ComboFix 10-12-26.01 - CrasherKill 28.12.2010 23:00:00.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2396 [GMT 1:00]
Spuštěný z: c:\users\CrasherKill\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\CrasherKill\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FILE ::
"c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe"
"c:\windows\iun6002.exe"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files (x86)\ICQ6Toolbar
c:\program files (x86)\ICQ6Toolbar\config.xml
c:\program files (x86)\ICQ6Toolbar\Icons.bmp
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\ICQ6Toolbar\icq6Toolbar.ico
c:\program files (x86)\ICQ6Toolbar\ICQToolBar.dll
c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files (x86)\ICQ6Toolbar\logo_small.gif
c:\program files (x86)\ICQ6Toolbar\ServiceStarter.exe
c:\program files (x86)\ICQ6Toolbar\short.wav
c:\program files (x86)\ICQ6Toolbar\Version.txt
c:\program files (x86)\ICQ6Toolbar\voucher.bmp
c:\program files (x86)\ICQ6Toolbar\voucher2.bmp
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\windows\iun6002.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_ICQ Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-28 )))))))))))))))))))))))))))))))
.
2010-12-28 17:24 . 2010-12-28 17:24 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\Malwarebytes
2010-12-28 17:24 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-28 17:24 . 2010-12-28 17:24 -------- d-----w- c:\programdata\Malwarebytes
2010-12-28 17:18 . 2010-12-28 17:18 -------- d-----w- c:\users\CrasherKill\DoctorWeb
2010-12-28 16:21 . 2010-12-28 16:21 -------- d-----w- c:\programdata\Electronic Arts
2010-12-28 08:43 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04CE72AE-DE7B-4873-AB50-1276B043B341}\mpengine.dll
2010-12-26 14:10 . 2010-12-26 14:10 -------- d-----w- c:\users\CrasherKill\Můj film
2010-12-25 19:38 . 2010-12-25 19:38 -------- d-----w- c:\users\CrasherKill\AppData\Local\4A Games
2010-12-25 10:53 . 2010-12-25 11:02 -------- d-----w- c:\program files (x86)\Vietcong
2010-12-24 20:44 . 2010-12-24 20:45 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\TrueCrypt
2010-12-21 15:09 . 2010-12-21 15:09 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-12-21 15:09 . 2010-12-21 15:09 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\Adobe Mini Bridge CS5
2010-12-16 17:26 . 2003-04-16 00:10 110592 ----a-w- c:\windows\SysWow64\tsccvid.dll
2010-12-16 17:26 . 2010-12-16 17:26 -------- d-----w- c:\program files (x86)\CDVPlayer
2010-12-16 17:26 . 2010-12-22 17:50 466944 ------w- c:\windows\Setup1.exe
2010-12-16 17:26 . 2010-12-22 17:50 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-12-11 18:09 . 2010-12-11 18:09 -------- d--h--r- c:\users\CrasherKill\AppData\Roaming\SecuROM
2010-12-11 16:07 . 2010-12-11 16:07 -------- d-----w- c:\windows\DEA314C409294250BC9298E4C105F28D.TMP
2010-12-07 15:34 . 2010-12-07 15:34 15823872 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2010-12-07 15:34 . 2010-12-07 15:34 786492 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2010-12-07 15:34 . 2010-12-07 15:34 107008 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2010-12-04 16:09 . 2010-12-04 16:09 -------- d-----w- c:\program files (x86)\Ubisoft
2010-11-30 20:22 . 2010-11-30 20:22 -------- d-----w- c:\users\CrasherKill\AppData\Local\Xenocode
2010-11-30 20:22 . 2010-11-30 20:22 -------- d-----w- c:\program files (x86)\Xenocode
2010-11-30 19:39 . 2010-11-30 19:39 75776 ----a-w- c:\windows\cadkasdeinst01e.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-28 22:04 . 2010-09-16 17:47 25640 ----a-w- c:\windows\gdrv.sys
2010-12-13 17:42 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2010-12-13 17:42 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-11-23 19:27 . 2010-10-21 19:46 234984 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2010-11-23 19:27 . 2010-10-21 18:56 234984 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2010-11-23 19:27 . 2010-10-21 18:56 234984 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2010-11-23 18:41 . 2010-10-21 18:56 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-11-17 06:53 . 2010-11-17 06:53 411368 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-10-31 20:49 . 2010-11-05 19:58 6291456 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Internet Explorer\Call of Duty Black Ops.exe
2010-10-20 21:59 . 2010-10-20 11:15 112116 ----a-w- c:\users\CrasherKill\AppData\Roaming\mdbu.bin
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\SysWow64\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2010-10-01 18:05 . 2010-09-18 14:35 5018 --sha-w- c:\programdata\KGyGaAvL.sys
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\DEA314C409294250BC9298E4C105F28D.TMP ----
2010-12-11 16:07 . 2010-12-11 16:07 200704 ----a-w- c:\windows\DEA314C409294250BC9298E4C105F28D.TMP\WiseCustomCalla.dll
