VIRY.CZ

Ahoj v posledni dobe mam opravdu velmi pomaly net.. hlavne tedy prohlizec kde se mi stranky nacitaji silenou dobu a ne vzdy se vubec nactou... to ze platim 8MB net a mam max 3-4 MB to uz je dost smutne ale ze ted mam ping pres 500 prumer a upload 9kb/s to uz je fakt brutal... nevim cim to muze byt.. na routeru mame i wifi modem takze je napojen cely barak to jest kolem 4 PC.. ale momentalne jsou napojeny dva a nikde se nic nestahuje a stejne je to takto pomale..

PS: stabilita netu se pohybuje pod 50%... takze to spis vypada na problem ze strany poskytovatele internetu ale mozna se mylim

PS2: a kdyz uz jsme u toho lze nejakym zpusobem zjistit zda nekdo zrovna stahuje? Jelikoz jsou vsechny PC pripojene k internetu pres jeden modem podle me by to nejak jit melo.. abych si byl 100% jisty ze opravdu nikdo nic nestahuje.. i kdyz to sem nepatri zkusim se zeptat

log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Machr at 2012-02-22 11:45:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 12 GB (9%) free of 133 GB
Total RAM: 2046 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:45:27, on 22.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\dgdersvc.exe
E:\WINDOWS\system32\FsUsbExService.Exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\mHotkey.exe
E:\Program Files\Alwil Software\Avast5\avastUI.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\Xfire\Xfire.exe
E:\program files\mozilla firefox\firefox.exe
E:\Program Files\mIRC\mirc.exe
E:\program files\mozilla firefox\plugin-container.exe
G:\Games\World of Warcraft ORIGINAL\WoW.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\trend micro\Machr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15510
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - E:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - E:\Program Files\vShare.tv plugin\BarLcher.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - E:\Program Files\vShare.tv plugin\BarLcher.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast5] "E:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [amd_dc_opt] E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "E:\PROGRA~1\MyWebSearch\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MyWebSearch\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [ApnUpdater] "E:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MyWebSearch\bar\1.bin\mwsoemon.exe
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [RGSC] E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [Microsoft Update Machine] sjhtfpkqy.exe (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [Steam] "e:\program files\steam\steam.exe" -silent (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [PC Suite Tray] "E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [Comodo EasyVPN] "E:\Program Files\COMODO\EasyVPN\EasyVPN.exe" (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User 'hip-hop forever')
O4 - HKUS\S-1-5-21-448539723-179605362-1417001333-1004\..\Run: [QIP Internet Guardian] E:\Documents and Settings\hip-hop forever\Data aplikací\QipGuard\QipGuard.exe (User 'hip-hop forever')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-448539723-179605362-1417001333-1004 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'hip-hop forever')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2012021818
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all by FlashGet3 - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - E:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - E:\WINDOWS\system32\dgdersvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - E:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - Unknown owner - E:\Program Files\LogMeIn Hamachi\hamachi-2.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - E:\PROGRA~1\MyWebSearch\bar\1.bin\mwssvc.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)

--
End of file - 10354 bytes

======Scheduled tasks folder======

E:\WINDOWS\tasks\AppleSoftwareUpdate.job
E:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-179605362-1417001333-1003Core.job
E:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-179605362-1417001333-1003UA.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
E:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, battlefieldheroespatcher@ea.com:4.0.53.0, {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0, eafo3fflauncher@ea.com:1.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2, wrc@avast.com:20110101, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.imesh.com/web?src=ffb&app ... =1&sr=0&q="

"jqs@sun.com"=E:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=E:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{6E19037A-12E3-4295-8915-ED48BC341614}"=E:\Program Files\RelevantKnowledge
"wrc@avast.com"=E:\Program Files\Alwil Software\Avast5\WebRep\FF
"m3ffxtbr@mywebsearch.com"=E:\Program Files\MyWebSearch\bar\1.bin


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=E:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=E:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin]
"Description"=My Web Search Plugin
"Path"=E:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=E:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=E:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=E:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=E:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=E:\Program Files\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.10]
"Description"=VLC Multimedia Plugin
"Path"=E:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

E:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{C3F23840-B14B-4B61-AAEF-6BCC3621FA63}

E:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
GooglePlusVideosXPCOM.dll
IGooglePlusVideosXPCOM.xpt
ISiteVacuumXPCOM.xpt
ISuperSearchXPCOM.xpt
nppl3260.xpt
nsILegitCheckPlugin.xpt
nsJSRealPlayerPlugin.xpt
SiteVacuumXPCOM.dll
SuperSearchXPCOM.dll

E:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprpjplug.dll
npvsharetvplg.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

E:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
SearchResults.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\extensions\
battlefieldheroespatcher@ea.com
eafo3fflauncher@ea.com
m3ffxtbr@mywebsearch.com
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}

E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\
askcom.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.xml
seznam.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2012-02-18 58800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2012-02-18 833032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - E:\Program Files\vShare.tv plugin\BarLcher.dll [2011-09-22 177712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - E:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-09 138240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\FlashGetBHO3.dll [2010-12-16 144944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - E:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll []
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - VShareToolBar - E:\Program Files\vShare.tv plugin\BarLcher.dll [2011-09-22 177712]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2012-02-18 833032]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - E:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"avast5"=E:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-02-23 3451496]
"amd_dc_opt"=E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2011-08-17 20064872]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-12-05 98304]
"My Web Search Bar Search Scope Monitor"=E:\PROGRA~1\MyWebSearch\bar\1.bin\m3SrchMn.exe [2012-02-18 34336]
"MyWebSearch Email Plugin"=E:\PROGRA~1\MyWebSearch\bar\1.bin\mwsoemon.exe [2012-02-18 38408]
""= []
"ApnUpdater"=E:\Program Files\Ask.com\Updater\Updater.exe [2012-01-03 1391272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MyWebSearch Email Plugin"=E:\PROGRA~1\MyWebSearch\bar\1.bin\mwsoemon.exe [2012-02-18 38408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
E:\Program Files\Ask.com\Updater\Updater.exe [2012-01-03 1391272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
E:\Program Files\DAEMON Tools\daemon.exe [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DaemonTools_WhenUSave_Installer]
E:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
E:\Program Files\DivX\DivX Plus Web Player\DDmService.exe start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
E:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
E:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
E:\Documents and Settings\Machr\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2011-10-22 137536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
E:\Program Files\ICQ7.4\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
E:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-01-20 3365688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
E:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
E:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-10-20 2192752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
E:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-02-10 3087440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Auto Shutdown]
E:\Program Files\PC Auto Shutdown\AutoShutdown.exe [2010-12-01 1387520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
E:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TaskTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
E:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
E:\PROGRA~1\Xfire\Xfire.exe [2012-02-03 3530136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PCAutoShutdown_Service"=2
"ICQ Service"=2
"ameisvc"=2

