Internet - problem

[romco37]

Ahojte, mam tu trosku viac problemov a neviem do ktorej temy to napisat, Mam internet spolocne so susedom. Stale mi vsak odpaja kabel lebo vravi, ze ked je moj pocitac pripojeny na siet tak mu nejde vobec internet, vravi ze mam nejaky virus ktory jak sa pripojim vytazuje naplno internet, dalsi problem mam ked otvorim nejaky priecinok, tak mi vyhadzuje stale chybu explorer.exe neodpovida. Vedel by mi stym niekto poradit? diky moc

[vyosek]

Zdravim a pekny den preji

Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

Dejte log z RSIT at se podivame ci tam neco je

[romco37]

Ahoj, LOG som dal uz do tejto temy, lebo osm nevedel kde mam ten problem umiestnit: http://viry.cz/forum/viewtopic.php?f=13&t=116018 Diki moc

[vyosek]

Ja si dam log sem, tamto tema zavru

Logfile of random's system information tool 1.09 (written by random/random)
Run by Moták at 2011-10-11 12:40:45
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (8%) free of 30 GB
Total RAM: 2046 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:40:56, on 11.10.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Documents and Settings\Moták\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Moták.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.skype.com/go/help.guides.ieaddon?lang=CS
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [DriverCD] E:\Run.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [VMonitorVMUVC] "C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: RocketDock.lnk = C:\Program Files\RocketDock\RocketDock.exe
O4 - Global Startup: VisualTaskTips.lnk = C:\Program Files\VisualTaskTips\VisualTaskTips.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Moták\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

--
End of file - 11509 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-573735546-682003330-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-573735546-682003330-1005UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.toggle.com/en/index.php?rvs=hompag"
prefs.js - "extensions.enabledItems" - "engine@conduit.com:3.3.3.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... ^YY^SK&&q="

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\extensions\
engine@conduit.com
toolbar@ask.com

C:\Documents and Settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\searchplugins\
askcom.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"BCU"=C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"DriverCD"=E:\Run.exe []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-04-30 19523616]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-05-01 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-05-01 13672040]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2007-05-18 323584]
"VMonitorVMUVC"=C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe [2007-12-20 135168]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-08-23 887976]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-08-19 421736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"Google Update"=C:\Documents and Settings\Moták\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-06-05 136176]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2010-02-04 93376]
"BitTorrent"=C:\Program Files\BitTorrent\BitTorrent.exe [2011-09-14 4992880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe [2011-01-23 233936]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
RocketDock.lnk - C:\Program Files\RocketDock\RocketDock.exe
VisualTaskTips.lnk - C:\Program Files\VisualTaskTips\VisualTaskTips.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-12-27 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe"="C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:*:Enabled:Medal of Honor Airborne"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Disabled:Run a DLL as an App"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"F:\HRY\Counter strike\hl.exe"="F:\HRY\Counter strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-10-11 12:40:45 ----D---- C:\rsit
2011-10-11 12:40:45 ----D---- C:\Program Files\trend micro
2011-10-11 10:51:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Martau
2011-10-11 10:51:09 ----D---- C:\Program Files\Total Uninstall 5
2011-10-11 10:43:24 ----D---- C:\WINDOWS\LastGood
2011-10-07 20:41:04 ----D---- C:\Program Files\iPod
2011-09-28 15:51:41 ----A---- C:\WINDOWS\iun6002.exe
2011-09-28 15:51:35 ----D---- C:\Program Files\Codec Pack - All In 1
2011-09-25 15:59:05 ----SHD---- C:\Config.Msi
2011-09-20 12:44:38 ----D---- C:\Program Files\Common Files\DirectX
2011-09-18 08:42:35 ----D---- C:\Program Files\Ask.com
2011-09-18 08:41:02 ----A---- C:\WINDOWS\system32\msvcp71.dll
2011-09-15 12:56:34 ----D---- C:\Program Files\QuickTime
2011-09-15 12:49:21 ----D---- C:\Program Files\Bonjour
2011-09-14 15:22:25 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-09-14 15:22:25 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-09-14 15:22:23 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-09-14 15:22:23 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-09-14 15:22:23 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-09-14 15:22:22 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-09-14 15:22:22 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-09-14 15:22:21 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-09-14 15:22:11 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-09-14 15:22:11 ----A---- C:\WINDOWS\avastSS.scr
2011-09-14 15:22:01 ----D---- C:\Program Files\AVAST Software
2011-09-14 15:22:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-09-14 15:08:00 ----D---- C:\Program Files\BitTorrent
2011-09-14 15:07:20 ----D---- C:\Documents and Settings\Moták\Data aplikací\BitTorrent

