31 . 2011-09-06 21:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-01 19:30 . 2011-09-06 21:45 41184 ----a-w- c:\windows\avastSS.scr
2011-11-01 19:30 . 2011-09-06 21:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-01 19:14 . 2011-11-01 19:14 -------- d--h--w- c:\windows\update.tray-14-0
2011-11-01 19:14 . 2011-11-01 19:14 -------- d--h--w- c:\windows\update.tray-14-0-lnk
2011-11-01 19:12 . 2011-11-01 19:12 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-11-01 19:12 . 2011-11-01 19:14 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-01 18:00 . 2011-11-01 18:00 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio
2011-10-29 15:15 . 2011-11-02 16:18 -------- d-----w- c:\users\Pepor\AppData\Local\Ubisoft Game Launcher
2011-10-29 09:33 . 2011-10-29 09:33 -------- d-----w- c:\windows\ufa
2011-10-27 17:17 . 2011-10-29 09:33 246272 ----a-w- c:\windows\unrar.exe
2011-10-27 17:13 . 2011-10-27 17:13 -------- d--h--w- c:\windows\update.tray-9-0
2011-10-27 17:13 . 2011-10-27 17:13 -------- d--h--w- c:\windows\update.tray-9-0-lnk
2011-10-26 17:08 . 2011-10-26 17:08 -------- d-----w- c:\users\Pepor\AppData\Local\Ilivid Player
2011-10-26 17:07 . 2011-11-01 16:45 -------- d-----w- c:\program files (x86)\iLivid
2011-10-26 17:07 . 2011-10-26 17:07 -------- d-----w- c:\program files (x86)\Windows iLivid Toolbar
2011-10-26 17:07 . 2011-10-26 17:07 -------- d-----w- c:\program files (x86)\SearchCore for Browsers
2011-10-26 16:40 . 2011-10-27 06:12 -------- d-----w- c:\program files (x86)\Cain
2011-10-26 16:36 . 2011-11-01 16:23 -------- d-----w- c:\program files (x86)\Passware
2011-10-26 08:42 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 08:42 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-25 12:46 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2961A00F-1356-4F30-A78E-BAE84F143439}\mpengine.dll
2011-10-12 19:45 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 19:45 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-10 15:10 . 2011-10-10 15:10 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-05 16:28 . 2011-11-05 16:28 257024 ----a-w- c:\windows\sysdriver32_.exe
2011-11-05 16:28 . 2011-11-05 16:28 257024 ----a-w- c:\windows\sysdriver32.exe
2011-11-03 20:32 . 2011-08-04 18:48 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-11-03 20:32 . 2010-02-01 14:00 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-11-03 20:29 . 2010-02-01 14:00 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-11-01 19:56 . 2011-05-31 19:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-23 17:05 . 2011-09-23 17:05 0 ---ha-w- c:\users\Pepor\AppData\Local\BITD02A.tmp
2011-08-23 11:45 . 2011-08-23 11:45 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-01-24 15:45 89008 ----a-w- c:\progra~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-01-25 12:24 721288 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 11:29 1490312 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll" [2011-01-24 89008]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1100368]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-06 181480]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"tray_ico0"="c:\windows\update.tray-9-0\svchost.exe" [2011-10-27 1198080]
"tray_ico1"="c:\windows\update.tray-14-0\svchost.exe" [2011-10-27 1198080]
"tray_ico2"="c:\windows\update.tray-7-0\svchost.exe" [2011-10-27 1198080]
"8816596.exe"="c:\users\Pepor\AppData\Local\Temp\8816596.exe" [2011-11-05 257024]
"sysdriver32.exe"="c:\windows\sysdriver32.exe" [2011-11-05 257024]
"sysdriver32_.exe"="c:\windows\sysdriver32_.exe" [2011-11-05 257024]
"8648458.exe"="c:\users\Pepor\AppData\Local\Temp\8648458.exe" [2011-11-05 257024]
"7222633.exe"="c:\users\Pepor\AppData\Local\Temp\7222633.exe" [2011-11-05 257024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 srvsysdriver32;srvsysdriver32;c:\windows\sysdriver32.exe [2011-11-05 257024]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 nuvotonhidgeneric;Nuvoton EC Generic HID;c:\windows\system32\DRIVERS\nuvotonhidgeneric.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-01-25 12:24 1057160 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-11 349480]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 16395880]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-03 8312352]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-11-23 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"combofix"="c:\combofix\CF26586.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.searchqu.com/406
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_8735&r=27360110l906l0398z1i5t58n1y291
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}\165747F63796D696: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}\A596B69702: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-wxpdrv - c:\windows\services32.exe
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
Wow6432Node-HKLM-Run-w_distrib.exe - c:\windows\update.3\svchost.exe
SafeBoot-wxpdrivers
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:c0,1c,43,ab,6d,42,1c,d0,4f,5d,c0,57,c5,72,44,90,73,44,6b,6d,c4,cc,a5,
fa,cb,fd,70,68,a5,22,8d,f3,95,c9,36,b3,45,0c,41,84,33,f0,c4,16,84,2f,9c,7d,\
"??"=hex:dd,2d,67,ac,b2,0c,e9,04,51,82,d7,92,df,69,ab,b6
.
[HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\SecuROM\License information*]
"datasecu"=hex:ab,2a,54,2f,5d,35,10,f6,d3,40,c4,8e,a7,68,42,43,6a,88,1a,29,f2,
fa,11,bb,b7,dc,80,98,6f,47,6f,77,f9,8f,10,16,86,0f,81,4c,37,78,07,2a,cb,ca,\
"rkeysecu"=hex:59,26,70,f0,0b,d5,55,ab,d9,b2,2e,15,fc,5f,22,86
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
c:\windows\TEMP\4498700.exe
c:\windows\update.5.0\svchost.exe
c:\windows\update.5.0\svchost.exe
.
**************************************************************************
.
Celkový čas: 2011-11-05 17:32:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-05 16:32
.
Před spuštěním: Volných bajtů: 283 122 786 304
Po spuštění: Volných bajtů: 282 710 298 624
.
- - End Of File - - 74D0D5C723AD111E09C416E5C969E0A3