E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2011-12-06 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"E:\Program Files\COMODO\EasyVPN\EasyVPN.exe"="E:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\WoW 3.1.3\Launcher.exe"="G:\Games\WoW 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Disabled:Quiet Internet Pager"
"E:\Hry\NHL 09\nhl2009.exe"="E:\Hry\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"E:\Hry\nhl\nhl2009-ELH.exe"="E:\Hry\nhl\nhl2009-ELH.exe:*:Enabled:nhl2009-ELH"
"E:\Program Files\Steam\steamapps\machr1991\race 07 demo crowne plaza raceway edition\SteamProxy.exe"="E:\Program Files\Steam\steamapps\machr1991\race 07 demo crowne plaza raceway edition\SteamProxy.exe:*:Enabled:RACE 07 Demo - Crowne Plaza Raceway edition"
"E:\Program Files\Steam\steamapps\machr1991\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe"="E:\Program Files\Steam\steamapps\machr1991\race 07 demo crowne plaza raceway edition\RaceConfig_Steam.exe:*:Enabled:RACE 07 Demo - Crowne Plaza Raceway edition"
"E:\Documents and Settings\hip-hop forever\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\hip-hop forever\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Disabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Kong\Kong.exe"="G:\Games\Kong\Kong.exe:*:Enabled:Kong"
"E:\Program Files\Ventrilo\Ventrilo.exe"="E:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"G:\Games\Battlefield Bad Company 2\BFBC2Updater.exe"="G:\Games\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"E:\Program Files\Skype\Plugin Manager\skypePM.exe"="E:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"G:\Games\Age of Empires\Age of Empires II\Age2_x1\Age2_x1.exe"="G:\Games\Age of Empires\Age of Empires II\Age2_x1\Age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"E:\WINDOWS\system32\dplaysvr.exe"="E:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"G:\Games\Age of Empires\Age of Empires II\empires2.exe"="G:\Games\Age of Empires\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"G:\Games\Age of Empires 2\age2_x1\age2_x1.exe"="G:\Games\Age of Empires 2\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"G:\Games\CoH\RelicCOH.exe"="G:\Games\CoH\RelicCOH.exe:*:Enabled:RelicCOH"
"G:\Games\Age of Empires 2\empires2.exe"="G:\Games\Age of Empires 2\empires2.exe:*:Enabled:Age of Empires II"
"G:\Games\Need for Speed Most Wanted\speed.exe"="G:\Games\Need for Speed Most Wanted\speed.exe:*:Enabled:speed"
"E:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="E:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"E:\Program Files\FlashGet\flashget.exe"="E:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"G:\Games\Left4Dead 2\left4dead2.exe"="G:\Games\Left4Dead 2\left4dead2.exe:*:Enabled:left4dead2"
"G:\Games\Crysis\Bin32\Crysis.exe"="G:\Games\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"G:\Games\Crysis\Bin32\CrysisDedicatedServer.exe"="G:\Games\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"E:\Documents and Settings\Machr\Local Settings\temp\Rar$EX01.531\LanLaunch.exe"="E:\Documents and Settings\Machr\Local Settings\temp\Rar$EX01.531\LanLaunch.exe:*:Enabled:LanLaunch"
"G:\Games\Modern Warfare 2\LanLaunch.exe"="G:\Games\Modern Warfare 2\LanLaunch.exe:*:Enabled:LanLaunch"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="G:\Games\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Games\Pro Evolution Soccer 2010\2010 FIFA World Cup Patch\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\2010 FIFA World Cup Patch\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\GTA 4\Grand Theft Auto IV\GTAIV.exe"="G:\Games\GTA 4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Games\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe"="G:\Games\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Games\GTA IV\Grand Theft Auto IV\GTAIV.exe"="G:\Games\GTA IV\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"E:\Program Files\Garena\Garena.exe"="E:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"G:\Games\Titan Quest Immortal Throne\Tqit.exe"="G:\Games\Titan Quest Immortal Throne\Tqit.exe:*:Enabled:Tqit"
"G:\Games\FM2010\fm.exe"="G:\Games\FM2010\fm.exe:*:Enabled:Football Manager 2010"
"G:\Games\StarCraft II\StarCraft II.exe"="G:\Games\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"G:\Games\The Lord of the Rings - Conquest™\Conquest.exe"="G:\Games\The Lord of the Rings - Conquest™\Conquest.exe:*:Enabled:Game"
"G:\Games\Nová složka\FlatOut2.exe"="G:\Games\Nová složka\FlatOut2.exe:*:Enabled:FlatOut2"
"G:\Games\FIFA 11 Demo\Game\fifa.exe"="G:\Games\FIFA 11 Demo\Game\fifa.exe:*:Enabled:FIFA 11"
"G:\Games\Pro Evolution Soccer 2011\pes2011.exe"="G:\Games\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"G:\Games\Pro Evolution Soccer 2010\csp2010.exe"="G:\Games\Pro Evolution Soccer 2010\csp2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\World of Warcraft ORIGINAL\Launcher.patch.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.patch.exe:*:Enabled:Blizzard Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ICQ7.5\ICQ.exe"="E:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"E:\Program Files\iMesh Applications\iMesh\iMesh.exe"="E:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"E:\Program Files\Pando Networks\Media Booster\PMB.exe"="E:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=E:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=E:\WINDOWS\system32\l3codeca.acm
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.lhacm"=lhacm.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=E:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=E:\WINDOWS\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XFR1"=xfcodec.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-02-20 15:58:55 ----D---- E:\Program Files\PhotoFiltre
2012-02-20 15:55:19 ----D---- E:\Program Files\IrfanView
2012-02-19 09:53:47 ----D---- E:\Program Files\Ask.com
2012-02-18 23:06:22 ----A---- E:\WINDOWS\system32\f3PSSavr.scr
2012-02-18 23:06:20 ----D---- E:\Program Files\MyWebSearch
2012-02-18 23:05:57 ----AD---- E:\Program Files\FunWebProducts
2012-02-12 08:58:42 ----D---- E:\Program Files\Counter-Strike Source
2012-02-10 11:00:10 ----D---- E:\Documents and Settings\All Users\Data aplikací\PMB Files
2012-02-10 08:39:48 ----D---- E:\Documents and Settings\All Users\Data aplikací\ATI
2012-02-10 08:34:20 ----D---- E:\Program Files\AMD APP
2012-02-10 08:30:00 ----D---- E:\AMD
2012-02-07 10:54:39 ----D---- E:\ProgramData
2012-02-07 10:54:27 ----D---- E:\Program Files\Electronic Arts
2012-02-03 10:29:56 ----A---- E:\WINDOWS\system32\xfcodec.dll
2012-01-30 18:11:46 ----D---- E:\Documents and Settings\Machr\Data aplikací\Sports Interactive

======List of files/folders modified in the last 1 month======

2012-02-22 11:45:17 ----D---- E:\Program Files\Trend Micro
2012-02-22 11:43:47 ----D---- E:\WINDOWS\Prefetch
2012-02-22 11:20:17 ----D---- E:\Program Files\mIRC
2012-02-22 10:38:53 ----D---- E:\Documents and Settings\Machr\Data aplikací\Xfire
2012-02-22 08:38:00 ----A---- E:\WINDOWS\SchedLgU.Txt
2012-02-22 08:21:32 ----D---- E:\WINDOWS\Temp
2012-02-21 21:07:53 ----D---- E:\WINDOWS\system32\CatRoot2
2012-02-21 21:06:54 ----D---- E:\Program Files\Steam
2012-02-21 18:24:15 ----D---- E:\WINDOWS
2012-02-21 17:38:08 ----D---- E:\WINDOWS\system32\config
2012-02-21 17:32:33 ----D---- E:\Program Files\Mozilla Firefox
2012-02-20 15:58:55 ----D---- E:\Program Files
2012-02-20 03:05:35 ----D---- E:\WINDOWS\Minidump
2012-02-20 03:05:21 ----D---- E:\Program Files\Microsoft Silverlight
2012-02-19 09:54:00 ----SHD---- E:\WINDOWS\Installer
2012-02-19 09:53:56 ----SD---- E:\WINDOWS\Tasks
2012-02-18 23:06:22 ----D---- E:\WINDOWS\system32
2012-02-18 09:28:49 ----D---- E:\Program Files\Xfire
2012-02-13 10:46:41 ----D---- E:\Documents and Settings\Machr\Data aplikací\Skype
2012-02-12 09:56:46 ----A---- E:\WINDOWS\win.ini
2012-02-12 09:56:46 ----A---- E:\WINDOWS\system.ini
2012-02-12 09:56:45 ----D---- E:\WINDOWS\pss
2012-02-10 12:22:38 ----HD---- E:\WINDOWS\inf
2012-02-10 12:22:00 ----D---- E:\WINDOWS\system32\DirectX
2012-02-10 12:14:27 ----HD---- E:\Program Files\InstallShield Installation Information
2012-02-10 11:11:01 ----RD---- E:\Filmy
2012-02-10 10:59:36 ----D---- E:\Program Files\Pando Networks
2012-02-10 08:33:56 ----D---- E:\Program Files\ATI Technologies
2012-02-10 08:32:40 ----RSHDC---- E:\WINDOWS\system32\dllcache
2012-02-10 08:32:35 ----D---- E:\WINDOWS\system32\drivers
2012-02-10 08:32:32 ----D---- E:\WINDOWS\system32\ReinstallBackups
2012-02-10 08:32:30 ----DC---- E:\WINDOWS\system32\DRVSTORE
2012-02-09 20:01:12 ----D---- E:\Documents and Settings\Machr\Data aplikací\Winamp
2012-02-09 20:01:12 ----D---- E:\Documents and Settings\Machr\Data aplikací\Media Player Classic
2012-02-09 20:01:12 ----D---- E:\Documents and Settings\Machr\Data aplikací\DAEMON Tools Lite
2012-02-09 20:01:11 ----D---- E:\Documents and Settings\Machr\Data aplikací\Ventrilo
2012-02-09 20:01:11 ----D---- E:\Documents and Settings\Machr\Data aplikací\uTorrent
2012-02-09 19:54:41 ----D---- E:\Program Files\CCleaner
2012-02-09 19:03:55 ----D---- E:\Documents and Settings\All Users\Data aplikací\TrackMania
2012-02-09 18:17:43 ----D---- E:\Program Files\DivX
2012-02-09 15:29:20 ----D---- E:\Documents and Settings\All Users\Data aplikací\DivX
2012-02-09 15:29:19 ----D---- E:\Program Files\Common Files
2012-02-09 10:57:35 ----D---- E:\Hry
2012-02-07 10:54:39 ----D---- E:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2012-02-03 15:12:26 ----D---- E:\Documents and Settings\Machr\Data aplikací\Adobe
2012-01-30 23:10:44 ----SHD---- E:\System Volume Information
2012-01-30 22:07:15 ----D---- E:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; E:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; E:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); E:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); E:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); E:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); E:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2011-10-06 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; E:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; E:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-07-22 218688]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 atksgt;atksgt; E:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-06-17 281760]
R2 lirsgt;lirsgt; E:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-06-17 25888]
R3 AmdLLD;AMD Low Level Device Driver; E:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-12-06 7490560]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; E:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-12-20 100368]
R3 dgderdrv;dgderdrv; E:\WINDOWS\System32\drivers\dgderdrv.sys [2011-01-20 18120]
R3 FsUsbExDisk;FsUsbExDisk; \??\E:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-08-30 6435432]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-08-24 323816]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; E:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmFilter;Logitech Gaming HID Filter Driver; E:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
R3 WmXlCore;Logitech Translation Layer Driver; E:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S3 aad0gamm;aad0gamm; E:\WINDOWS\system32\drivers\aad0gamm.sys []
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aqgv974c;aqgv974c; E:\WINDOWS\system32\drivers\aqgv974c.sys []
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); E:\WINDOWS\system32\DRIVERS\ssudbus.sys [2011-10-27 78136]
S3 flashusb;flashusb; E:\WINDOWS\system32\DRIVERS\flashusb.sys [2011-10-27 16384]
S3 GarenaPEngine;GarenaPEngine; \??\E:\DOCUME~1\Machr\LOCALS~1\Temp\WXV1B0.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\E:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-07-14 25280]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; E:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-09-10 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; E:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-10-12 100736]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 PAC207;PC Camer@; E:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-11-20 506112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); E:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2011-10-27 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); E:\WINDOWS\system32\DRIVERS\ssudserd.sys [2011-10-27 181432]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); E:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WmVirHid;Logitech Virtual Hid Device Driver; E:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2011-12-06 643072]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-02-23 42184]
R2 dgdersvc;Device Error Recovery Service; E:\WINDOWS\system32\dgdersvc.exe [2011-01-20 95568]
R2 FsUsbExService;FsUsbExService; E:\WINDOWS\system32\FsUsbExService.Exe [2011-01-20 217088]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2011-04-03 75136]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-25 135664]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; E:\Program Files\LogMeIn Hamachi\hamachi-2.exe -s []
S2 MyWebSearchService;My Web Search Service; E:\PROGRA~1\MyWebSearch\bar\1.bin\mwssvc.exe [2012-02-18 34320]
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); E:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-25 135664]
S3 gusvc;Google Updater Service; E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 ICQ Service;ICQ Service; E:\Program Files\ICQ6Toolbar\ICQ Service.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PCAutoShutdown_Service;PCAutoShutdown_Service; E:\Program Files\PC Auto Shutdown\ShutdownService.exe [2010-04-19 441624]