======List of files/folders modified in the last 1 month======

2011-10-11 12:40:52 ----D---- C:\WINDOWS\Prefetch
2011-10-11 12:40:45 ----RD---- C:\Program Files
2011-10-11 12:29:58 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-11 10:53:43 ----HD---- C:\WINDOWS\inf
2011-10-11 10:53:43 ----D---- C:\WINDOWS
2011-10-11 10:53:35 ----D---- C:\WINDOWS\Temp
2011-10-11 10:53:35 ----D---- C:\WINDOWS\system32\drivers
2011-10-11 10:53:28 ----D---- C:\WINDOWS\system32\inetsrv
2011-10-11 10:46:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-10-11 10:43:23 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-11 10:27:22 ----D---- C:\WINDOWS\Registration
2011-10-11 00:26:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-10 08:51:56 ----D---- C:\Documents and Settings\Moták\Data aplikací\Media Player Classic
2011-10-10 08:51:54 ----D---- C:\Documents and Settings\Moták\Data aplikací\Skype
2011-10-10 08:51:52 ----D---- C:\WINDOWS\Minidump
2011-10-07 20:42:20 ----SHD---- C:\WINDOWS\Installer
2011-10-07 20:41:44 ----D---- C:\Program Files\iTunes
2011-10-07 20:41:03 ----D---- C:\Program Files\Common Files\Apple
2011-10-02 17:00:21 ----D---- C:\Program Files\Mozilla Firefox
2011-10-02 09:53:51 ----A---- C:\WINDOWS\win.ini
2011-09-28 20:05:44 ----A---- C:\memory.txt
2011-09-28 15:51:50 ----D---- C:\WINDOWS\system32
2011-09-28 15:47:43 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-09-28 15:35:34 ----D---- C:\Documents and Settings\Moták\Data aplikací\Apple Computer
2011-09-23 00:01:27 ----SD---- C:\WINDOWS\Tasks
2011-09-21 14:50:09 ----D---- C:\Documents and Settings\Moták\Data aplikací\vlc
2011-09-20 12:44:38 ----D---- C:\Program Files\Common Files
2011-09-18 11:03:22 ----RSD---- C:\WINDOWS\Fonts
2011-09-18 00:27:38 ----D---- C:\Program Files\DivX
2011-09-18 00:27:30 ----D---- C:\WINDOWS\WinSxS
2011-09-14 16:17:09 ----D---- C:\Program Files\Winrar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-30 6032928]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-05-01 10308640]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VMUVC;Vimicro Camera Service VMUVC; C:\WINDOWS\System32\Drivers\VMUVC.sys [2010-01-12 252928]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\WINDOWS\system32\drivers\vvftUVC.sys [2008-07-01 398720]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-05-18 2319680]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\WINDOWS\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 PAC7302;Trust WB-3420N HIRS Webcam Live; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-12-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-12-27 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-17 15872]
R2 MotoConnect Service;MotoConnect Service; C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe [2010-04-29 91456]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-05-01 154216]
R2 PnkBstrA;PunkBuster; C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-17 15872]
R2 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-17 15872]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 821096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-06 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-06 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]

-----------------EOF-----------------

[vyosek]

Uvolnete volne misto na disku alespon na 5 giga system se dusi

Proc tam nemate ServicePack 3? Resi mnoho problemu a chyb

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost 2 a potvrte enterem
• Utilita provede svou cinnost a da log - ten sem vlozte
• Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

[romco37]

ok diky, disk som ako tak vycistil, servis pack ten nemam lebo nemam moc legalne windows a tie logy su tu :

RogueKiller V6.1.2 [10/07/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User: Moták [Admin rights]
Mode: Remove -- Date : 10/11/2011 18:15:08

Bad processes: 0

Registry Entries: 1
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver: [LOADED]

HOSTS File:
127.0.0.1 localhost


Finished : << RKreport[1].txt >>
RKreport[1].txt

[romco37]

RogueKiller V6.1.2 [10/07/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User: Moták [Admin rights]
Mode: HOSTSFix -- Date : 10/11/2011 18:18:25

Bad processes: 0

Driver: [LOADED]

HOSTS File:
127.0.0.1 localhost


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

[romco37]

RogueKiller V6.1.2 [10/07/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User: Moták [Admin rights]
Mode: ProxyFix -- Date : 10/11/2011 18:18:36

Bad processes: 0

Driver: [LOADED]

Registry Entries: 0

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[tosed]

Ak nemáte legálny win., tak Vás tu na tomto fóre určite nepochvália!

