Kontrola logu - díky

Zpráva

Milan Nehasil · #16 Příspěvek od **Milan Nehasil** » 28 lis 2011 14:47

OK, spustím to znova, ale mám dojem, že nic jinýho mi to nevygenerovalo.
Jinak jsem vše udělal podle pokynů. Odinstaoval ty toolbary. SpyBot už byl odinstalovaný před tím. Je tam jen SpyWare Terminator. MBAM běží.
Ď.

#17 Příspěvek od **Mc_Murphy** » 28 lis 2011 14:57

Tvůj dojem je - opět - špatný. Po správném aplikování scriptu se generuje diametrálně odlišný log...

Toolbary - aspoň něco...

Spybot předtím - opět - odinstalovaný nebyl...

Počkám si na oba logy...

P.

Milan Nehasil · #18 Příspěvek od **Milan Nehasil** » 28 lis 2011 16:39

no nejsem zase taková trubka abych neuměl udělat Ctrt C a Ctrl V. Něco je asi špatně, protože se opět vygeneroval jen jeden log. Pro názornost posílám snímek obrazovky.

takže posílám tady log OTL:

OTL logfile created on: 2011-11-28 16:17:39 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\martin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 60.94% Memory free
2.63 Gb Paging File | 2.03 Gb Available in Paging File | 77.10% Paging File free
Paging file location(s): C:\pagefile.sys 800 2500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 14.05 Gb Free Space | 9.43% Space Free | Partition Type: NTFS

Computer Name: HOME-Q95W1Q7965 | User Name: martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011-11-28 07:08:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martin\Plocha\OTL.exe
PRC - [2011-10-08 05:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-03-21 22:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011-03-01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011-03-01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010-11-08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010-09-17 15:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2009-04-02 17:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009-03-31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008-04-14 04:22:26 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008-04-14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-10-17 15:02:50 | 001,114,112 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2007-09-05 20:12:13 | 000,065,536 | ---- | M] (Northcode Inc.) -- C:\WINDOWS\NCLAUNCH.EXe
PRC - [2005-10-28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005-06-08 15:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005-06-08 14:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2004-09-25 01:20:10 | 002,557,952 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004-09-24 03:27:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (No Company Name) ==========

MOD - [2011-03-21 22:10:36 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011-03-21 22:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2008-10-11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008-09-17 22:55:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008-09-16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006-07-12 14:36:36 | 001,167,360 | ---- | M] () -- C:\Program Files\RALINK\Common\acAuth.dll

========== Win32 Services (SafeList) ==========

SRV - [2011-10-08 05:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-03-01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011-03-01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010-11-08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2009-03-31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-04-14 04:22:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008-04-14 04:22:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transport Protocol (SMTP)
SRV - [2008-04-14 04:22:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008-04-07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - [2010-09-17 15:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010-09-17 15:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2009-03-31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2008-09-11 18:18:38 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\STEC3.sys -- (STEC3)
DRV - [2007-09-17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-07-28 16:10:18 | 000,483,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2007-06-25 10:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007-06-25 10:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007-06-25 10:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007-06-25 10:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007-06-25 10:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007-06-25 10:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007-06-25 10:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007-01-12 19:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006-07-10 17:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006-07-05 13:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006-06-14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006-05-09 09:27:30 | 000,013,824 | R--- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt)
DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004-09-25 01:27:32 | 002,276,672 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004-09-03 18:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004-09-03 18:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004-07-19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004-06-07 04:43:52 | 000,036,484 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel (R)
DRV - [2004-03-17 15:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004-03-08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [1999-09-10 12:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.sys -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.Google.com
IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Haihaisoft Universal Player\Codec\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Haihaisoft Universal Player\Codec\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-03-31 11:28:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-03-31 11:28:13 | 000,000,000 | ---D | M]

[2009-02-05 18:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\martin\Data aplikací\Mozilla\Firefox\extensions
[2009-02-05 18:46:26 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\martin\Data aplikací\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - Extension: No name found = C:\Documents and Settings\martin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: No name found = C:\Documents and Settings\martin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

O1 HOSTS File: ([2011-11-24 07:07:07 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe (Northcode Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1454471165-1177238915-682003330-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1454471165-1177238915-682003330-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 8975562765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F6198C9-72F9-4061-B066-386607D0BC73}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - File not found
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 () - http://sphotos.ak.fbcdn.net/hphotos-ak- ... 9354_n.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-02-10 14:20:49 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7ef966ae-8e02-11dc-bd77-001320621dbd}\Shell - "" = AutoRun
O33 - MountPoints2\{7ef966ae-8e02-11dc-bd77-001320621dbd}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\...exe [@ = exefile] -- Reg Error: Key error. File not found

[CLEARALLRESTOREPOINTS]
Error creating restore point.