-----------------EOF-----------------

Dekuji za rady

Zdravim a pekne odpoledne preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Pekny den,

dekuji za odpoved V prve rade bych rad rek ze internet se vratil do normalu kolem druhe hodiny nevim cim to je ale jsem za to rad (psal jsem i mail na T-Mobile), ale tim to asi nebude pac ani jeste neodepsali..

Ten combofix jsem spustil a jel jsem podle navodu.. trvalo to pekne dlouho tak jsem nebyl u PC kdyz jsem zas prisel tak PC byl restartovan ale bohuzel nikde zadny log najit nemuzu... System mam na disku E a na nem je pouze nejaka slozka ComboFix coz je jakoby Tento Počítač... Zkousel jsem i hledat podle nazvu ale proste nikde zadny log nemam... :/ Tak nevim kde se stala chyba

Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) a spustte ComboFix tam

Tak ja nevim.. v tom nouzovem rezimu to slo a pak jsem spustil normal system a pokracovalo to.. a pak tam bylo napsano ze uz zbejva jen chvilicka a pak se zas restartoval system.. pak mi vyskocila hlaska s "neodesilat" ze system windows prestal pracovat... na E: zas ten .txt soubor nemam ale je tam opet nejaka slozka ComboFix ve ktere je silena kvanta programu rozdelena podle typu a mezi textovejma souborama je combofix.txt takze ten sem zkopiruji ale jak rikam podle me se to opet nedodelalo do konce...

ComboFix 12-02-22.01 - Administrator 22.02.2012 16:42:05.4.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1723 [GMT 1:00]
Spuštěný z: E:\Documents and Settings\Administrator\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\install.exe
E:\Program Files\FunWebProducts
E:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
E:\Program Files\MyWebSearch
E:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
E:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
E:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
E:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
E:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
E:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
E:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
E:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
E:\Program Files\MyWebSearch\bar\1.bin\CHROME.MANIFEST
E:\Program Files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
E:\Program Files\MyWebSearch\bar\1.bin\INSTALL.RDF
E:\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
E:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3IEOVR.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
E:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
E:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3SKNLCR.DLL
E:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
E:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
E:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
E:\Program Files\MyWebSearch\bar\1.bin\M3TPINST.DLL
E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
E:\Program Files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
E:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
E:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
E:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
E:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
E:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
E:\Program Files\MyWebSearch\bar\1.bin\MWSUABTN.DLL
E:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
E:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
E:\Program Files\MyWebSearch\bar\Cache\006FE34F
E:\Program Files\MyWebSearch\bar\Cache\0128E83D.bin
E:\Program Files\MyWebSearch\bar\Cache\0128EEF4.bin
E:\Program Files\MyWebSearch\bar\Cache\0128F6E3.bin
E:\Program Files\MyWebSearch\bar\Cache\0AD0909F
E:\Program Files\MyWebSearch\bar\Cache\0AD095DF
E:\Program Files\MyWebSearch\bar\Cache\0AD09756.bin
E:\Program Files\MyWebSearch\bar\Cache\0AD098FC.bmp
E:\Program Files\MyWebSearch\bar\Cache\0AD0993B.bin
E:\Program Files\MyWebSearch\bar\Cache\0AD099B8.bin
E:\Program Files\MyWebSearch\bar\Cache\0AD09A44.bin
E:\Program Files\MyWebSearch\bar\Cache\0AD09A83.bin
E:\Program Files\MyWebSearch\bar\Cache\files.ini
E:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
E:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
E:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
E:\Program Files\MyWebSearch\bar\gen1\COMMON.F3S
E:\Program Files\MyWebSearch\bar\History\search3
E:\Program Files\MyWebSearch\bar\icons\CM.ICO
E:\Program Files\MyWebSearch\bar\icons\MFC.ICO
E:\Program Files\MyWebSearch\bar\icons\PSS.ICO
E:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO
E:\Program Files\MyWebSearch\bar\icons\WB.ICO
E:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO
E:\Program Files\MyWebSearch\bar\IE9Mesg\COMMON.F3S
E:\Program Files\MyWebSearch\bar\jsifb\COMMON.F3S
E:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
E:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
E:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
E:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
E:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
E:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
E:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
E:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
E:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
E:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
E:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
E:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
E:\Program Files\MyWebSearch\bar\Overlay\COMMON.F3S
E:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
E:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
E:\Program Files\MyWebSearch\bar\wbnotify\COMMON.F3S
E:\WINDOWS\pkunzip.pif
E:\WINDOWS\pkzip.pif
E:\WINDOWS\system32\drivers\etc\hosts.ics
E:\WINDOWS\system32\f3PSSavr.scr
E:\WINDOWS\system32\muzapp.exe
E:\WINDOWS\system32\tmp14B.tmp
E:\WINDOWS\system32\tmp14C.tmp


((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService


((((((((((((((((((((((((( Soubory vytvořené od 2012-01-22 do 2012-02-22 )))))))))))))))))))))))))))))))