((((((((((((((((((((((((((((( SnapShot@2010-12-28_18.28.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2010-12-28 08:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2010-12-28 22:04 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2010-12-28 08:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2010-12-28 22:04 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2010-12-28 08:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2010-12-28 22:04 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-16 19:54 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 19:54 . 2010-12-28 22:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 19:54 . 2010-12-28 22:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-09-16 19:54 . 2010-12-28 08:39 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-16 19:54 . 2010-12-28 22:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-16 19:54 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-16 18:18 . 2010-12-28 22:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 18:18 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 18:18 . 2010-12-28 22:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-16 18:18 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-28 08:39 . 2010-12-28 08:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-12-28 22:04 . 2010-12-28 22:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-12-28 08:39 . 2010-12-28 08:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-12-28 22:04 . 2010-12-28 22:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2010-12-27 19:42 618714 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2010-12-28 20:45 618714 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2010-12-27 19:42 634308 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2010-12-28 20:45 634308 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2010-12-28 20:45 107034 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2010-12-27 19:42 107034 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2010-12-27 19:42 122898 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2010-12-28 20:45 122898 c:\windows\system32\perfc005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\program files (x86)\RocketDock\RocketDock.exe" [2007-03-18 630784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="e:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
"Adobe Reader Speed Launcher"="e:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 136176]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys [2009-05-05 508672]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-18 1436424]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-16 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-16 834544]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 203264]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 673792]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-06 2002728]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-04-19 1401672]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 7767040]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 279040]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-25 11856]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
2010-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 07:40]
2010-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 07:40]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF12842.cfxxe" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
"Corel Photo Downloader"="c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
hxxp://www.seznam.cz/mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.seznam.cz/FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QuickStores-Toolbar:
quickstores@quickstores.de - c:\program files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: HP Smart Web Printing:
smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: HP Smart Web Printing:
smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-ICQToolbar - c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-WYSIWYG_Web_Builder_7 - c:\windows\iun6002.exe
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3199945752-1232938285-4007699256-1000\Software\SecuROM\License information*]
"datasecu"=hex:ef,82,56,5d,0c,2a,49,c5,d8,02,72,f1,41,48,23,44,f4,d1,5a,00,ca,
45,f2,df,f9,2e,dd,8c,25,07,1f,14,34,ca,a0,27,09,0f,64,34,93,44,4c,57,8a,3a,\
"rkeysecu"=hex:27,49,52,9a,85,ae,e3,e5,f1,c8,c0,10,6c,a0,9a,95
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PSIService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\TeamViewer\Version5\TeamViewer.exe
.
**************************************************************************
.
Celkový čas: 2010-12-28 23:07:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-28 22:07
ComboFix2.txt 2010-12-28 18:31
Před spuštěním: Volných bajtů: 84 262 162 432
Po spuštění: Volných bajtů: 83 676 069 888
- - End Of File - - DB6BBC38C2F178B2D34C2DB4EF3024EB
Jen pro kontrolu jestli tam není něco zbytečně a tak. Díky