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir žádám o pomoc

#6 Příspěvek od vyosek »

:arrow: Odinstalujte Spybota - ma uz davno nejlepsi leta za sbeou - po ukonceni leceni tam dame nejakou lepcejsi nahradu

:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize
  • Kód: Vybrat vše

    KillAll::
    
    Folder::
    c:\windows\update.tray-7-0
    c:\windows\update.tray-7-0-lnk
    c:\windows\update.tray-14-0-lnk
    c:\windows\ufa
    c:\windows\update.tray-9-0
    c:\windows\update.tray-9-0-lnk
    c:\program files (x86)\Ask.com
    c:\progra~2\IMESHA~1\MediaBar\ToolBar
    c:\program files (x86)\Spybot - Search & Destroy
    c:\users\Pepor\AppData\Local\Temp
    
    Collect::
    c:\windows\unrar.exe
    c:\windows\sysdriver32_.exe
    c:\windows\sysdriver32_.exe
    C:\Users\Pepor\AppData\Local\Opera\Opera\temporary_downloads\Flash-Player.exe
    
    File::
    C:\Windows\tasks\BearShareNAG.job
    C:\Windows\tasks\McDefragTask.job
    
    Registry::
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
    [-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
    [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
    [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
    [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
    "{28387537-e3f9-4ed7-860c-11e69af4a8a0}"=-
    [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [-HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"=-
    "SpybotSD TeaTimer"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "ApnUpdater"=-
    "tray_ico0"-
    "tray_ico1"=-
    "tray_ico2"=-
    "8816596.exe"=-
    "sysdriver32.exe"=-
    "sysdriver32_.exe"=-
    "8648458.exe"=-
    "7222633.exe"=-
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "FirewallOverride"=dword:00000000
    "DisableThumbnailCache"=dword:00000000
    "FirewallDisableNotify"=dword:00000000
    "UpdatesDisableNotify"=dword:00000000
    "AntiVirusDisableNotify"=dword:00000000
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Users\Pepor\AppData\Local\Opera\Opera\temporary_downloads\Flash-Player.exe"=-
    "C:\Windows\update.1\svchost.exe"=-
    "C:\Windows\services32.exe"=-
    "C:\Windows\update.tray-9-0\svchost.exe"=-
    "C:\Windows\update.2\svchost.exe"=-
    "C:\Windows\update.3\svchost.exe"=-
    
    DDS::
    uStart Page = hxxp://www.searchqu.com/406
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t58n1y291
    mLocal Page = c:\windows\SysWOW64\blank.htm
    
    RegLock::
    [HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    [HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    [HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    [HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\SecuROM\License information*]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    
    RegNull::
    [HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    [HKEY_USERS\S-1-5-21-2554985622-1061476484-448106127-1000\Software\SecuROM\License information*]
    
    Reboot::
    
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Pepa
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 05 lis 2011 16:34

Re: Facebook vir žádám o pomoc

#7 Příspěvek od Pepa »

Moc děkuji za pomoc takže už tam vir nemám ?? Všechno šlo přesně tak jak mělo.A jakej si mám stáhnout antivir ??

Moc Děkuji

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir žádám o pomoc

#8 Příspěvek od vyosek »

Zatim nedokazu urcit jestli je jiz PC ciste, dejte mi log z ComboFixu co se provedl po aplikovani skriptu...