2012-02-22 15:37:44 . 2012-02-22 15:37:44 -------- d-----w- E:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google
2012-02-20 14:58:55 . 2012-02-20 14:58:56 -------- d-----w- E:\Program Files\PhotoFiltre
2012-02-20 14:55:19 . 2012-02-20 14:55:19 -------- d-----w- E:\Program Files\IrfanView
2012-02-19 08:53:47 . 2012-02-19 08:54:00 -------- d-----w- E:\Program Files\Ask.com
2012-02-19 08:53:42 . 2012-02-19 08:54:00 -------- d-----w- E:\Documents and Settings\Machr\Local Settings\Data aplikací\AskToolbar
2012-02-16 14:29:23 . 2012-02-16 15:31:49 -------- d-----w- E:\Documents and Settings\Machr\Local Settings\Data aplikací\Deployment
2012-02-14 17:01:36 . 2012-02-14 17:01:36 -------- d-----w- E:\Documents and Settings\Jan sádelník Vorel\Local Settings\Data aplikací\Google
2012-02-12 07:58:42 . 2012-02-12 08:52:34 -------- d-----w- E:\Program Files\Counter-Strike Source
2012-02-10 10:00:10 . 2012-02-22 13:28:13 -------- d-----w- E:\Documents and Settings\Machr\Local Settings\Data aplikací\PMB Files
2012-02-10 10:00:10 . 2012-02-22 12:30:32 -------- d-----w- E:\Documents and Settings\All Users\Data aplikací\PMB Files
2012-02-10 07:39:48 . 2012-02-10 07:39:48 -------- d-----w- E:\Documents and Settings\All Users\Data aplikací\ATI
2012-02-10 07:34:20 . 2012-02-10 07:34:20 -------- d-----w- E:\Program Files\AMD APP
2012-02-10 07:30:00 . 2012-02-10 07:30:00 -------- d-----w- E:\AMD
2012-02-07 09:54:39 . 2012-02-07 09:54:39 -------- d-----w- E:\ProgramData
2012-02-07 09:54:27 . 2012-02-08 11:45:45 -------- d-----w- E:\Program Files\Electronic Arts
2012-02-03 09:29:56 . 2012-02-03 09:29:56 42392 ----a-w- E:\WINDOWS\system32\xfcodec.dll
2012-01-30 17:13:36 . 2012-01-30 17:13:36 -------- d-----w- E:\Documents and Settings\Machr\Local Settings\Data aplikací\Chromium
2012-01-30 17:11:46 . 2012-01-30 17:11:46 -------- d-----w- E:\Documents and Settings\Machr\Local Settings\Data aplikací\Sports Interactive
2012-01-30 17:11:46 . 2012-01-30 17:11:46 -------- d-----w- E:\Documents and Settings\Machr\Data aplikací\Sports Interactive
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-02-20 15:47:09 . 2011-05-23 13:44:25 414368 ----a-w- E:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-01-12 00:19:16 . 2012-01-12 00:19:16 4448256 ----a-w- E:\WINDOWS\system32\GPhotos.scr
2011-12-20 07:39:28 . 2011-10-10 12:03:16 100368 ----a-w- E:\WINDOWS\system32\drivers\AtihdXP3.sys
2011-12-06 03:42:18 . 2008-02-26 05:51:42 7490560 ----a-w- E:\WINDOWS\system32\drivers\ati2mtag.sys
2011-12-06 03:39:26 . 2008-09-24 01:56:46 311296 ----a-w- E:\WINDOWS\system32\atiiiexx.dll
2011-12-06 03:26:18 . 2009-05-16 01:35:09 57344 ----a-w- E:\WINDOWS\system32\aticalrt.dll
2011-12-06 03:26:12 . 2009-05-16 01:34:54 53248 ----a-w- E:\WINDOWS\system32\aticalcl.dll
2011-12-06 03:19:58 . 2009-05-16 01:33:18 7376896 ----a-w- E:\WINDOWS\system32\aticaldd.dll
2011-12-06 03:07:22 . 2008-09-24 02:09:12 19357696 ----a-w- E:\WINDOWS\system32\atioglxx.dll
2011-12-06 02:55:08 . 2008-09-24 02:18:25 466944 ----a-w- E:\WINDOWS\system32\ATIDEMGX.dll
2011-12-06 02:54:00 . 2008-02-26 03:10:52 304640 ----a-w- E:\WINDOWS\system32\ati2dvag.dll
2011-12-06 02:49:00 . 2008-02-26 02:49:28 5334656 ----a-w- E:\WINDOWS\system32\ati3duag.dll
2011-12-06 02:39:54 . 2011-08-01 13:09:07 956160 ----a-w- E:\WINDOWS\system32\ativvamv.dll
2011-12-06 02:33:14 . 2008-09-24 02:07:05 212992 ----a-w- E:\WINDOWS\system32\atipdlxx.dll
2011-12-06 02:33:02 . 2008-02-26 03:02:02 155648 ----a-w- E:\WINDOWS\system32\Oemdspif.dll
2011-12-06 02:32:52 . 2008-09-24 02:06:44 26112 ----a-w- E:\WINDOWS\system32\Ati2mdxx.exe
2011-12-06 02:32:46 . 2008-09-24 02:06:36 43520 ----a-w- E:\WINDOWS\system32\ati2edxx.dll
2011-12-06 02:32:34 . 2008-02-26 03:01:30 192512 ----a-w- E:\WINDOWS\system32\ati2evxx.dll
2011-12-06 02:31:18 . 2008-09-24 02:04:49 643072 ----a-w- E:\WINDOWS\system32\ati2evxx.exe
2011-12-06 02:29:58 . 2008-09-24 02:03:30 53248 ----a-w- E:\WINDOWS\system32\ATIDDC.DLL
2011-12-06 02:29:06 . 2008-02-26 02:41:46 3307776 ----a-w- E:\WINDOWS\system32\ativvaxx.dll
2011-12-06 02:28:26 . 2010-11-05 12:28:29 159744 ----a-w- E:\WINDOWS\system32\atiapfxx.exe
2011-12-06 02:24:02 . 2008-09-24 01:20:30 806912 ----a-w- E:\WINDOWS\system32\atikvmag.dll
2011-12-06 02:21:04 . 2008-09-24 01:18:17 602112 ----a-w- E:\WINDOWS\system32\atiok3x2.dll
2011-12-06 02:19:02 . 2009-05-16 02:31:46 233472 ----a-w- E:\WINDOWS\system32\atiadlxx.dll
2011-12-06 02:18:38 . 2011-08-01 13:09:07 17408 ----a-w- E:\WINDOWS\system32\atitvo32.dll
2011-12-06 02:12:52 . 2008-02-26 02:16:48 884736 ----a-w- E:\WINDOWS\system32\ati2cqag.dll
2011-12-06 02:12:02 . 2008-09-24 01:18:10 53248 ----a-w- E:\WINDOWS\system32\drivers\ati2erec.dll
2011-12-06 02:10:50 . 2009-05-16 02:38:04 65024 ----a-w- E:\WINDOWS\system32\atimpc32.dll
2011-12-06 02:10:50 . 2008-02-26 02:29:24 65024 ----a-w- E:\WINDOWS\system32\amdpcom32.dll
2011-12-05 21:04:00 . 2011-12-05 21:04:00 59904 ----a-w- E:\WINDOWS\system32\OpenVideo.dll
2011-12-05 21:03:52 . 2011-12-05 21:03:52 54784 ----a-w- E:\WINDOWS\system32\OVDecode.dll
2011-12-05 21:03:04 . 2011-12-05 21:03:04 14499328 ----a-w- E:\WINDOWS\system32\amdocl.dll
2011-12-05 21:02:16 . 2011-12-05 21:02:16 44032 ----a-w- E:\WINDOWS\system32\OpenCL.dll
2011-11-29 15:38:12 . 2011-11-29 15:38:12 143360 ----a-w- E:\WINDOWS\system32\3DAudio.ax
2011-11-29 15:38:12 . 2011-11-29 15:38:12 14336 ----a-w- E:\WINDOWS\system32\avrt.dll
2011-12-30 17:49:30 . 2011-03-26 21:07:24 121816 ----a-w- E:\Program Files\mozilla firefox\components\browsercomps.dll
2009-04-07 18:52:04 . 2009-04-07 18:52:04 28672 -c--a-w- E:\Program Files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58:22 . 2008-10-19 09:58:22 49152 -c--a-w- E:\Program Files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-08-09 21:14:12 . 2009-08-09 21:14:12 49152 -c--a-w- E:\Program Files\mozilla firefox\components\SuperSearchXPCOM.dll


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[7] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . E:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . E:\WINDOWS\ERDNT\cache\tcpip.sys
[7] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . E:\WINDOWS\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51:12 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . E:\WINDOWS\system32\drivers\tcpip.sys
[7] 2008-04-13 22:50:18 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512 (xpsp.080413-0852)] . . E:\WINDOWS\$NtUninstallKB951748$\tcpip.sys

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "E:\Program Files\Ask.com\GenericAskToolbar.dll" [2012-01-03 15:31:28 1514152]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31:28 1514152 ----a-w- E:\Program Files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "E:\Program Files\Ask.com\GenericAskToolbar.dll" [2012-01-03 15:31:28 1514152]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "E:\Program Files\Ask.com\GenericAskToolbar.dll" [2012-01-03 15:31:28 1514152]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04:11 122512 ----a-w- E:\Program Files\Alwil Software\Avast5\ashShell.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2004-12-08 15:57:36 550912]
"amd_dc_opt"="E:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 11:53:10 77824]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 15:09:20 20064872]
"StartCCC"="E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 20:37:24 98304]
"ApnUpdater"="E:\Program Files\Ask.com\Updater\Updater.exe" [2012-01-03 15:31:34 1391272]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="E:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 06:52:18 15360]