[vyosek]

nemam moc legalne windows

Pravidla fora hovori jasne ohledne legalniho OS...

Pokud se to bude opakovat, bude pomoc odmitnuta. Nyni to dokoncime kdyz uz jsme to nacali...Ovsem uspech nezarucuji - nelegalni system se obcas chova podivne

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[romco37]

ComboFix 11-10-11.02 - Moták 11.10.2011 21:54:26.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1569 [GMT 2:00]
Spuštěný z: c:\documents and settings\Motßk\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\system32\Cache
c:\windows\system32\d3d9caps.dat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-11 do 2011-10-11 )))))))))))))))))))))))))))))))
.
.
2011-10-11 16:14 . 2011-10-11 16:19 111744 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2011-10-11 10:40 . 2011-10-11 10:40 -------- d-----w- C:\rsit
2011-10-11 10:40 . 2011-10-11 10:40 -------- d-----w- c:\program files\trend micro
2011-10-07 18:41 . 2011-10-07 18:41 -------- d-----w- c:\program files\iPod
2011-09-28 13:51 . 2011-09-28 13:51 -------- d-----w- c:\program files\Codec Pack - All In 1
2011-09-20 10:44 . 2011-09-20 10:45 -------- d-----w- c:\documents and settings\Moták\Local Settings\Data aplikací\NFS Underground 2
2011-09-20 10:44 . 2011-09-20 10:44 -------- d-----w- c:\program files\Common Files\DirectX
2011-09-18 08:59 . 2011-09-18 08:59 -------- d-----w- c:\documents and settings\Moták\Local Settings\Data aplikací\AskToolbar
2011-09-18 06:42 . 2011-09-22 22:01 -------- d-----w- c:\program files\Ask.com
2011-09-18 06:41 . 2011-06-14 06:35 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-09-15 10:49 . 2011-09-15 10:49 -------- d-----w- c:\program files\Bonjour
2011-09-14 13:22 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-14 13:22 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-14 13:22 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-14 13:22 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-14 13:22 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-14 13:22 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-14 13:22 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-14 13:22 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-14 13:22 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-09-14 13:22 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-14 13:22 . 2011-09-14 13:22 -------- d-----w- c:\program files\AVAST Software
2011-09-14 13:22 . 2011-09-14 13:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-09-14 13:08 . 2011-09-14 13:08 -------- d-----w- c:\program files\BitTorrent
2011-09-14 13:07 . 2011-10-11 16:14 -------- d-----w- c:\documents and settings\Moták\Data aplikací\BitTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-02 15:00 . 2011-05-07 13:01 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sfcfiles.dll
[-] 2007-12-27 . 0C2F6B6366E23D7362EB2C2EC29262F6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2010-02-04 93376]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-09-14 4992880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-05-01 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-01 13672040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-05-18 323584]
"VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" [2007-12-20 135168]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
RocketDock.lnk - c:\program files\RocketDock\RocketDock.exe [N/A]
VisualTaskTips.lnk - c:\program files\VisualTaskTips\VisualTaskTips.exe [2007-9-5 36352]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7337:TCP"= 7337:TCP:BitComet 7337 TCP
"7337:UDP"= 7337:UDP:BitComet 7337 UDP
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.9.2011 15:22 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.9.2011 15:22 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.9.2011 15:22 20568]
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [15.10.2009 15:06 223464]
R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [22.4.2011 17:08 91456]
R3 TrueSight;TrueSight;c:\windows\system32\drivers\TrueSight.sys [11.10.2011 18:14 111744]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [26.4.2011 18:25 252928]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [26.4.2011 18:25 398720]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.2.2011 21:01 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4.3.2011 18:36 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6.2.2011 21:01 136176]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [2.2.2011 17:44 21648]
S4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 20:19 13592]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - TRUESIGHT
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2011-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-06 19:01]
.
2011-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-06 19:01]
.
2011-09-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2011-10-11 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 19:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.toggle.com/en/index.php?rvs=hompag
mStart Page = hxxp://www.toggle.com/en/index.php?rvs=hompag
uInternet Connection Wizard,ShellNext = hxxp://www.skype.com/go/help.guides.ieaddon?lang=CS
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\documents and settings\Moták\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 195.160.182.1 62.169.168.82
FF - ProfilePath - c:\documents and settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.toggle.com/en/index.php?rvs=hompag
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WCL2&o=100000083&locale=en_EU&apn_uid=ECFA2BB4-FA12-4A46-9AE8-512D746C0D1F&apn_ptnrs=^AA3&apn_sauid=0DA88044-9D5C-43D4-A9C7-D7CDBDF64A63&apn_dtid=^YYYYYY^YY^SK&&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-DriverCD - E:\Run.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-11 22:00
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-10-11 22:02:48
ComboFix-quarantined-files.txt 2011-10-11 20:02
.
Před spuštěním: Volných bajtů: 11 316 146 176
Po spuštění: Volných bajtů: 11 358 674 944
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BAA92237E8D3C3E7739A74CC128A983E