Zabezpeceni PC poresime az bude PC ciste na havet
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Pepa
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 05 lis 2011 16:34

Re: Facebook vir žádám o pomoc

#9 Příspěvek od Pepa »

ComboFix 11-11-05.03 - Pepor 05.11.2011 22:44:46.2.2 - x64
Spuštěný z: C:\ComboFix\ComboFix.exe
Použité ovládací přepínače :: C:\Users\Pepor\Desktop\CFScript.txt.txt

FILE ::
"C:\Windows\tasks\BearShareNAG.job"
"C:\Windows\tasks\McDefragTask.job"



((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


c:\progra~2\IMESHA~1\MediaBar\ToolBar
c:\progra~2\IMESHA~1\MediaBar\ToolBar\components\windowmediator.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\data\search\engines.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\data\search\search.xsl
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\imeshcode.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\about.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxpanel.xul
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\dtxwin.xul
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\external.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\imeshcode.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\neterror.xhtml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\nsDragAndDrop.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\rsspreview.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\rsswin.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\rsswin.xsl
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\vmncode.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\modules\datastore.jsm
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\neterror.xhtml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\preferences.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\template.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\toolbar.htm
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\toolbar.xul
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\vmncode.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\vmnrsswin.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\css\dialog.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrow-grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-left.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\arrows_grey-right.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\back.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\btn-search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\delete.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollb.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\scrollt.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow-hover.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-arrow.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-off-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-on-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-over-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-red-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\tab-white-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\throbber.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\vid-bg.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images\youtube.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\index.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\function.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\jquery-1.4.2.min.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js\JSON.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css\dialog.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\bg-facebook.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\blank.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\btn-wide-close.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\default.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\transparent.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right-resize.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images\win-btm-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\main.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\defscript.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts\jquery-1.4.2.min.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\tb_icon.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.jsw
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.MyStartFacebook\widget_version.txt
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\css\twitter.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-login.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\btn-submit.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\loginbg.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\refresh-over.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\refresh.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrollbottom.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\scrolltop.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-off-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\tab-on-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\throbber.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\twitter-logo48.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\images\twitter_top.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\index.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js\defscript.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js\jquery.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\js\scripts.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\login.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\css\dialog.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\bg.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\btn-wide-close.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\default.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\transparent.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right-resize.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\images\win-btm-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\main.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts\defscript.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\tb_icon.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget.jsw
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.Twitter\widget_version.txt
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\css\dialog.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\arrow-grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\arrows_grey-left.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\arrows_grey-right.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\bg.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\btn-search-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\btn-search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\powered-by-youtube.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\scrollb-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\scrollb-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\scrollb.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\scrollt-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\scrollt-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\scrollt.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-off-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-off-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-on-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-on-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-over-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-over-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-red-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-red-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-red-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-white-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-white-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\tab-white-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\throbber.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\vid-bg.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\images\youtube.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\index.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\js\jquery-1.3.2.min.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\js\jquery-1.4.3.min.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\js\jquery.autocomplete.min.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\js\jquery.event.wheel.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\js\jquery.scrollTo-min.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\js\youtube.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\css\dialog.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\bg.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\btn-search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\btn-wide-close-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\btn-wide-close.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\default.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\tab-off-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\tab-off-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\tab-on-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\tab-on-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\Thumbs.db
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\transparent.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\win-btm-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\win-btm-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\win-btm-right-resize.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\images\win-btm-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\main.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\skin\scripts\defscript.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\tb_icon.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\widget.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\widget.jsw
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\widget.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\content\widgets\net.vmn.www.YouTube\widget_version.txt