========== Files/Folders - Created Within 7 Days ==========

[2011-11-28 14:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martin\Data aplikací\Malwarebytes
[2011-11-28 14:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011-11-28 14:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011-11-28 14:13:32 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-11-28 14:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-11-28 14:13:14 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\martin\Plocha\mbam-setup-1.51.2.1300.exe
[2011-11-28 12:55:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martin\Local Settings\Data aplikací\LogMeIn
[2011-11-28 12:55:46 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011-11-28 12:55:45 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011-11-28 12:55:45 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2011-11-28 12:55:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011-11-28 12:55:35 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011-11-28 12:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2011-11-28 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2011-11-28 12:50:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\martin\Recent
[2011-11-28 10:26:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
[2011-11-28 10:26:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
[2011-11-28 10:25:40 | 000,602,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\easyupdatusapiu.dll
[2011-11-28 10:22:57 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2011-11-28 10:22:53 | 000,919,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2011-11-28 10:22:53 | 000,877,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2011-11-28 10:22:51 | 017,240,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2011-11-28 10:22:51 | 002,398,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2011-11-28 10:22:51 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2011-11-28 10:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011-11-28 10:20:50 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011-11-28 10:20:13 | 089,643,496 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\martin\Plocha\285.58-desktop-winxp-32bit-english-whql.exe
[2011-11-28 07:56:58 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\martin\Plocha\OTL.exe
[2011-11-25 11:09:30 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF26549.exe
[2011-11-25 10:19:15 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-11-25 10:16:21 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF16050.exe
[2011-11-25 09:38:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martin\Data aplikací\AVG
[2011-11-25 09:14:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011-11-25 09:11:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-11-25 09:11:22 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-11-25 09:11:22 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-11-25 09:11:22 | 000,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe
[2011-11-25 09:11:22 | 000,029,696 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-11-25 09:11:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-11-25 09:11:14 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF3344.exe
[2011-11-25 09:11:01 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-11-25 08:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-11-25 08:57:34 | 000,000,000 | ---D | C] -- C:\rsit
[2011-11-24 12:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2011-11-24 12:49:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011-11-24 11:42:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2011-11-24 07:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2011-11-24 07:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Spyware Terminator 2012
[2011-11-24 07:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2011-11-23 11:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011-11-28 16:12:45 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\lmptqe.sys
[2011-11-28 15:51:02 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-11-28 14:51:02 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-11-28 14:13:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011-11-28 14:06:40 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\martin\Plocha\mbam-setup-1.51.2.1300.exe
[2011-11-28 12:55:34 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011-11-28 12:50:16 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-11-28 12:50:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2011-11-28 12:48:28 | 015,292,928 | ---- | M] () -- C:\Documents and Settings\martin\Plocha\logmein.msi
[2011-11-28 11:57:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-11-28 10:50:55 | 000,530,510 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011-11-28 10:50:55 | 000,495,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-11-28 10:50:55 | 000,121,184 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011-11-28 10:50:55 | 000,085,476 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-11-28 10:25:35 | 000,285,176 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-11-28 10:25:35 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-11-28 10:25:30 | 000,285,176 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-11-28 10:25:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2011-11-28 10:17:30 | 089,643,496 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\martin\Plocha\285.58-desktop-winxp-32bit-english-whql.exe
[2011-11-28 10:13:41 | 000,132,608 | ---- | M] () -- C:\Documents and Settings\martin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-11-28 10:08:18 | 000,192,489 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-11-28 08:00:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011-11-28 07:53:28 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-11-28 07:47:12 | 061,657,056 | ---- | M] () -- C:\Documents and Settings\martin\Plocha\setup_av_free.exe
[2011-11-28 07:08:02 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martin\Plocha\OTL.exe
[2011-11-25 11:09:24 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF26549.exe
[2011-11-25 10:19:45 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2011-11-25 10:15:49 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF16050.exe
[2011-11-25 09:10:58 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF3344.exe
[2011-11-24 13:47:07 | 000,000,506 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011-11-24 07:11:57 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator 2012.lnk
[2011-11-24 07:09:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-11-24 07:07:07 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-11-23 11:56:27 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-11-28 16:12:45 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\lmptqe.sys
[2011-11-28 14:13:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011-11-28 12:55:33 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011-11-28 12:55:23 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn.lnk
[2011-11-28 12:52:43 | 015,292,928 | ---- | C] () -- C:\Documents and Settings\martin\Plocha\logmein.msi
[2011-11-28 10:25:30 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-11-28 10:25:30 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-11-28 10:25:30 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-11-28 10:25:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2011-11-28 10:22:54 | 000,003,250 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2011-11-28 10:22:52 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011-11-28 08:00:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011-11-28 07:56:35 | 061,657,056 | ---- | C] () -- C:\Documents and Settings\martin\Plocha\setup_av_free.exe
[2011-11-25 10:19:45 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011-11-25 10:19:35 | 000,261,312 | ---- | C] () -- C:\cmldr
[2011-11-25 09:11:22 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-11-25 09:11:22 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-11-25 09:11:22 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-11-25 09:11:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe
[2011-11-24 13:47:02 | 000,000,506 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011-11-24 07:11:57 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator 2012.lnk
[2011-11-24 07:09:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-11-23 11:56:27 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011-02-24 19:15:13 | 000,183,112 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011-02-22 20:05:10 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2011-01-29 14:16:37 | 000,054,132 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-07-03 18:16:04 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-07-03 18:16:03 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-07-03 18:15:10 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\martin\Data aplikací\$_hpcst$.hpc
[2010-05-16 13:51:34 | 000,000,264 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2008-09-11 18:19:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