E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění\
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2009-7-21 3581680]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
path=E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění\Xfire.lnk
backup=E:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07:56 843712 ----a-r- E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-03 21:51:18 37296 ----a-w- E:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2009-11-02 14:27:31 611712 -c--a-w- E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2012-01-03 15:31:34 1391272 ----a-w- E:\Program Files\Ask.com\Updater\Updater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2008-12-29 10:40:30 687560 ----a-w- E:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20:12 1305408 ----a-w- E:\Program Files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11:38 3325952 ----a-w- E:\Program Files\Electronic Arts\EADM\Core.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2011-10-22 18:57:58 137536 ----atw- E:\Documents and Settings\Machr\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44:34 31072 -c--a-w- E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-01-20 03:59:24 3365688 ----a-w- E:\Program Files\Samsung\Kies\KiesTrayAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2006-11-03 10:01:16 319488 -c--a-w- E:\WINDOWS\PixArt\Pac207\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
2012-02-10 09:59:48 3087440 ----a-w- E:\Program Files\Pando Networks\Media Booster\PMB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Auto Shutdown]
2010-12-01 10:28:58 1387520 -c--a-w- E:\Program Files\PC Auto Shutdown\AutoShutdown.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PCAutoShutdown_Service"=2 (0x2)
"ICQ Service"=2 (0x2)
"ameisvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"E:\\WINDOWS\\system32\\PnkBstrA.exe"=
"E:\\WINDOWS\\system32\\PnkBstrB.exe"=
"E:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"E:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"E:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"G:\\Games\\The Battle for Middle-earth (tm) II\\game.dat"=
"E:\\Program Files\\mIRC\\mirc.exe"=
"G:\\Games\\UT 3 CZ\\Binaries\\UT3.exe"=
"G:\\Games\\Call of Duty 5\\CoDWaW-lanfix 1.5.exe"=
"G:\\Games\\Call of Duty 5\\CoDWaW_LANFixed.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\Launcher.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\BackgroundDownloader.exe"=
"E:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"E:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"E:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"G:\\Games\\Call of Duty 5\\server.exe"=
"E:\\Program Files\\HLSW\\hlsw.exe"=
"E:\\Program Files\\Opera\\opera.exe"=
"G:\\Games\\NHL 2004\\nhl2004.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0-enGB-downloader.exe"=
"E:\\Documents and Settings\\Machr\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"G:\\Games\\TmNationsForever\\TmForever.exe"=
"E:\\Program Files\\SopCast\\SopCast.exe"=
"E:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"G:\\Games\\Modern Warfare 2\\iw4sp.exe"=
"G:\\Games\\Modern Warfare 2\\iw4mp.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"G:\\Games\\World of Warcraft ORIGINAL\\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"=
"E:\\Program Files\\QIP\\qip.exe"=
"E:\\Documents and Settings\\hip-hop forever\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"E:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"G:\\Games\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"E:\\WINDOWS\\system32\\dplaysvr.exe"=
"G:\\Games\\Age of Empires 2\\age2_x1\\age2_x1.exe"=
"G:\\Games\\CoH\\RelicCOH.exe"=
"G:\\Games\\Age of Empires 2\\empires2.exe"=
"E:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
"G:\\Games\\Left4Dead 2\\left4dead2.exe"=
"G:\\Games\\Crysis\\Bin32\\Crysis.exe"=
"G:\\Games\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"E:\\Program Files\\Steam\\Steam.exe"=
"G:\\Games\\Modern Warfare 2\\LanLaunch.exe"=
"G:\\Games\\Call of Duty 5\\CoDWaW.exe"=
"G:\\Games\\Call of Duty 5\\CoDWaWmp.exe"=
"G:\\Games\\GTA IV\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"G:\\Games\\GTA IV\\Grand Theft Auto IV\\GTAIV.exe"=
"E:\\Program Files\\Garena\\Garena.exe"=
"E:\\Program Files\\uTorrent\\utorrent.exe"=
"G:\\Games\\FIFA 11\\Game\\FIFA.exe"=
"E:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"E:\\Documents and Settings\\Machr\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"G:\\Games\\FlatOut 2\\FlatOut2.exe"=
"E:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"G:\\Games\\BFME-ROTWK\\game.dat"=
"G:\\Games\\CSS s addony\\hl2.exe"=
"E:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"E:\\Documents and Settings\\hip-hop forever\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"E:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"E:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"G:\\Games\\Killing floor\\System\\KillingFloor.exe"=
"E:\\DC ++\\StrongDC++\\StrongDC.exe"=
"E:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"E:\\Program Files\\Xfire\\Xfire.exe"=
"E:\\Program Files\\QIP8095\\qip.exe"=
"G:\\Games\\Modern Warfare 2\\iw4mp.dat"=
"G:\\Games\\Crysis 2\\bin32\\Crysis2.exe"=
"E:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"E:\\Program Files\\ICQ7.5\\ICQ.exe"=
"G:\\Games\\LittleFighter2\\LF2_v2.0a\\lf2.exe"=
"G:\\Games\\FEAR 3\\F.E.A.R. 3\\F.E.A.R. 3.exe"=
"G:\\Games\\NHL 09\\nhl2009.exe"=
"G:\\Games\\BFME\\game.dat"=
"G:\\Games\\League of Legends\\lol.launcher.exe"=
"G:\\Games\\Worms Armageddon\\WA.exe"=
"G:\\Games\\dead island\\deadislandgame.exe"=
"G:\\Games\\Virtua Tennis 4\\VT4.exe"=
"G:\\Games\\Grand Theft Auto IV - Episodes From Liberty City\\EFLC.exe"=
"G:\\Hry - INSTALACE\\FIFA 12 [MULTI5] CZ\\FIFA 12 [MULTI5] CZ\\Game\\fifa.exe"=
"G:\\Games\\GTA IV\\Grand Theft Auto IV\\RGSC\\RGSCLauncher.exe"=
"E:\\Program Files\\Hamachi\\hamachi.exe"=
"E:\\Program Files\\Skype\\Phone\\Skype.exe"=
"E:\\Documents and Settings\\Machr\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"E:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"E:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"E:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"E:\\Documents and Settings\\Machr\\Local Settings\\Apps\\2.0\\OM99YG7C.BY4\\28XEHY3Q.M59\\curs..tion_eee711038731a406_0004.0000_2ad57791d5c42008\\CurseClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"58538:TCP"= 58538:TCP:Pando Media Booster
"58538:UDP"= 58538:UDP:Pando Media Booster
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"6996:TCP"= 6996:TCP:League of Legends Launcher
"6996:UDP"= 6996:UDP:League of Legends Launcher
"6948:TCP"= 6948:TCP:League of Legends Launcher
"6948:UDP"= 6948:UDP:League of Legends Launcher
"6924:TCP"= 6924:TCP:League of Legends Launcher
"6924:UDP"= 6924:UDP:League of Legends Launcher
"6936:TCP"= 6936:TCP:League of Legends Launcher
"6936:UDP"= 6936:UDP:League of Legends Launcher
"8397:TCP"= 8397:TCP:League of Legends Launcher
"8397:UDP"= 8397:UDP:League of Legends Launcher
"6917:TCP"= 6917:TCP:League of Legends Launcher
"6917:UDP"= 6917:UDP:League of Legends Launcher
"6983:TCP"= 6983:TCP:League of Legends Launcher
"6983:UDP"= 6983:UDP:League of Legends Launcher
"6928:TCP"= 6928:TCP:League of Legends Launcher
"6928:UDP"= 6928:UDP:League of Legends Launcher
"6979:TCP"= 6979:TCP:League of Legends Launcher
"6979:UDP"= 6979:UDP:League of Legends Launcher
"8398:TCP"= 8398:TCP:League of Legends Launcher
"8398:UDP"= 8398:UDP:League of Legends Launcher
"8393:TCP"= 8393:TCP:League of Legends Lobby
"8393:UDP"= 8393:UDP:League of Legends Lobby
"8390:TCP"= 8390:TCP:League of Legends Game Client
"8390:UDP"= 8390:UDP:League of Legends Game Client
"6961:TCP"= 6961:TCP:League of Legends Launcher
"6961:UDP"= 6961:UDP:League of Legends Launcher
"58268:TCP"= 58268:TCP:Pando Media Booster
"58268:UDP"= 58268:UDP:Pando Media Booster

R0 sptd;sptd;E:\WINDOWS\system32\drivers\sptd.sys [15.7.2009 23:18:05 691696]
R1 aswSnx;aswSnx;E:\WINDOWS\system32\drivers\aswSnx.sys [10.3.2011 14:23:43 371544]
R1 aswSP;aswSP;E:\WINDOWS\system32\drivers\aswSP.sys [18.11.2009 19:26:08 301528]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;E:\WINDOWS\system32\drivers\dtsoftbus01.sys [22.7.2011 15:00:06 218688]
R2 aswFsBlk;aswFsBlk;E:\WINDOWS\system32\drivers\aswFsBlk.sys [18.11.2009 19:26:08 19544]
R2 dgdersvc;Device Error Recovery Service;E:\WINDOWS\system32\dgdersvc.exe [20.1.2011 3:01:40 95568]
R2 FsUsbExService;FsUsbExService;E:\WINDOWS\system32\FsUsbExService.Exe [28.12.2011 11:47:04 217088]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;E:\WINDOWS\system32\drivers\AtihdXP3.sys [10.10.2011 13:03:16 100368]
R3 dgderdrv;dgderdrv;E:\WINDOWS\system32\drivers\dgderdrv.sys [20.1.2011 3:01:40 18120]
R3 FsUsbExDisk;FsUsbExDisk;E:\WINDOWS\system32\FsUsbExDisk.Sys [28.12.2011 11:47:04 36640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16:28 130384]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a);E:\Program Files\Google\Update\GoogleUpdate.exe [25.9.2010 11:40:56 135664]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;"E:\Program Files\LogMeIn Hamachi\hamachi-2.exe" -s --> E:\Program Files\LogMeIn Hamachi\hamachi-2.exe [?]
S3 Ambfilt;Ambfilt;E:\WINDOWS\system32\drivers\Ambfilt.sys [15.7.2009 11:10:51 1691480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);E:\WINDOWS\system32\drivers\ssudbus.sys [25.12.2011 20:13:01 78136]
S3 flashusb;flashusb;E:\WINDOWS\system32\drivers\flashusb.sys [25.12.2011 20:12:53 16384]
S3 GarenaPEngine;GarenaPEngine;\??\E:\DOCUME~1\Machr\LOCALS~1\Temp\WXV1B0.tmp --> E:\DOCUME~1\Machr\LOCALS~1\Temp\WXV1B0.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\E:\Program Files\Garena\safedrv.sys --> E:\Program Files\Garena\safedrv.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);E:\Program Files\Google\Update\GoogleUpdate.exe [25.9.2010 11:40:56 135664]
S3 hwusbdev;Huawei DataCard USB PNP Device;E:\WINDOWS\system32\drivers\ewusbdev.sys [6.3.2011 20:06:57 100736]
S3 PAC207;PC Camer@;E:\WINDOWS\system32\drivers\PFC027.SYS [20.11.2006 8:48:40 506112]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);E:\WINDOWS\system32\drivers\ssudmdm.sys [25.12.2011 20:13:02 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);E:\WINDOWS\system32\drivers\ssudserd.sys [25.12.2011 20:13:05 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16:28 753504]
S4 ICQ Service;ICQ Service;E:\Program Files\ICQ6Toolbar\ICQ Service.exe --> E:\Program Files\ICQ6Toolbar\ICQ Service.exe [?]
S4 PCAutoShutdown_Service;PCAutoShutdown_Service;E:\Program Files\PC Auto Shutdown\ShutdownService.exe [5.12.2010 1:29:47 441624]

Obsah adresáře 'Naplánované úlohy'

2012-02-22 E:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- E:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-25 10:40:56 . 2010-09-25 10:40:52]

2012-02-22 E:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- E:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-25 10:40:56 . 2010-09-25 10:40:52]

2012-02-22 E:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
- E:\Program Files\Ask.com\UpdateTask.exe [2012-01-03 15:31:32 . 2012-01-03 15:31:32]