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\about_logo.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\babylon_logo.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\bluelite.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\bluesky.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-search-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-settings-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-settings.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-widgets-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn-widgets.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\btn_settings.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\ca.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\dictionary.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\divider.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\downloadcom.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\dtxlogo.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\ebay.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\ebay_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\email.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\email_on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\email_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\facebook.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\games.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred0.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred0_5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred1.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred1_5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred2.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred2_5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred3.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred3_5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred4.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred4_5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphred5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\graphredna.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\grey.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\ico-shield.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\icon_seperator_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\images.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\imesh.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\add.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\aol.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\blank.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btn-widgets.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btn_slider.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\collapse.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\comcast.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\dtx.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\edit-back.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\expand.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\found.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\gmail.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\hotmail.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\checkmark.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\chevron.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\ico-check.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\imap.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\lock.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\logo-separator.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\mailcom.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\modify.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\move.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\movetarget.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\main.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\games.xsl
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\panels\scroll.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\pop.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\reload.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\remove.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rename.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\resize-box.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rss.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\scroll-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\scroll-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\search-go.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\throbber.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\template.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lib\yahoo.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\lichen.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo-about.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo-separator.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo_about_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo_over_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo_over_t_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\logo_t_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\mail.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\maps.bmp
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\menuseparatorback.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\modify-save.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\modify.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\modifyhot.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\music.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\news.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-main.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-weather.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-weather.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\options\options-widgets.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\orange.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\pixsy.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\protect-id.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\relatedlinks.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-collapse.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-delete.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-expand.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-feed.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-folder-remove.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-folder-rename.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-folder.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-found.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-reload.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss-subscribe.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rss.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rssback.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\rsstopback.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\search-over.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\search.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\search_button_over_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\search_button_png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\settings.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\shopping.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\siteinfo.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-bluelite.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-bluesky.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-grey.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-lichen.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-orange.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin-yellow.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\skin.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\technorati.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\throbber.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\toolbarsplitter.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\translate.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\TRUSTe_about.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\video.bmp
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\vmn.css
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\vmn.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\weather.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\web.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\widgets-square-16px.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\wikipedia.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\yahoosearch.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\yellow.gif
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\youtube.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\chrome\skin\zoom.png
c:\progra~2\IMESHA~1\MediaBar\ToolBar\imeshbandmltbpi.dll
c:\progra~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll
c:\progra~2\IMESHA~1\MediaBar\ToolBar\manifest.xml
c:\progra~2\IMESHA~1\MediaBar\ToolBar\uninstall.exe
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\assets\oobe\b.png
c:\program files (x86)\Ask.com\assets\oobe\bl.png
c:\program files (x86)\Ask.com\assets\oobe\br.png
c:\program files (x86)\Ask.com\assets\oobe\l.png
c:\program files (x86)\Ask.com\assets\oobe\pointer.png
c:\program files (x86)\Ask.com\assets\oobe\r.png
c:\program files (x86)\Ask.com\assets\oobe\t.png
c:\program files (x86)\Ask.com\assets\oobe\tl.png
c:\program files (x86)\Ask.com\assets\oobe\tr.png
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_96f5.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\precache.exe
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\Updater\config.xml
c:\program files (x86)\Ask.com\Updater\Updater.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\Spybot - Search & Destroy
c:\program files (x86)\Spybot - Search & Destroy\advcheck.dll
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe
c:\users\Pepor\AppData\Local\Temp
c:\users\Pepor\AppData\Local\Temp\FXSAPIDebugLogFile.txt
c:\users\Pepor\AppData\Local\Temp\MyWinLocker\FileList.txt
C:\Windows\assembly\tmp\U
C:\Windows\assembly\tmp\U\000000c0.@
C:\Windows\assembly\tmp\U\000000cb.@
C:\Windows\assembly\tmp\U\000000cf.@
C:\Windows\assembly\tmp\U\80000000.@
C:\Windows\assembly\tmp\U\800000c0.@
C:\Windows\assembly\tmp\U\800000cb.@
C:\Windows\assembly\tmp\U\800000cf.@
C:\Windows\av_ico
C:\Windows\av_ico\ico_avast_desktop.ico
C:\Windows\av_ico\ico_avast_start.ico
C:\Windows\av_ico\ico_Essentials_start.ico
C:\Windows\av_ico\ico_mcafee_start.ico
C:\Windows\btc_client_iplist.txt
C:\Windows\front_ip_list.txt
C:\Windows\geoiplist
C:\Windows\geoiplist.rar
C:\Windows\info1
C:\Windows\iplist.txt
C:\Windows\loader2.exe_ok
C:\Windows\phoenix
C:\Windows\phoenix.rar
C:\Windows\phoenix\kernels\phatk\__init__.py
C:\Windows\phoenix\kernels\phatk\BFIPatcher.py
C:\Windows\phoenix\kernels\phatk\kernel.cl
C:\Windows\phoenix\kernels\poclbm\__init__.py
C:\Windows\phoenix\kernels\poclbm\BFIPatcher.py
C:\Windows\phoenix\kernels\poclbm\kernel.cl
C:\Windows\phoenix\phoenix.exe
C:\Windows\proc_list1.log
C:\Windows\rpcminer
C:\Windows\rpcminer.rar
C:\Windows\rpcminer\bitcoinminercuda_10.cubin
C:\Windows\rpcminer\bitcoinminercuda_11.cubin
C:\Windows\rpcminer\bitcoinminercuda_20.cubin
C:\Windows\rpcminer\bitcoinmineropencl.cl
C:\Windows\rpcminer\cudart32_32_16.dll
C:\Windows\rpcminer\curllib.dll
C:\Windows\rpcminer\libeay32.dll
C:\Windows\rpcminer\libsasl.dll
C:\Windows\rpcminer\openldap.dll
C:\Windows\rpcminer\rpcminer-4way.exe
C:\Windows\rpcminer\rpcminer-cpu.exe
C:\Windows\rpcminer\rpcminer-cuda.exe
C:\Windows\rpcminer\rpcminer-opencl.exe
C:\Windows\rpcminer\ssleay32.dll
C:\Windows\sysdriver32.exe
C:\Windows\sysdriver32_.exe
C:\Windows\system32\consrv.dll
c:\windows\ufa
C:\Windows\ufa.rar
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
C:\Windows\update.5.0
C:\Windows\update.5.0\svchost.exe
c:\windows\update.tray-14-0-lnk
c:\windows\update.tray-14-0-lnk\svchost.exe
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\svchost.exe
c:\windows\update.tray-7-0
c:\windows\update.tray-7-0\svchost.exe
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-9-0-lnk\svchost.exe
c:\windows\update.tray-9-0
c:\windows\update.tray-9-0\svchost.exe
C:\Windows\winsetupapi.log