[2008-05-26 21:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 21:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 21:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008-05-26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008-05-26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008-05-11 19:15:20 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-04-01 16:15:27 | 000,104,668 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2008-03-01 15:04:45 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008-02-02 15:09:39 | 000,023,016 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2008-02-02 15:09:39 | 000,001,008 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2008-02-02 15:09:14 | 000,058,716 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008-02-02 15:09:13 | 000,014,691 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008-02-02 15:09:11 | 000,018,097 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008-02-02 15:09:04 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008-02-01 16:59:31 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008-01-10 13:16:20 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008-01-10 13:15:30 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007-12-30 15:25:32 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007-12-30 15:24:50 | 000,008,138 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007-10-25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007-10-03 10:58:58 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\martin\Local Settings\Data aplikací\fusioncache.dat
[2007-09-04 17:56:10 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007-09-04 11:17:25 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007-06-26 13:15:14 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007-06-17 12:07:31 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007-05-11 14:34:03 | 000,000,380 | ---- | C] () -- C:\WINDOWS\Rollemup.ini
[2007-04-24 15:28:59 | 007,287,808 | ---- | C] () -- C:\WINDOWS\System32\vistaui(2)(2).exe
[2007-02-10 16:54:08 | 000,000,836 | ---- | C] () -- C:\Documents and Settings\martin\Data aplikací\ViewerApp.dat
[2007-01-28 17:46:34 | 000,000,823 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2007-01-18 18:33:21 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007-01-17 20:31:40 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007-01-16 19:42:28 | 000,132,608 | ---- | C] () -- C:\Documents and Settings\martin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-01-16 18:44:59 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007-01-16 18:44:58 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007-01-16 18:34:22 | 000,000,047 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2007-01-16 18:33:45 | 000,000,526 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2007-01-16 18:33:37 | 000,000,666 | ---- | C] () -- C:\WINDOWS\WEBTRAN4.INI
[2007-01-16 18:33:33 | 000,004,413 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2007-01-16 18:33:33 | 000,001,038 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2007-01-16 18:27:46 | 000,000,676 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2007-01-16 18:11:58 | 000,000,514 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007-01-16 17:59:09 | 000,001,076 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007-01-16 16:37:34 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTKHDAUD.DAT
[2007-01-14 14:42:40 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007-01-13 20:19:15 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
[2007-01-13 16:01:03 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007-01-13 16:00:04 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007-01-13 15:58:07 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2007-01-13 15:58:06 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007-01-13 15:58:06 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007-01-13 15:58:05 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007-01-13 15:58:05 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007-01-13 15:58:04 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007-01-13 15:58:04 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2007-01-13 15:58:04 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007-01-13 15:58:04 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2007-01-13 15:58:03 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2007-01-13 15:50:55 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007-01-13 15:36:57 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007-01-13 15:36:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2007-01-13 15:36:56 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2007-01-13 15:14:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007-01-13 15:09:15 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004-08-02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003-04-16 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003-04-16 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003-04-16 13:00:00 | 000,530,510 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2003-04-16 13:00:00 | 000,495,458 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003-04-16 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003-04-16 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2003-04-16 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003-04-16 13:00:00 | 000,121,184 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2003-04-16 13:00:00 | 000,085,476 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003-04-16 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003-04-16 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2003-04-16 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003-04-16 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003-04-16 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003-04-16 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999-01-27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997-06-13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011-11-24 07:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2007-01-16 18:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2011-11-25 10:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2008-12-30 17:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2011-03-14 22:25:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2007-02-24 15:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2010-05-24 20:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2010-05-27 19:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008-08-06 13:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011-11-28 12:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2007-07-06 13:26:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2007-03-26 13:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010-03-01 18:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ralink Driver
[2008-08-26 21:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2011-11-25 13:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2011-11-25 11:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010-07-29 08:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2008-07-27 09:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009-09-13 16:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009-04-06 18:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007-01-16 18:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\ACD Systems
[2011-11-25 09:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\AVG
[2011-01-29 13:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\com.w3i.FlipToast
[2007-02-24 15:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Datalayer
[2011-07-23 09:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\DDMSettings
[2010-07-30 00:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Desktopicon
[2011-01-29 13:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\FinalTorrent
[2007-01-13 20:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\FotoWire
[2009-07-11 18:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Haihaisoft
[2009-07-11 18:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Haihaisoft Universal Player
[2011-11-28 12:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\ICQ
[2007-01-16 20:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\ICQ Toolbar
[2007-01-16 20:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\ICQLite
[2009-12-05 10:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Image Zone Express
[2010-05-23 16:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Leadertech
[2011-11-28 11:52:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\MakeUpPilot
[2008-02-02 13:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Nokia
[2007-01-16 18:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Opera
[2008-02-02 13:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\PC Suite
[2009-02-26 18:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Printer Info Cache
[2010-07-03 18:14:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Samsung
[2007-07-29 14:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Sereniti
[2008-11-30 17:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Sony
[2007-04-23 19:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Stardock
[2007-01-24 18:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\ubi.com
[2011-01-29 13:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Uniblue
[2008-01-27 14:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Vista Start Menu
[2008-01-27 14:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\ViStart
[2008-10-21 18:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Windows Desktop Search
[2008-10-29 16:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Windows Search
[2009-06-03 15:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martin\Data aplikací\Zoner
[2011-10-30 18:08:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ostatní\Data aplikací\Windows Search
[2011-11-28 12:50:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job

========== Purity Check ==========

========== Custom Scans ==========

< :Commands >

< [emptytemp] >

< [emptyflash] >

< [resethosts] >

< [purity] >

< >

< :Services >

< gupdate >

< gupdatem >

< gusvc >

< >

< :Files >

< C:\Program Files\ICQ6Toolbar >

< C:\Program Files\Ask.com >

< C:\Program Files\uTorrentBar >

< C:\Documents and Settings\martin\Data aplikací\ICQ Toolbar >

< C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job >
[2011-11-28 14:51:02 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

< C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job >
[2011-11-28 15:51:02 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< C:\WINDOWS\Tasks\PCConfidential.job >
[2011-11-28 12:50:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job

< C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job >

< C:\Documents and Settings\martin\Data aplikací\uTorrent\Prince Of Persia 3 The Two Thrones + Crack.torrent /d >
Invalid Switch: d

< C:\Documents and Settings\martin\Data aplikací\uTorrent\Prince Of Persia The Two Thrones No-CD Crack.exe.torrent /d >
Invalid Switch: d

< C:\RECYCLER\S-1-5-21-1454471165-1177238915-682003330-1003 /d >
Invalid Switch: d

< %windir%\system32\*.tmp.dll /s >

< %windir%\system32\SET*.tmp /s >

< %windir%\*.tmp /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[18 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[18 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\CatRoot\*.tmp files -> C:\WINDOWS\system32\CatRoot\*.tmp -> ]

< >

< :OTL >

< SRV - [2010-03-28 15:47:30 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) >

< IE - HKLM\..\URLSearchHook: - No CLSID value found >

< IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) >

< IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found >

< IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) >

< IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found >

< IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) >

< IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/ >
Invalid Switch:

< IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\URLSearchHook: - No CLSID value found >

< IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) >

< IE - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) >

< [2009-02-05 18:46:26 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\martin\Data aplikací\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} >

< O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) >

< O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) >

< O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found. >

< O3 - HKLM\..\Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - No CLSID value found. >

< O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) >

< O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) >

< O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) >

< O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. >

< O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - No CLSID value found. >

< O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) >

< O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.) >

< O3 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) >

< O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) >

< O4 - Startup: C:\Documents and Settings\martin\Nabídka Start\Programy\Po spuštění\fliptoast.lnk = File not found >

< O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found >
Invalid Switch: 3000 File not found

< O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found >
Invalid Switch: cmsidewiki.html File not found

< O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found >

< O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found >

< O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found >

< O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) >

< O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.) >
Invalid Switch: jinsta ... s-i586.cab (Reg Error: Key error.)