------- Doplňkový sken -------

uStart Page = hxxp://eu.ask.com/?l=dis&o=15510
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://startsear.ch/?aff=1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - E:\WINDOWS\system32\GPhotos.scr/200
IE: Download all by FlashGet3 - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: ????3?? - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - E:\Documents and Settings\Machr\Data aplikací\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&appid=589&systemid=1&sr=0&q=
FF - prefs.js: network.proxy.ftp - 193.165.79.13
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 193.165.79.13
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 193.165.79.13
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 193.165.79.13
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-10 - (no file)
WebBrowser-{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - (no file)
MSConfigStartUp-DaemonTools_WhenUSave_Installer - E:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe
MSConfigStartUp-DivX Download Manager - E:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
MSConfigStartUp-DivXUpdate - E:\Program Files\DivX\DivX Update\DivXUpdate.exe
MSConfigStartUp-ICQ - E:\Program Files\ICQ7.4\ICQ.exe
MSConfigStartUp-LogMeIn Hamachi Ui - E:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
MSConfigStartUp-NokiaMusic FastStart - E:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe
MSConfigStartUp-QuickTime Task - E:\Program Files\QuickTime\qttask.exe
MSConfigStartUp-Start WingMan Profiler - E:\Program Files\Logitech\Gaming Software\LWEMon.exe
MSConfigStartUp-Vidalia - E:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
AddRemove-LucasArts' Star Wars: Episode I Racer - g:\games\Star Wars Racer\DeIsL1.isu
AddRemove-TmSunrise_is1 - G:\Games\TrackMania Sunrise\unins000.exe
AddRemove-TrackMania 2_is1 - G:\Games\TrackMania 2\unins000.exe
AddRemove-01_Simmental - E:\Program Files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - E:\Program Files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - E:\Program Files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - E:\Program Files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - E:\Program Files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - E:\Program Files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - E:\Program Files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - E:\Program Files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - E:\Program Files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - E:\Program Files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - E:\Program Files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - E:\Program Files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - E:\Program Files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - E:\Program Files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - E:\Program Files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - E:\Program Files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - E:\Program Files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - E:\Program Files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - E:\Program Files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - E:\Program Files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - E:\Program Files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31} - G:\Games\Full Tilt Poker\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-22 16:51:59
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

Jeste tam toho dost je, snad se CF ted chytne

Opet se prihlaste do nouzoveho rezimu

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  E:\Program Files\Ask.com
  E:\Documents and Settings\Machr\Local Settings\Data aplikací\AskToolbar
  E:\Documents and Settings\Machr\Local Settings\Data aplikací\Facebook\Update
  E:\Program Files\DAEMON Tools Toolbar
  
  File::
  E:\Program Files\vShare.tv plugin\BarLcher.dll
  E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\askcom.xml
  E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\daemon-search.xml
  E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\icqplugin-1.xml
  E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\icqplugin-2.xml
  E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\icqplugin.xml
  E:\WINDOWS\tasks\AppleSoftwareUpdate.job
  E:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-179605362-1417001333-1003Core.job
  E:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-179605362-1417001333-1003UA.job
  E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  E:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
  
  Restore::
  E:\WINDOWS\system32\drivers\tcpip.sys
  
  Registry::
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
  [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  "{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
  [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
  [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
  [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "ApnUpdater"=-
  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
  "CTFMON.EXE"=-
  [-HKLM\~\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Auto Shutdown]
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "AntiVirusOverride"=dword:00000000
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLs"=""
  
  Driver::
  gupdate
  gupdatem
  gupdate1ca300ec6a5bc4a
  gusvc
  
  DDS::
  uStart Page = hxxp://eu.ask.com/?l=dis&o=15510
  mStart Page = hxxp://startsear.ch/?aff=1
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  
  Firefox::
  FF - ProfilePath - E:\Documents and Settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\
  FF - prefs.js: network.proxy.ftp - 193.165.79.13
  FF - prefs.js: network.proxy.ftp_port - 3128
  FF - prefs.js: network.proxy.http - 193.165.79.13
  FF - prefs.js: network.proxy.http_port - 3128
  FF - prefs.js: network.proxy.socks - 193.165.79.13
  FF - prefs.js: network.proxy.socks_port - 3128
  FF - prefs.js: network.proxy.ssl - 193.165.79.13
  FF - prefs.js: network.proxy.ssl_port - 3128
  FF - prefs.js: network.proxy.type - 0
  
  ClearJavaCache::
  
  AtJob::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Tak du na to.. jeste bych rad rek ze v tom nouzovem rezimu mi to stale hlasi ten program ze je zaply muj antivir AVAST i kdyz jsem ho vypinal a sam avast hlasi ze je vypnut..

Tak v nouzovem rezimu jsem radsi zustal i po prvnim restartu a vse se dodelalo tak jak ma... takze zde davam log a jdu zpet na normal system:

ComboFix 12-02-22.01 - Administrator 22.02.2012 20:16:00.5.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1622 [GMT 1:00]
Spuštěný z: e:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\askcom.xml"
"e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\daemon-search.xml"
"e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\icqplugin-1.xml"
"e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\icqplugin-2.xml"
"e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\searchplugins\icqplugin.xml"
"e:\program files\vShare.tv plugin\BarLcher.dll"
"e:\windows\tasks\AppleSoftwareUpdate.job"
"e:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-179605362-1417001333-1003Core.job"
"e:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-179605362-1417001333-1003UA.job"
"e:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"e:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"e:\windows\tasks\Scheduled Update for Ask Toolbar.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\program files\Ask.com
e:\program files\Ask.com\assets\oobe\b.png
e:\program files\Ask.com\assets\oobe\bl.png
e:\program files\Ask.com\assets\oobe\br.png
e:\program files\Ask.com\assets\oobe\l.png
e:\program files\Ask.com\assets\oobe\pointer.png
e:\program files\Ask.com\assets\oobe\r.png
e:\program files\Ask.com\assets\oobe\t.png
e:\program files\Ask.com\assets\oobe\tl.png
e:\program files\Ask.com\assets\oobe\tr.png
e:\program files\Ask.com\cobrand.ico
e:\program files\Ask.com\config.xml
e:\program files\Ask.com\favicon.ico
e:\program files\Ask.com\fv_353.ico
e:\program files\Ask.com\GenericAskToolbar.dll
e:\program files\Ask.com\mupcfg.xml
e:\program files\Ask.com\precache.exe
e:\program files\Ask.com\SaUpdate.exe
e:\program files\Ask.com\Updater\config.xml
e:\program files\Ask.com\Updater\Updater.exe
e:\program files\Ask.com\UpdateTask.exe
e:\program files\vShare.tv plugin\BarLcher.dll
e:\windows\tasks\GoogleUpdateTaskMachineCore.job
e:\windows\tasks\GoogleUpdateTaskMachineUA.job
e:\windows\tasks\Scheduled Update for Ask Toolbar.job
.
---- Předchozí spuštění -------
.
C:\install.exe
e:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
e:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
e:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
e:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
e:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
e:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
e:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
e:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
e:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
e:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
e:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
e:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
e:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
e:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
e:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
e:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
e:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
e:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
e:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
e:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
e:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST
e:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
e:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF
e:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
e:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
e:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
e:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
e:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
e:\program files\MyWebSearch\bar\1.bin\M3IEOVR.DLL
e:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
e:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
e:\program files\MyWebSearch\bar\1.bin\M3MSG.DLL
e:\program files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
e:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
e:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
e:\program files\MyWebSearch\bar\1.bin\M3SKNLCR.DLL
e:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
e:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
e:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
e:\program files\MyWebSearch\bar\1.bin\M3TPINST.DLL
e:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
e:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
e:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
e:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
e:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
e:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
e:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
e:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL
e:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
e:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
e:\program files\MyWebSearch\bar\Cache\006FE34F
e:\program files\MyWebSearch\bar\Cache\0128E83D.bin
e:\program files\MyWebSearch\bar\Cache\0128EEF4.bin
e:\program files\MyWebSearch\bar\Cache\0128F6E3.bin
e:\program files\MyWebSearch\bar\Cache\0AD0909F
e:\program files\MyWebSearch\bar\Cache\0AD095DF
e:\program files\MyWebSearch\bar\Cache\0AD09756.bin
e:\program files\MyWebSearch\bar\Cache\0AD098FC.bmp
e:\program files\MyWebSearch\bar\Cache\0AD0993B.bin
e:\program files\MyWebSearch\bar\Cache\0AD099B8.bin
e:\program files\MyWebSearch\bar\Cache\0AD09A44.bin
e:\program files\MyWebSearch\bar\Cache\0AD09A83.bin
e:\program files\MyWebSearch\bar\Cache\files.ini
e:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
e:\program files\MyWebSearch\bar\Game\CHESS.F3S
e:\program files\MyWebSearch\bar\Game\REVERSI.F3S
e:\program files\MyWebSearch\bar\gen1\COMMON.F3S
e:\program files\MyWebSearch\bar\History\search3
e:\program files\MyWebSearch\bar\icons\CM.ICO
e:\program files\MyWebSearch\bar\icons\MFC.ICO
e:\program files\MyWebSearch\bar\icons\PSS.ICO
e:\program files\MyWebSearch\bar\icons\SMILEY.ICO
e:\program files\MyWebSearch\bar\icons\WB.ICO
e:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
e:\program files\MyWebSearch\bar\IE9Mesg\COMMON.F3S
e:\program files\MyWebSearch\bar\jsifb\COMMON.F3S
e:\program files\MyWebSearch\bar\Message\COMMON.F3S
e:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
e:\program files\MyWebSearch\bar\Notifier\DOG.F3S
e:\program files\MyWebSearch\bar\Notifier\FISH.F3S
e:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
e:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
e:\program files\MyWebSearch\bar\Notifier\MAID.F3S
e:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
e:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
e:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
e:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
e:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
e:\program files\MyWebSearch\bar\Overlay\COMMON.F3S
e:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
e:\program files\MyWebSearch\bar\Settings\s_pid.dat
e:\program files\MyWebSearch\bar\wbnotify\COMMON.F3S
e:\windows\pkunzip.pif
e:\windows\pkzip.pif
e:\windows\system32\drivers\etc\hosts.ics
e:\windows\system32\f3PSSavr.scr
e:\windows\system32\muzapp.exe
e:\windows\system32\tmp14B.tmp
e:\windows\system32\tmp14C.tmp
.
Nakažená kopie e:\windows\system32\drivers\tcpip.sys byla nalezena a vyléčena.
Obnovena kopie z - e:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
-------\Legacy_GUPDATE1CA300EC6A5BC4A
-------\Legacy_GUSVC
-------\Service_gupdate1ca300ec6a5bc4a
-------\Service_gupdatem
-------\Service_gusvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-22 do 2012-02-22 )))))))))))))))))))))))))))))))
.
.
2012-02-22 19:10 . 2012-02-22 19:10 -------- d-sh--w- e:\documents and settings\Administrator\PrivacIE
2012-02-22 15:37 . 2012-02-22 15:37 -------- d-----w- e:\documents and settings\Administrator\Local Settings\Data aplikací\Google
2012-02-20 14:58 . 2012-02-20 14:58 -------- d-----w- e:\program files\PhotoFiltre
2012-02-20 14:55 . 2012-02-20 14:55 -------- d-----w- e:\program files\IrfanView
2012-02-14 17:01 . 2012-02-14 17:01 -------- d-----w- e:\documents and settings\Jan sádelník Vorel\Local Settings\Data aplikací\Google
2012-02-12 07:58 . 2012-02-12 08:52 -------- d-----w- e:\program files\Counter-Strike Source
2012-02-10 10:00 . 2012-02-22 12:30 -------- d-----w- e:\documents and settings\All Users\Data aplikací\PMB Files
2012-02-10 07:39 . 2012-02-10 07:39 -------- d-----w- e:\documents and settings\All Users\Data aplikací\ATI
2012-02-10 07:34 . 2012-02-10 07:34 -------- d-----w- e:\program files\AMD APP
2012-02-10 07:30 . 2012-02-10 07:30 -------- d-----w- E:\AMD
2012-02-07 09:54 . 2012-02-07 09:54 -------- d-----w- E:\ProgramData
2012-02-07 09:54 . 2012-02-08 11:45 -------- d-----w- e:\program files\Electronic Arts
2012-02-03 09:29 . 2012-02-03 09:29 42392 ----a-w- e:\windows\system32\xfcodec.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-20 15:47 . 2011-05-23 13:44 414368 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- e:\windows\system32\GPhotos.scr
2011-12-20 07:39 . 2011-10-10 12:03 100368 ----a-w- e:\windows\system32\drivers\AtihdXP3.sys
2011-12-06 03:42 . 2008-02-26 05:51 7490560 ----a-w- e:\windows\system32\drivers\ati2mtag.sys
2011-12-06 03:39 . 2008-09-24 01:56 311296 ----a-w- e:\windows\system32\atiiiexx.dll
2011-12-06 03:26 . 2009-05-16 01:35 57344 ----a-w- e:\windows\system32\aticalrt.dll
2011-12-06 03:26 . 2009-05-16 01:34 53248 ----a-w- e:\windows\system32\aticalcl.dll
2011-12-06 03:19 . 2009-05-16 01:33 7376896 ----a-w- e:\windows\system32\aticaldd.dll
2011-12-06 03:07 . 2008-09-24 02:09 19357696 ----a-w- e:\windows\system32\atioglxx.dll
2011-12-06 02:55 . 2008-09-24 02:18 466944 ----a-w- e:\windows\system32\ATIDEMGX.dll
2011-12-06 02:54 . 2008-02-26 03:10 304640 ----a-w- e:\windows\system32\ati2dvag.dll
2011-12-06 02:49 . 2008-02-26 02:49 5334656 ----a-w- e:\windows\system32\ati3duag.dll
2011-12-06 02:39 . 2011-08-01 13:09 956160 ----a-w- e:\windows\system32\ativvamv.dll
2011-12-06 02:33 . 2008-09-24 02:07 212992 ----a-w- e:\windows\system32\atipdlxx.dll
2011-12-06 02:33 . 2008-02-26 03:02 155648 ----a-w- e:\windows\system32\Oemdspif.dll
2011-12-06 02:32 . 2008-09-24 02:06 26112 ----a-w- e:\windows\system32\Ati2mdxx.exe
2011-12-06 02:32 . 2008-09-24 02:06 43520 ----a-w- e:\windows\system32\ati2edxx.dll
2011-12-06 02:32 . 2008-02-26 03:01 192512 ----a-w- e:\windows\system32\ati2evxx.dll
2011-12-06 02:31 . 2008-09-24 02:04 643072 ----a-w- e:\windows\system32\ati2evxx.exe
2011-12-06 02:29 . 2008-09-24 02:03 53248 ----a-w- e:\windows\system32\ATIDDC.DLL
2011-12-06 02:29 . 2008-02-26 02:41 3307776 ----a-w- e:\windows\system32\ativvaxx.dll
2011-12-06 02:28 . 2010-11-05 12:28 159744 ----a-w- e:\windows\system32\atiapfxx.exe
2011-12-06 02:24 . 2008-09-24 01:20 806912 ----a-w- e:\windows\system32\atikvmag.dll
2011-12-06 02:21 . 2008-09-24 01:18 602112 ----a-w- e:\windows\system32\atiok3x2.dll
2011-12-06 02:19 . 2009-05-16 02:31 233472 ----a-w- e:\windows\system32\atiadlxx.dll
2011-12-06 02:18 . 2011-08-01 13:09 17408 ----a-w- e:\windows\system32\atitvo32.dll
2011-12-06 02:12 . 2008-02-26 02:16 884736 ----a-w- e:\windows\system32\ati2cqag.dll
2011-12-06 02:12 . 2008-09-24 01:18 53248 ----a-w- e:\windows\system32\drivers\ati2erec.dll
2011-12-06 02:10 . 2009-05-16 02:38 65024 ----a-w- e:\windows\system32\atimpc32.dll
2011-12-06 02:10 . 2008-02-26 02:29 65024 ----a-w- e:\windows\system32\amdpcom32.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- e:\windows\system32\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- e:\windows\system32\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- e:\windows\system32\amdocl.dll
2011-12-05 21:02 . 2011-12-05 21:02 44032 ----a-w- e:\windows\system32\OpenCL.dll
2011-11-29 15:38 . 2011-11-29 15:38 143360 ----a-w- e:\windows\system32\3DAudio.ax
2011-11-29 15:38 . 2011-11-29 15:38 14336 ----a-w- e:\windows\system32\avrt.dll
2011-12-30 17:49 . 2011-03-26 21:07 121816 ----a-w- e:\program files\mozilla firefox\components\browsercomps.dll
2009-04-07 18:52 . 2009-04-07 18:52 28672 -c--a-w- e:\program files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58 . 2008-10-19 09:58 49152 -c--a-w- e:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-08-09 21:14 . 2009-08-09 21:14 49152 -c--a-w- e:\program files\mozilla firefox\components\SuperSearchXPCOM.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-22_15.52.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-09 09:52 . 2008-06-20 11:59 361600 e:\windows\system32\drivers\tcpip.sys
- 2009-07-09 09:52 . 2008-06-20 11:51 361600 e:\windows\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- e:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"amd_dc_opt"="e:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"RTHDCPL"="RTHDCPL.EXE" [2011-08-17 20064872]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 98304]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DaemonTools_WhenUSave_Installer]
e:\program files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
e:\program files\DivX\DivX Plus Web Player\DDmService.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
e:\program files\DivX\DivX Update\DivXUpdate.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 -c--a-w- e:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
e:\program files\ICQ7.4\ICQ.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-01-20 03:59 3365688 ----a-w- e:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
e:\program files\LogMeIn Hamachi\hamachi-2-ui.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2006-11-03 10:01 319488 -c--a-w- e:\windows\PixArt\Pac207\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
e:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
e:\program files\QuickTime\qttask.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
e:\program files\Logitech\Gaming Software\LWEMon.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
e:\program files\Vidalia Bundle\Vidalia\vidalia.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PCAutoShutdown_Service"=2 (0x2)
"ICQ Service"=2 (0x2)
"ameisvc"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"g:\\Games\\The Battle for Middle-earth (tm) II\\game.dat"=
"e:\\Program Files\\mIRC\\mirc.exe"=
"g:\\Games\\UT 3 CZ\\Binaries\\UT3.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW-lanfix 1.5.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW_LANFixed.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\BackgroundDownloader.exe"=
"e:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"e:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 5\\server.exe"=
"e:\\Program Files\\HLSW\\hlsw.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"g:\\Games\\NHL 2004\\nhl2004.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0-enGB-downloader.exe"=
"g:\\Games\\TmNationsForever\\TmForever.exe"=
"e:\\Program Files\\SopCast\\SopCast.exe"=
"e:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"g:\\Games\\Modern Warfare 2\\iw4sp.exe"=
"g:\\Games\\Modern Warfare 2\\iw4mp.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"=
"e:\\Program Files\\QIP\\qip.exe"=
"e:\\Documents and Settings\\hip-hop forever\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"e:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"g:\\Games\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"e:\\WINDOWS\\system32\\dplaysvr.exe"=
"g:\\Games\\Age of Empires 2\\age2_x1\\age2_x1.exe"=
"g:\\Games\\CoH\\RelicCOH.exe"=
"g:\\Games\\Age of Empires 2\\empires2.exe"=
"e:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
"g:\\Games\\Left4Dead 2\\left4dead2.exe"=
"g:\\Games\\Crysis\\Bin32\\Crysis.exe"=
"g:\\Games\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"g:\\Games\\Modern Warfare 2\\LanLaunch.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaWmp.exe"=
"g:\\Games\\GTA IV\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"g:\\Games\\GTA IV\\Grand Theft Auto IV\\GTAIV.exe"=
"e:\\Program Files\\Garena\\Garena.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"g:\\Games\\FIFA 11\\Game\\FIFA.exe"=
"e:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"g:\\Games\\FlatOut 2\\FlatOut2.exe"=
"e:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"g:\\Games\\BFME-ROTWK\\game.dat"=
"g:\\Games\\CSS s addony\\hl2.exe"=
"e:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"e:\\Documents and Settings\\hip-hop forever\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"e:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"e:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"g:\\Games\\Killing floor\\System\\KillingFloor.exe"=
"e:\\DC ++\\StrongDC++\\StrongDC.exe"=
"e:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"e:\\Program Files\\Xfire\\Xfire.exe"=
"e:\\Program Files\\QIP8095\\qip.exe"=
"g:\\Games\\Modern Warfare 2\\iw4mp.dat"=
"g:\\Games\\Crysis 2\\bin32\\Crysis2.exe"=
"e:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"e:\\Program Files\\ICQ7.5\\ICQ.exe"=
"g:\\Games\\LittleFighter2\\LF2_v2.0a\\lf2.exe"=
"g:\\Games\\FEAR 3\\F.E.A.R. 3\\F.E.A.R. 3.exe"=
"g:\\Games\\NHL 09\\nhl2009.exe"=
"g:\\Games\\BFME\\game.dat"=
"g:\\Games\\League of Legends\\lol.launcher.exe"=
"g:\\Games\\Worms Armageddon\\WA.exe"=
"g:\\Games\\dead island\\deadislandgame.exe"=
"g:\\Games\\Virtua Tennis 4\\VT4.exe"=
"g:\\Games\\Grand Theft Auto IV - Episodes From Liberty City\\EFLC.exe"=
"g:\\Hry - INSTALACE\\FIFA 12 [MULTI5] CZ\\FIFA 12 [MULTI5] CZ\\Game\\fifa.exe"=
"g:\\Games\\GTA IV\\Grand Theft Auto IV\\RGSC\\RGSCLauncher.exe"=
"e:\\Program Files\\Hamachi\\hamachi.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"e:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"e:\\Program Files\\Counter-Strike Source\\hl2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"58538:TCP"= 58538:TCP:Pando Media Booster
"58538:UDP"= 58538:UDP:Pando Media Booster
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"6996:TCP"= 6996:TCP:League of Legends Launcher
"6996:UDP"= 6996:UDP:League of Legends Launcher
"6948:TCP"= 6948:TCP:League of Legends Launcher
"6948:UDP"= 6948:UDP:League of Legends Launcher
"6924:TCP"= 6924:TCP:League of Legends Launcher
"6924:UDP"= 6924:UDP:League of Legends Launcher
"6936:TCP"= 6936:TCP:League of Legends Launcher
"6936:UDP"= 6936:UDP:League of Legends Launcher
"8397:TCP"= 8397:TCP:League of Legends Launcher
"8397:UDP"= 8397:UDP:League of Legends Launcher
"6917:TCP"= 6917:TCP:League of Legends Launcher
"6917:UDP"= 6917:UDP:League of Legends Launcher
"6983:TCP"= 6983:TCP:League of Legends Launcher
"6983:UDP"= 6983:UDP:League of Legends Launcher
"6928:TCP"= 6928:TCP:League of Legends Launcher
"6928:UDP"= 6928:UDP:League of Legends Launcher
"6979:TCP"= 6979:TCP:League of Legends Launcher
"6979:UDP"= 6979:UDP:League of Legends Launcher
"8398:TCP"= 8398:TCP:League of Legends Launcher
"8398:UDP"= 8398:UDP:League of Legends Launcher
"8393:TCP"= 8393:TCP:League of Legends Lobby
"8393:UDP"= 8393:UDP:League of Legends Lobby
"8390:TCP"= 8390:TCP:League of Legends Game Client
"8390:UDP"= 8390:UDP:League of Legends Game Client
"6961:TCP"= 6961:TCP:League of Legends Launcher
"6961:UDP"= 6961:UDP:League of Legends Launcher
"58268:TCP"= 58268:TCP:Pando Media Booster
"58268:UDP"= 58268:UDP:Pando Media Booster
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;e:\windows\system32\drivers\dtsoftbus01.sys [22.7.2011 15:00 218688]
S0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [15.7.2009 23:18 691696]
S1 aswSnx;aswSnx;e:\windows\system32\drivers\aswSnx.sys [10.3.2011 14:23 371544]
S1 aswSP;aswSP;e:\windows\system32\drivers\aswSP.sys [18.11.2009 19:26 301528]
S2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [18.11.2009 19:26 19544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 dgdersvc;Device Error Recovery Service;e:\windows\system32\dgdersvc.exe [20.1.2011 3:01 95568]
S2 FsUsbExService;FsUsbExService;e:\windows\system32\FsUsbExService.Exe [28.12.2011 11:47 217088]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;"e:\program files\LogMeIn Hamachi\hamachi-2.exe" -s --> e:\program files\LogMeIn Hamachi\hamachi-2.exe [?]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [15.7.2009 11:10 1691480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;e:\windows\system32\drivers\AtihdXP3.sys [10.10.2011 13:03 100368]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);e:\windows\system32\drivers\ssudbus.sys [25.12.2011 20:13 78136]
S3 dgderdrv;dgderdrv;e:\windows\system32\drivers\dgderdrv.sys [20.1.2011 3:01 18120]
S3 flashusb;flashusb;e:\windows\system32\drivers\flashusb.sys [25.12.2011 20:12 16384]
S3 FsUsbExDisk;FsUsbExDisk;e:\windows\system32\FsUsbExDisk.Sys [28.12.2011 11:47 36640]
S3 GarenaPEngine;GarenaPEngine;\??\e:\docume~1\Machr\LOCALS~1\Temp\WXV1B0.tmp --> e:\docume~1\Machr\LOCALS~1\Temp\WXV1B0.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\e:\program files\Garena\safedrv.sys --> e:\program files\Garena\safedrv.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;e:\windows\system32\drivers\ewusbdev.sys [6.3.2011 20:06 100736]
S3 PAC207;PC Camer@;e:\windows\system32\drivers\PFC027.SYS [20.11.2006 8:48 506112]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);e:\windows\system32\drivers\ssudmdm.sys [25.12.2011 20:13 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);e:\windows\system32\drivers\ssudserd.sys [25.12.2011 20:13 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;e:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 ICQ Service;ICQ Service;e:\program files\ICQ6Toolbar\ICQ Service.exe --> e:\program files\ICQ6Toolbar\ICQ Service.exe [?]
S4 PCAutoShutdown_Service;PCAutoShutdown_Service;e:\program files\PC Auto Shutdown\ShutdownService.exe [5.12.2010 1:29 441624]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - e:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-LucasArts' Star Wars: Episode I Racer - g:\games\Star Wars Racer\DeIsL1.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-22 20:25
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\e:\docume~1\Machr\LOCALS~1\Temp\WXV1B0.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-448539723-179605362-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,eb,94,10,5d,15,53,1f,41,ac,23,cb,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,eb,94,10,5d,15,53,1f,41,ac,23,cb,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(636)
e:\windows\system32\Ati2evxx.dll
e:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1188)
e:\windows\system32\msi.dll
.
Celkový čas: 2012-02-22 20:28:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-22 19:28
.
Před spuštěním: Volných bajtů: 12 389 228 544
Po spuštění: Volných bajtů: 12 357 976 064
.
- - End Of File - - EC8AC0509B7F3C56FBDC0219E2A7E196