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  C:\WINDOWS\tasks\AppleSoftwareUpdate.job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-573735546-682003330-1005Core.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-573735546-682003330-1005UA.job
  C:\WINDOWS\tasks\MP Scheduled Scan.job
  C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
  C:\Documents and Settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\searchplugins\askcom.xml
  C:\Documents and Settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\extensions\toolbar@ask.com
  C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
  C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk
  
  Folder::
  C:\Program Files\Ask.com
  
  Driver::
  gupdate
  gupdatem
  
  Registry::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "NeroFilterCheck"=-
  "QuickTime Task"=-
  "DivXUpdate"=-
  ""=-
  "ApnUpdater"=-
  "iTunesHelper"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
  [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  
  DDS::
  uStart Page = hxxp://www.toggle.com/en/index.php?rvs=hompag
  mStart Page = hxxp://www.toggle.com/en/index.php?rvs=hompag
  uInternet Connection Wizard,ShellNext = hxxp://www.skype.com/go/help.guides.ieaddon?lang=CS
  
  Firefox::
  FF - ProfilePath - c:\documents and settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
  FF - prefs.js: browser.search.selectedEngine - Ask.com
  FF - prefs.js: browser.startup.homepage - hxxp://www.toggle.com/en/index.php?rvs=hompag
  FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... apn_ptnrs=^AA3&apn_sauid=0DA88044-9D5C-43D4-A9C7-D7CDBDF64A63&apn_dtid=^YYYYYY^YY^SK&&q=
  
  AtJob::
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[romco37]