((((((((((((((((((((((((( Soubory vytvořené od 2011-10-05 do 2011-11-05 )))))))))))))))))))))))))))))))


2011-11-05 21:52:40 . 2011-11-05 21:52:40 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2961A00F-1356-4F30-A78E-BAE84F143439}\offreg.dll
2011-11-05 21:51:17 . 2011-11-05 21:51:17 -------- d-----w- C:\Users\Default\AppData\Local\temp
2011-11-05 17:42:03 . 2011-11-05 17:42:03 -------- d-sh--w- C:\Windows\system32\%APPDATA%
2011-11-05 17:04:54 . 2011-11-05 17:04:54 -------- d-----w- C:\Windows\system32\Macromed
2011-11-05 16:07:19 . 2011-11-05 16:07:20 -------- d-----w- C:\Program Files\CCleaner
2011-11-05 15:45:30 . 2011-11-05 15:51:59 -------- d-----w- C:\Program Files\trend micro
2011-11-05 15:45:30 . 2011-11-05 15:45:50 -------- d-----w- C:\rsit
2011-11-01 19:38:53 . 2011-11-01 19:46:28 -------- d-----w- C:\Users\Pepor\AppData\Local\Solid State Networks
2011-11-01 19:31:17 . 2011-09-06 21:38:16 301912 ----a-w- C:\Windows\system32\drivers\aswSP.sys
2011-11-01 19:31:17 . 2011-09-06 21:36:14 24408 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys
2011-11-01 19:31:16 . 2011-09-06 21:36:41 42328 ----a-w- C:\Windows\system32\drivers\aswRdr.sys
2011-11-01 19:31:14 . 2011-09-06 21:36:41 58200 ----a-w- C:\Windows\system32\drivers\aswTdi.sys
2011-11-01 19:31:13 . 2011-09-06 21:38:18 601944 ----a-w- C:\Windows\system32\drivers\aswSnx.sys
2011-11-01 19:31:10 . 2011-09-06 21:45:17 254400 ----a-w- C:\Windows\system32\aswBoot.exe
2011-11-01 19:31:10 . 2011-09-06 21:36:30 65368 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2011-11-01 19:30:50 . 2011-09-06 21:45:29 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-01 19:30:50 . 2011-09-06 21:45:29 199304 ----a-w- C:\Windows\SysWow64\aswBoot.exe
2011-11-01 19:14:08 . 2011-11-01 19:14:08 -------- d--h--w- C:\Windows\update.tray-14-0
2011-11-01 19:12:20 . 2011-11-01 19:12:29 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-11-01 19:12:16 . 2011-11-01 19:14:22 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-11-01 18:00:43 . 2011-11-01 18:00:43 -------- d-----w- C:\Program Files (x86)\Common Files\SWF Studio
2011-10-29 15:15:01 . 2011-11-02 16:18:32 -------- d-----w- C:\Users\Pepor\AppData\Local\Ubisoft Game Launcher
2011-10-26 17:08:25 . 2011-10-26 17:08:28 -------- d-----w- C:\Users\Pepor\AppData\Local\Ilivid Player
2011-10-26 17:07:33 . 2011-11-01 16:45:21 -------- d-----w- C:\Program Files (x86)\iLivid
2011-10-26 17:07:17 . 2011-10-26 17:07:17 -------- d-----w- C:\Program Files (x86)\Windows iLivid Toolbar
2011-10-26 17:07:14 . 2011-10-26 17:07:28 -------- d-----w- C:\Program Files (x86)\SearchCore for Browsers
2011-10-26 16:40:26 . 2011-10-27 06:12:11 -------- d-----w- C:\Program Files (x86)\Cain
2011-10-26 16:36:22 . 2011-11-01 16:23:21 -------- d-----w- C:\Program Files (x86)\Passware
2011-10-26 08:42:26 . 2011-08-13 05:27:19 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2011-10-26 08:42:26 . 2011-08-13 04:18:25 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2011-10-25 12:46:13 . 2011-10-07 04:16:03 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2961A00F-1356-4F30-A78E-BAE84F143439}\mpengine.dll
2011-10-12 19:45:59 . 2011-08-27 05:37:49 861696 ----a-w- C:\Windows\system32\oleaut32.dll
2011-10-12 19:45:59 . 2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-10 15:10:08 . 2011-10-10 15:10:08 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-11-05 20:55:11 . 2011-08-04 18:48:04 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-11-05 20:55:11 . 2010-02-01 14:00:19 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-11-05 20:54:09 . 2010-02-01 14:00:24 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-11-05 17:04:57 . 2011-05-31 19:19:47 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-23 17:05:40 . 2011-09-23 17:05:40 0 ---ha-w- C:\Users\Pepor\AppData\Local\BITD02A.tmp
2011-08-23 11:45:54 . 2011-08-23 11:45:54 98304 ----a-w- C:\Windows\SysWow64\CmdLineExt.dll