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :reg
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
========== FILES ==========
File/Folder E:\WINDOWS\system32\*.tmp.dll not found.
File/Folder E:\WINDOWS\system32\SET*.tmp not found.
E:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
========== COMMANDS ==========
E:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2026767 bytes
->Google Chrome cache emptied: 11563320 bytes
->Flash cache emptied: 497 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41 bytes

User: hip-hop forever
->Temp folder emptied: 50086002 bytes
->Temporary Internet Files folder emptied: 29610196 bytes
->Java cache emptied: 949619 bytes
->FireFox cache emptied: 74023400 bytes
->Google Chrome cache emptied: 247424996 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1621484 bytes

User: Jan sádelník Vorel
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Machr
->Temp folder emptied: 757698 bytes
->Temporary Internet Files folder emptied: 74648302 bytes
->Java cache emptied: 1714976 bytes
->FireFox cache emptied: 219155930 bytes
->Google Chrome cache emptied: 16973206 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2890263 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 880408 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 700,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: hip-hop forever
->Flash cache emptied: 0 bytes

User: Jan sádelník Vorel
->Flash cache emptied: 0 bytes

User: LocalService

User: Machr
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 02232012_123744

Files moved on Reboot...
File move failed. E:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

nuže? čekám na další kroky Pěkně prosím

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Napiste co PC

Predem moc deuji za vycerpavajici peci

Ty restarty za sebou mi ted pekne dali pac se mi PC spousti nekdy i 20 minut.. (win se proste spusti po strasne dobe i kdyz je videt plocha atd.. jen nez se ozve uvodni znelka WIN trva to dlouho a do te doby nejde nic delat :/) ale jinak snad vse v cajku...

Ted tedy provadim defregmentaci.. u prvniho disku jsem mel 95% a pisete ze kdyz je vic jak 5% uz se to ma delat takze to asi bude pekne zaneradene.. pak hodim info po defragmentaci...

No ta defrag by mu mela asi pomoci, 95% uz je extrem extremu

No tak prvni disk co ma jen 19GB je hotov a stale je na 79%.... Dalsi disk ma 500GB takze nechci snad ani odhadovat jak dlouho se to bude delat.. :/

Muzu spustit defragmentaci na disku ktery "pouzivam" tedy spoustim z nej programy (hry) ?