< O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.) >
Invalid Switch: jinsta ... s-i586.cab (Reg Error: Key error.)

< O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.) >
Invalid Switch: jinsta ... s-i586.cab (Reg Error: Key error.)

< O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) >
Invalid Switch: gp.cab (Reg Error: Key error.)

< O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - File not found >

< O37 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\...com [@ = ComFile] -- Reg Error: Key error. File not found >

< O37 - HKU\S-1-5-21-1454471165-1177238915-682003330-1003\...exe [@ = exefile] -- Reg Error: Key error. File not found >

< [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >

< [18 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] >

< [18 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] >

< [3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] >

< [2 C:\WINDOWS\system32\CatRoot\*.tmp files -> C:\WINDOWS\system32\CatRoot\*.tmp -> ] >

< @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 >

< @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 >

< >

< :Reg >

< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] >

< "AlcWzrd"=- >

< "nwiz"=- >

< "SoundMan"=- >

< "Zástupce stránky vlastností sběrnice High Definition Audio"=- >

< "Alcmtr"=- >

< "LogitechVideoTray"=- >

< "ISUSPM Startup"=- >

< "ISUSScheduler"=- >

< "NeroFilterCheck"=- >

< "NvMediaCenter"=- >

< "NPSStartup"=- >

< "DivXUpdate"=- >

< "UserFaultCheck"=- >

< ""=- >

< "SunJavaUpdateSched"=- >

< [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] >

< "LogitechSoftwareUpdate"=- >

< "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- >

< "NCLaunch"=- >

< "AutoStartNPSAgent"=- >

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

Milan Nehasil · #19 Příspěvek od **Milan Nehasil** » 28 lis 2011 16:40

A tady je log z MBAM

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2011-11-28 16:10:56
mbam-log-2011-11-28 (16-10-46).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 368242
Uplynulý čas: 1 hodin, 38 minut, 59 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 4
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 4
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\URLSearchHook.SoftomateURLSearchHook (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_XMLLookup (Hijacker.XMLLookup) -> Value: bak_XMLLookup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_intl (Hijacker.intl) -> Value: bak_intl -> No action taken.

Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search13.net/) Good: (http://www.Google.com) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\XMLLookup (Hijacker.XMLLookup) -> Bad: (http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://shell.windows.com/fileassoc/file ... 04x&Ext=%s) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x ... asp?Ext=%s) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\intl (Hijacker.intl) -> Bad: (http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://shell.windows.com/fileassoc/file ... 04x&Ext=%s) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#20 Příspěvek od **Mc_Murphy** » 28 lis 2011 18:13

No nevím, kdo je trubka (tos řekl Ty), ale děláš prostě něco blbě Ty. Podle mě asi neklikáš na [Opravit], ale na [Prohledat], protože takhle log po aplikaci scanu opravdu, ale mmm opravdu nevypadá... a můžeš se dušovat jak chceš.

Nálezy MBAMu dej všechny smazat/opravit.

Milan Nehasil · #21 Příspěvek od **Milan Nehasil** » 29 lis 2011 09:00

Myslel jsem, že je to stejné nastavení jako u prvního návodu a klikal jsem na Prohledat a ne Opravit. Ovšem chová se to zase jinak než píšeš. Po skončení oprav to požádá o restart a nezobrazí se žádný log. Už to ale neřeš. Já to jdu přeinstalovat a tím se zbavím všech virů.

Díky

#22 Příspěvek od **Mc_Murphy** » 29 lis 2011 10:53

Jeden myslel, až vymyslel trakař a nakonec ho musel tlačit sám.
Příště nesváděj na rádce či na program, když něco děláš blbě, prosím.

Ano, taky řešení, když myslíš.

Naťledanou.

Milan Nehasil · #23 Příspěvek od **Milan Nehasil** » 29 lis 2011 11:10

Já jsem něco sváděl na rádce ???????
Tak to už opravdu nebudu komentovat...

Každopádně díky za trpělivost.

#24 Příspěvek od **Pavuk29** » 29 lis 2011 13:16

Klud chlapi

#25 Příspěvek od **Mc_Murphy** » 29 lis 2011 13:26

Pavuk29 píše:Klud chlapi

Ja som kľudný ako okurka.

Milan Nehasil · #26 Příspěvek od **Milan Nehasil** » 29 lis 2011 21:24

i já jsem klidný - jako rajče. Stačí sehnat ještě někoho kdo je klidný jako balkánský sýr a dáme šopák.

Ahoj Milan

#27 Příspěvek od **Pavuk29** » 30 lis 2011 08:07

Ja by som si dal domacu klobasku k tomu

VIRY.CZ

Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky

Re: Kontrola logu - díky