((((((((((((((((((((((((((((( SnapShot@2011-11-05_16.27.42 )))))))))))))))))))))))))))))))))))))))))

- 2009-07-14 04:54:17 . 2011-11-05 15:42:39 49152 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54:17 . 2011-11-05 17:04:04 49152 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54:17 . 2011-11-05 17:04:04 49152 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54:17 . 2011-11-05 15:42:39 49152 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:17 . 2011-11-05 17:04:04 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54:17 . 2011-11-05 15:42:39 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-09-15 15:38:32 . 2011-11-05 17:04:04 16384 C:\Windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
- 2011-09-15 15:38:32 . 2011-09-15 15:39:29 16384 C:\Windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-28 17:10:16 . 2011-11-05 19:34:36 42516 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10:35 . 2011-11-05 16:29:03 40106 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10:35 . 2011-11-05 19:34:36 40106 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-18 14:44:50 . 2011-11-05 19:34:36 13328 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2554985622-1061476484-448106127-1000_UserData.bin
+ 2010-01-19 05:38:33 . 2011-11-05 21:33:58 32768 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54:19 . 2011-11-05 21:33:58 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-05 17:08:10 . 2011-11-05 17:08:10 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2011-11-05 17:42:03 . 2011-11-05 21:33:58 16384 C:\Windows\system32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2010-12-27 08:51:56 . 2011-11-05 19:33:19 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-27 08:51:56 . 2011-11-05 16:27:54 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46:26 . 2011-11-05 16:32:13 96016 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-27 08:51:56 . 2011-11-05 19:33:19 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-27 08:51:56 . 2011-11-05 16:27:54 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-27 08:51:56 . 2011-11-05 19:33:19 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-27 08:51:56 . 2011-11-05 16:27:54 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-18 14:47:53 . 2011-11-05 21:52:30 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-18 14:47:53 . 2011-11-05 16:27:27 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-18 14:47:53 . 2011-11-05 16:27:27 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-18 14:47:53 . 2011-11-05 21:52:30 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-05 21:52:19 . 2011-11-05 21:52:19 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-05 16:27:10 . 2011-11-05 16:27:10 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-05 21:52:19 . 2011-11-05 21:52:19 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-05 16:27:10 . 2011-11-05 16:27:10 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-01 19:52:34 . 2011-11-01 19:56:49 247968 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
+ 2011-11-01 19:52:34 . 2011-11-05 17:04:57 247968 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
- 2011-11-01 19:52:34 . 2011-11-01 19:56:49 335520 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.dll
+ 2011-11-01 19:52:34 . 2011-11-05 17:04:57 335520 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.dll
- 2010-01-24 13:06:29 . 2011-11-05 15:42:39 262144 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-01-24 13:06:29 . 2011-11-05 16:52:05 262144 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 02:36:59 . 2011-11-05 19:38:58 618158 C:\Windows\system32\perfh009.dat
- 2009-07-14 02:36:59 . 2011-11-05 15:40:51 618158 C:\Windows\system32\perfh009.dat
- 2009-11-23 04:49:24 . 2011-11-05 15:40:51 633442 C:\Windows\system32\perfh005.dat
+ 2009-11-23 04:49:24 . 2011-11-05 19:38:58 633442 C:\Windows\system32\perfh005.dat
- 2009-07-14 02:36:59 . 2011-11-05 15:40:51 107438 C:\Windows\system32\perfc009.dat
+ 2009-07-14 02:36:59 . 2011-11-05 19:38:58 107438 C:\Windows\system32\perfc009.dat
+ 2009-11-23 04:49:24 . 2011-11-05 19:38:58 122964 C:\Windows\system32\perfc005.dat
- 2009-11-23 04:49:24 . 2011-11-05 15:40:51 122964 C:\Windows\system32\perfc005.dat
+ 2011-11-05 17:04:55 . 2011-11-05 17:04:55 461984 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_0_1_ActiveX.exe
+ 2011-11-05 17:04:55 . 2011-11-05 17:04:55 376480 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_0_1_ActiveX.dll
+ 2010-01-19 05:38:33 . 2011-11-05 21:33:58 131072 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 05:01:48 . 2011-11-05 21:51:35 313700 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01:48 . 2011-11-05 16:26:27 313700 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

-- Snímek resetován k současnému datu --

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41:42 120104 ----a-w- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 13:25:17 1475584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 22:42:32 261888]
"EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 21:09:34 199464]
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" [2009-11-01 23:40:52 1100368]
"ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 22:18:26 419112]
"PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-06 03:15:10 181480]
"ATICustomerCare"="C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 15:05:02 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 05:42:46 305448]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 00:31:46 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;C:\Windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 16:10:10 57184]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
S2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 22:44:58 844320]
S2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe [2009-07-14 01:39:46 27136]
S2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 22:42:28 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 00:31:58 144640]
S3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 hidshim;Service for HID-KMDF Shim layer;C:\Windows\system32\DRIVERS\hidshim.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys [x]
S3 nuvotonhidgeneric;Nuvoton EC Generic HID;C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys [x]



--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-01-25 12:24:59 1057160 ----a-w- C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44:06 137512 ----a-w- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 02:03:32 186904]
"mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-11 05:42:30 349480]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2009-10-03 20:01:00 16395880]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-03 02:51:30 8312352]
"SynTPEnh"="C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"PLFSetI"="C:\Windows\PLFSetI.exe" [2009-11-23 04:05:27 200704]
"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 22:45:20 823840]
"combofix"="C:\ComboFix\CF24569.3XE" [2010-11-20 13:24:33 345088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll

------- Doplňkový sken -------

uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}\165747F63796D696: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}\A596B69702: DhcpNameServer = 192.168.1.1

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)



--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

------------------------ Jiné spuštené procesy ------------------------

C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

**************************************************************************

Celkový čas: 2011-11-05 22:58:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-05 21:58:06
ComboFix2.txt 2011-11-05 16:32:49

Před spuštěním: Volných bajtů: 283 379 757 056
Po spuštění: Volných bajtů: 283 346 698 240

- - End Of File - - 731573A68F4F9B3A77EA0E28676E711A

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir žádám o pomoc

#10 Příspěvek od vyosek »

Jeste jeden skript pro ComboFxi - postup je stejny - log pak opet sem

Kód: Vybrat vše

KillAll::

Folder::
C:\Windows\update.tray-14-0
C:\Windows\update.tray-14-0-lnk

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

DirLook::
C:\Windows\system32\%APPDATA%

Reboot::
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Pepa
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 05 lis 2011 16:34

Re: Facebook vir žádám o pomoc

#11 Příspěvek od Pepa »

ComboFix 11-11-05.03 - Pepor 05.11.2011 23:22:53.3.2 - x64
Spuštěný z: c:\combofix\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pepor\Desktop\CFScript.txt.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\update.tray-14-0
c:\windows\update.tray-14-0\svchost.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-05 do 2011-11-05 )))))))))))))))))))))))))))))))
.
.
2011-11-05 22:28 . 2009-11-04 21:14 6231376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{036B4951-C9DA-4F45-8EE1-59CAB44D6B0B}\mpengine.dll
2011-11-05 22:27 . 2011-11-05 22:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-05 21:59 . 2011-11-05 22:29 -------- d-----w- c:\users\Pepor\AppData\Local\temp
2011-11-05 17:42 . 2011-11-05 17:42 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-11-05 17:04 . 2011-11-05 17:04 -------- d-----w- c:\windows\system32\Macromed
2011-11-05 16:07 . 2011-11-05 16:07 -------- d-----w- c:\program files\CCleaner
2011-11-05 15:45 . 2011-11-05 15:51 -------- d-----w- c:\program files\trend micro
2011-11-05 15:45 . 2011-11-05 15:45 -------- d-----w- C:\rsit
2011-11-01 19:38 . 2011-11-01 19:46 -------- d-----w- c:\users\Pepor\AppData\Local\Solid State Networks
2011-11-01 19:31 . 2011-09-06 21:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-01 19:31 . 2011-09-06 21:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-01 19:31 . 2011-09-06 21:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-01 19:31 . 2011-09-06 21:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-01 19:31 . 2011-09-06 21:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-01 19:31 . 2011-09-06 21:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-01 19:31 . 2011-09-06 21:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-01 19:30 . 2011-09-06 21:45 41184 ----a-w- c:\windows\avastSS.scr
2011-11-01 19:30 . 2011-09-06 21:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-01 19:12 . 2011-11-01 19:12 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-11-01 19:12 . 2011-11-01 19:14 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-01 18:00 . 2011-11-01 18:00 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio
2011-10-29 15:15 . 2011-11-02 16:18 -------- d-----w- c:\users\Pepor\AppData\Local\Ubisoft Game Launcher
2011-10-26 17:08 . 2011-10-26 17:08 -------- d-----w- c:\users\Pepor\AppData\Local\Ilivid Player
2011-10-26 17:07 . 2011-11-01 16:45 -------- d-----w- c:\program files (x86)\iLivid
2011-10-26 17:07 . 2011-10-26 17:07 -------- d-----w- c:\program files (x86)\Windows iLivid Toolbar
2011-10-26 17:07 . 2011-10-26 17:07 -------- d-----w- c:\program files (x86)\SearchCore for Browsers
2011-10-26 16:40 . 2011-10-27 06:12 -------- d-----w- c:\program files (x86)\Cain
2011-10-26 16:36 . 2011-11-01 16:23 -------- d-----w- c:\program files (x86)\Passware
2011-10-26 08:42 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 08:42 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-25 12:46 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2961A00F-1356-4F30-A78E-BAE84F143439}\mpengine.dll
2011-10-12 19:45 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 19:45 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-10 15:10 . 2011-10-10 15:10 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-05 20:55 . 2011-08-04 18:48 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-11-05 20:55 . 2010-02-01 14:00 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-11-05 20:54 . 2010-02-01 14:00 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-11-05 17:04 . 2011-05-31 19:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-23 17:05 . 2011-09-23 17:05 0 ---ha-w- c:\users\Pepor\AppData\Local\BITD02A.tmp
2011-08-23 11:45 . 2011-08-23 11:45 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\system32\%APPDATA% ----
.
2011-09-15 15:38 . 2011-11-05 17:04 16384 --sha-w- c:\windows\system32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
.
.
((((((((((((((((((((((((((((( SnapShot_2011-11-05_21.53.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-28 17:10 . 2011-11-05 22:06 42516 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-10-28 17:10 . 2011-11-05 19:34 42516 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-11-05 19:34 40106 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-05 22:06 40106 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-18 14:44 . 2011-11-05 22:06 13886 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2554985622-1061476484-448106127-1000_UserData.bin
+ 2010-12-27 08:51 . 2011-11-05 22:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-27 08:51 . 2011-11-05 19:33 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-27 08:51 . 2011-11-05 19:33 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-27 08:51 . 2011-11-05 22:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-27 08:51 . 2011-11-05 22:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-27 08:51 . 2011-11-05 19:33 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-18 14:47 . 2011-11-05 21:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-18 14:47 . 2011-11-05 22:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-18 14:47 . 2011-11-05 21:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-18 14:47 . 2011-11-05 22:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-31 20:16 . 2011-11-05 22:03 2102 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-11-05 21:52 . 2011-11-05 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-05 22:28 . 2011-11-05 22:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-05 22:28 . 2011-11-05 22:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-05 21:52 . 2011-11-05 21:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2011-11-05 22:09 618158 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-11-05 19:38 618158 c:\windows\system32\perfh009.dat
- 2009-11-23 04:49 . 2011-11-05 19:38 633442 c:\windows\system32\perfh005.dat
+ 2009-11-23 04:49 . 2011-11-05 22:09 633442 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-11-05 22:09 107438 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-11-05 19:38 107438 c:\windows\system32\perfc009.dat
- 2009-11-23 04:49 . 2011-11-05 19:38 122964 c:\windows\system32\perfc005.dat
+ 2009-11-23 04:49 . 2011-11-05 22:09 122964 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2011-11-05 21:51 313700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-11-05 22:27 313700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1100368]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-06 181480]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 nuvotonhidgeneric;Nuvoton EC Generic HID;c:\windows\system32\DRIVERS\nuvotonhidgeneric.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-11 349480]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 16395880]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-03 8312352]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-11-23 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}\165747F63796D696: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CC99B434-A51A-4B38-868E-A273B1F8B5C9}\A596B69702: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Celkový čas: 2011-11-05 23:33:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-05 22:33
ComboFix2.txt 2011-11-05 21:58
ComboFix3.txt 2011-11-05 16:32
.
Před spuštěním: Volných bajtů: 283 410 530 304
Po spuštění: Volných bajtů: 283 106 021 376
.
- - End Of File - - 6CA781A29E699F6FDC6A86CC93F2A07F

Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Facebook vir žádám o pomoc

#12 Příspěvek od vyosek »

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate :arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

:arrow: Dejte novy log z RSIT a napiste co PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.

Odpovědět