ComboFix 11-10-11.02 - Moták 12.10.2011 12:40:08.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1306 [GMT 2:00]
Spuštěný z: c:\documents and settings\Motßk\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Motßk\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-12 do 2011-10-12 )))))))))))))))))))))))))))))))
.
.
2011-10-12 05:50 . 2011-10-12 05:50 -------- d-----w- c:\windows\system32\xircom
2011-10-12 05:50 . 2011-10-12 05:50 -------- d-----w- c:\windows\system32\wbem\snmp
2011-10-12 05:50 . 2011-10-12 05:50 -------- d-----w- c:\program files\microsoft frontpage
2011-10-11 16:14 . 2011-10-11 16:19 111744 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2011-10-11 10:40 . 2011-10-11 10:40 -------- d-----w- C:\rsit
2011-10-11 10:40 . 2011-10-11 10:40 -------- d-----w- c:\program files\trend micro
2011-10-07 18:41 . 2011-10-07 18:41 -------- d-----w- c:\program files\iPod
2011-09-28 13:51 . 2011-09-28 13:51 -------- d-----w- c:\program files\Codec Pack - All In 1
2011-09-20 10:44 . 2011-09-20 10:45 -------- d-----w- c:\documents and settings\Moták\Local Settings\Data aplikací\NFS Underground 2
2011-09-20 10:44 . 2011-09-20 10:44 -------- d-----w- c:\program files\Common Files\DirectX
2011-09-18 08:59 . 2011-09-18 08:59 -------- d-----w- c:\documents and settings\Moták\Local Settings\Data aplikací\AskToolbar
2011-09-18 06:42 . 2011-09-22 22:01 -------- d-----w- c:\program files\Ask.com
2011-09-18 06:41 . 2011-06-14 06:35 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-09-15 10:49 . 2011-09-15 10:49 -------- d-----w- c:\program files\Bonjour
2011-09-14 13:22 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-14 13:22 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-14 13:22 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-14 13:22 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-14 13:22 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-14 13:22 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-14 13:22 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-14 13:22 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-14 13:22 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-09-14 13:22 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-14 13:22 . 2011-09-14 13:22 -------- d-----w- c:\program files\AVAST Software
2011-09-14 13:22 . 2011-09-14 13:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-09-14 13:08 . 2011-09-14 13:08 -------- d-----w- c:\program files\BitTorrent
2011-09-14 13:07 . 2011-10-12 10:46 -------- d-----w- c:\documents and settings\Moták\Data aplikací\BitTorrent
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-02 15:00 . 2011-05-07 13:01 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sfcfiles.dll
[-] 2007-12-27 . 0C2F6B6366E23D7362EB2C2EC29262F6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-10-11_20.00.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-23 16:52 . 2011-10-12 10:40 224439 c:\windows\system32\inetsrv\MetaBase.bin
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2010-02-04 93376]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-09-14 4992880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-05-01 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-01 13672040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-05-18 323584]
"VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" [2007-12-20 135168]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
RocketDock.lnk - c:\program files\RocketDock\RocketDock.exe [N/A]
VisualTaskTips.lnk - c:\program files\VisualTaskTips\VisualTaskTips.exe [2007-9-5 36352]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7337:TCP"= 7337:TCP:BitComet 7337 TCP
"7337:UDP"= 7337:UDP:BitComet 7337 UDP
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.9.2011 15:22 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.9.2011 15:22 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.9.2011 15:22 20568]
R2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [15.10.2009 15:06 223464]
R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [22.4.2011 17:08 91456]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [26.4.2011 18:25 252928]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [26.4.2011 18:25 398720]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.2.2011 21:01 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4.3.2011 18:36 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6.2.2011 21:01 136176]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [2.2.2011 17:44 21648]
S3 TrueSight;TrueSight;c:\windows\system32\drivers\TrueSight.sys [11.10.2011 18:14 111744]
S4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 20:19 13592]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2011-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-06 19:01]
.
2011-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-06 19:01]
.
2011-09-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2011-10-12 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 19:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.toggle.com/en/index.php?rvs=hompag
mStart Page = hxxp://www.toggle.com/en/index.php?rvs=hompag
uInternet Connection Wizard,ShellNext = hxxp://www.skype.com/go/help.guides.ieaddon?lang=CS
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\documents and settings\Moták\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 195.160.182.1 62.169.168.82
FF - ProfilePath - c:\documents and settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.toggle.com/en/index.php?rvs=hompag
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WCL2&o=100000083&locale=en_EU&apn_uid=ECFA2BB4-FA12-4A46-9AE8-512D746C0D1F&apn_ptnrs=^AA3&apn_sauid=0DA88044-9D5C-43D4-A9C7-D7CDBDF64A63&apn_dtid=^YYYYYY^YY^SK&&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-12 12:46
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1608)
c:\program files\VisualTaskTips\VttHooks.dll
c:\windows\system32\MSCTF.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Celkový čas: 2011-10-12 12:48:41
ComboFix-quarantined-files.txt 2011-10-12 10:48
ComboFix2.txt 2011-10-11 20:02
.
Před spuštěním: Volných bajtů: 11 408 015 360
Po spuštění: Volných bajtů: 11 395 497 984
.
- - End Of File - - 62294F608C75F7E49706D2C83F1295BD

[vyosek]

Nejak se nam neprovedlo co melo Takze na to pujdem jinak

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "NeroFilterCheck"=-
  "QuickTime Task"=-
  "DivXUpdate"=-
  ""=-
  "ApnUpdater"=-
  "iTunesHelper"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
  [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  
  :services
  gupdate
  gupdatem
  
  :files
  C:\WINDOWS\tasks\AppleSoftwareUpdate.job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-573735546-682003330-1005Core.job
  C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-573735546-682003330-1005UA.job
  C:\WINDOWS\tasks\MP Scheduled Scan.job
  C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
  C:\Documents and Settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\searchplugins\askcom.xml
  C:\Documents and Settings\Moták\Data aplikací\Mozilla\Firefox\Profiles\g2yxf5ms.default\extensions\toolbar@ask.com
  C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
  C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk
  C:\Program Files\Ask.com
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte