preventiva

[matej7]

mal som nedavno trojana, tak ak nahodou nieco neostalo:

Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2012-09-01 22:57:42
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 32 GB (32%) free of 100 GB
Total RAM: 2047 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:50, on 1.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\Programy\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
E:\Programy\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\Programy\Secunia\PSI\psi_tray.exe
E:\Programy\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
E:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\PnkBstrA.exe
E:\Programy\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
E:\Programy\Secunia\PSI\sua.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - E:\Programy\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Programy\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Programy\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "E:\Programy\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "E:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Secunia PSI Tray.lnk = E:\Programy\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: &Search - http://tbedits.holidaylaughs.com/one-to ... 2012020207
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\Programy\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - E:\Programy\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - E:\Programy\ICQ7.1\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7387854578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4276860125
O17 - HKLM\System\CCS\Services\Tcpip\..\{092475B1-4D09-4DA2-AA69-BEE9A6F0E11E}: NameServer = 92.245.2.245,92.245.2.162
O17 - HKLM\System\CS1\Services\Tcpip\..\{092475B1-4D09-4DA2-AA69-BEE9A6F0E11E}: NameServer = 92.245.2.245,92.245.2.162
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - E:\Programy\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - E:\Programy\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Programy\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - E:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Secunia PSI Agent - Secunia - E:\Programy\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - E:\Programy\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8705 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, mozilla_cc@internetdownloadmanager.com:6.9.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"4mffxtbr@ChristmasHolidayLaughs_4m.com"=C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=E:\Programy\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ChristmasHolidayLaughs_4m.com/Plugin]
"Description"=ChristmasHolidayLaughs Plugin
"Path"=C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\NP4mStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin]
"Description"=My Web Search Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npvsharetvplg.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\
4mffxtbr@ChristmasHolidayLaughs_4m.com
battlefieldplay4free@ea.com
djziggy@gmail.com
{20a82645-c095-46ed-80e3-08825760534b}

C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\
askcom.xml
daemon-search.xml
icqplugin-1.xml
icqplugin.xml
qipsearch.xml
startsear.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - E:\Programy\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-09-18 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-22 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - E:\Programy\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-22 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-22 79624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - E:\Programy\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2010-08-11 40983152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-09 98304]
"avast"=E:\Programy\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Malwarebytes' Anti-Malware"=E:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=E:\Programy\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-08-04 4777856]
"DAEMON Tools Lite"=E:\Programy\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe [2011-07-26 397992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Programy\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
E:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-09-11 3077528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Programy\QuickTime\QTTask.exe [2012-04-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Ponuka Štart^Programy^Pri spustení^LOLRecorder.lnk]
E:\Programy\LOLREP~1\LOLREC~1.EXE [2011-08-07 357376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WINDOW~4\WINDOW~1.EXE [2008-05-26 123904]

C:\Documents and Settings\All Users\Ponuka Štart\Programy\Pri spustení
Secunia PSI Tray.lnk - E:\Programy\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
E:\Programy\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-07-04 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=E:\Programy\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=475
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=475

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\freecell.exe"="C:\WINDOWS\system32\freecell.exe:*:Enabled:FreeCell"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"E:\Hry\CS\Steam.exe"="E:\Hry\CS\Steam.exe:*:Enabled:Steam"
"E:\Programy\ICQ7.1\ICQ.exe"="E:\Programy\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"E:\Programy\ICQ7.1\aolload.exe"="E:\Programy\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"E:\Hry\TmNationsForever\TmForever.exe"="E:\Hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Hry\League of Legends\Air\LolClient.exe"="E:\Hry\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"E:\Hry\League of Legends\Game\League of Legends.exe"="E:\Hry\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"E:\Programy\SuperaAntiSpyware\SUPERAntiSpyware.exe"="E:\Programy\SuperaAntiSpyware\SUPERAntiSpyware.exe:*:Enabled:SUPERAntiSpyware Free Edition"
"E:\Programy\SuperaAntiSpyware\RUNSAS.EXE"="E:\Programy\SuperaAntiSpyware\RUNSAS.EXE:*:Enabled:SUPERAntiSpyware Alternate Start"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Programy\Xfire\Xfire.exe"="E:\Programy\Xfire\Xfire.exe:*:Enabled:Xfire"
"E:\Programy\BitLord\BitLord.exe"="E:\Programy\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"E:\Programy\uTorrent\uTorrent.exe"="E:\Programy\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\Hry\EA Sports\FIFA 11\Game\fifa.exe"="E:\Hry\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"
"E:\Hry\NFSU2\speed2.exe"="E:\Hry\NFSU2\speed2.exe:*:Enabled:speed2"
"E:\Hry\CS\SteamApps\camejko\counter-strike\hl.exe"="E:\Hry\CS\SteamApps\camejko\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"E:\Hry\Riot Games\League of Legends\air\LolClient.exe"="E:\Hry\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"E:\Hry\Riot Games\League of Legends\game\League of Legends.exe"="E:\Hry\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"E:\Programy\Winamp\winamp.exe"="E:\Programy\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"E:\Hry\Nový priečinok\BFP4f.exe"="E:\Hry\Nový priečinok\BFP4f.exe:*:Enabled:BFP4f"
"E:\Hry\Riot Games\League of Legends\lol.launcher.exe"="E:\Hry\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher"
"E:\Hry\Riot\air\LolClient.exe"="E:\Hry\Riot\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"E:\Hry\Riot\game\League of Legends.exe"="E:\Hry\Riot\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"E:\Hry\Riot\lol.launcher.exe"="E:\Hry\Riot\lol.launcher.exe:*:Enabled:League of Legends Launcher"
"E:\Programy\totalcmd\TotalCmd.exe"="E:\Programy\totalcmd\TotalCmd.exe:*:Enabled:Total Commander 32 bit"
"E:\Programy\OPERA\opera.exe"="E:\Programy\OPERA\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\PC\Desktop\Age_of_Empires_II\empires2.exe"="C:\Documents and Settings\PC\Desktop\Age_of_Empires_II\empires2.exe:*:Enabled:Age of Empires II"
"E:\Hry\CS\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe"="E:\Hry\CS\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit"
"E:\Programy\VLC\vlc.exe"="E:\Programy\VLC\vlc.exe:*:Enabled:VLC media player"
"E:\Hry\CS\Steam\Steam.exe"="E:\Hry\CS\Steam\Steam.exe:*:Enabled:Steam"
"C:\Documents and Settings\PC\Local Settings\temp\DSOClient\app.n3app"="C:\Documents and Settings\PC\Local Settings\temp\DSOClient\app.n3app:*:Enabled:app"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Documents and Settings\PC\Local Settings\Application Data\Akamai\netsession_win.exe"="C:\Documents and Settings\PC\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client"
"E:\Hry\ea sports\NHL 09\nhl2009.exe"="E:\Hry\ea sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"E:\Hry\Rise of Nations\rise.exe"="E:\Hry\Rise of Nations\rise.exe:*:Enabled:Rise of Nations"
"E:\Hry\Rise of Nations\nations.exe"="E:\Hry\Rise of Nations\nations.exe:*:Enabled:Rise of Nations"
"E:\Hry\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="E:\Hry\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
"E:\Hry\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="E:\Hry\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\Documents and Settings\PC\Application Data\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\PC\Application Data\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"H:\cs_portable\Counter-Strike 1.6 Portable\root\cstrike.exe"="H:\cs_portable\Counter-Strike 1.6 Portable\root\cstrike.exe:*:Enabled:Half-Life Launcher"
"E:\Hry\Stronghold 3\bin\win32_release\Stronghold3.exe"="E:\Hry\Stronghold 3\bin\win32_release\Stronghold3.exe:*:Enabled:Stronghold3"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Hry\CS\Steam\SteamApps\camejko\counter-strike\hl.exe"="E:\Hry\CS\Steam\SteamApps\camejko\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Programy\ICQ7.1\ICQ.exe"="E:\Programy\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"E:\Programy\ICQ7.1\aolload.exe"="E:\Programy\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"msacm.lhacm"=lhacm.acm
"msacm.ac3filter"=ac3filter.acm
"VIDC.XFR1"=xfcodec.dll
"msacm.lameacm"=LameACM.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-30 10:29:38 ----D---- C:\Program Files\LogMeIn Hamachi
2012-08-15 15:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-15 15:07:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-15 15:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-15 15:04:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-15 15:01:39 ----A---- C:\WINDOWS\imsins.BAK
2012-08-03 18:25:43 ----D---- C:\Documents and Settings\All Users\Application Data\UAB
2012-08-03 18:25:38 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters Inc
2012-08-03 18:24:52 ----D---- C:\Program Files\PC Drivers HeadQuarters
2012-08-03 18:23:22 ----D---- C:\Documents and Settings\PC\Application Data\GetRightToGo

======List of files/folders modified in the last 1 month======

2012-09-01 22:57:50 ----D---- C:\WINDOWS\Prefetch
2012-09-01 22:57:46 ----D---- C:\Program Files\trend micro
2012-09-01 22:20:03 ----D---- C:\Documents and Settings\PC\Application Data\Skype
2012-09-01 22:08:15 ----D---- C:\WINDOWS\Temp
2012-09-01 21:42:17 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-01 21:41:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-09-01 21:40:54 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2012-09-01 18:08:22 ----D---- C:\WINDOWS\system32
2012-09-01 18:08:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-09-01 18:07:48 ----SHD---- C:\WINDOWS\Installer
2012-09-01 18:07:48 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2012-09-01 14:19:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-01 14:18:39 ----D---- C:\Documents and Settings\PC\Application Data\vlc
2012-08-31 12:42:01 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-31 09:58:08 ----D---- C:\Program Files\Mozilla Firefox
2012-08-30 10:29:38 ----RD---- C:\Program Files
2012-08-29 23:34:28 ----SD---- C:\WINDOWS\Tasks
2012-08-29 23:34:25 ----AD---- C:\WINDOWS
2012-08-27 18:28:29 ----D---- C:\WINDOWS\system32\drivers
2012-08-27 15:03:27 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-27 15:02:11 ----HD---- C:\WINDOWS\inf
2012-08-27 15:02:11 ----D---- C:\Program Files\Messenger
2012-08-26 20:18:19 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-08-26 14:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2012-08-26 14:55:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2012-08-25 11:49:28 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files
2012-08-21 11:12:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-08-20 18:10:55 ----D---- C:\Documents and Settings\PC\Application Data\uTorrent
2012-08-19 23:17:08 ----A---- C:\ashampoo-acdw-log.txt
2012-08-18 12:01:10 ----RSD---- C:\WINDOWS\assembly
2012-08-18 12:01:09 ----A---- C:\WINDOWS\win.ini
2012-08-18 12:00:36 ----HD---- C:\WINDOWS\ShellNew
2012-08-18 12:00:12 ----RSD---- C:\WINDOWS\Fonts
2012-08-18 12:00:12 ----D---- C:\Program Files\Common Files\System
2012-08-18 11:58:57 ----D---- C:\Documents and Settings\PC\Application Data\DAEMON Tools Lite
2012-08-15 15:08:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-15 15:08:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-08-15 15:07:29 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-15 15:05:34 ----D---- C:\WINDOWS\Debug
2012-08-15 15:05:30 ----A---- C:\WINDOWS\system32\MRT.exe
2012-08-15 15:01:33 ----D---- C:\Program Files\Internet Explorer
2012-08-15 15:01:25 ----D---- C:\WINDOWS\ie8updates
2012-08-06 20:19:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-08-03 19:16:16 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2010-06-21 2944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-03-22 242240]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 SASDIFSV;SASDIFSV; \??\E:\Programy\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\E:\Programy\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-02-28 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-02-28 55936]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2007-04-27 90688]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-07-04 7874560]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-05-14 103040]
R3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys [2003-11-14 8192]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2010-08-04 2127728]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 Andbus;LGE Android Platform Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\WINDOWS\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\WINDOWS\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\WINDOWS\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys []
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\WINDOWS\system32\DRIVERS\lgandnetgps.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys []
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\lgandnetndis.sys []
S3 androidusb;ADB Interface Driver; C:\WINDOWS\System32\Drivers\lgandadb.sys [2010-08-02 25728]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-06-02 99856]
S3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2011-01-17 47360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; E:\Programy\SUPERAntiSpyware\SASCORE.EXE [2011-08-17 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-07-04 643072]
R2 avast! Antivirus;avast! Antivirus; E:\Programy\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 1385896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-22 153352]
R2 MBAMService;MBAMService; E:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-04-10 75136]
R2 Secunia PSI Agent;Secunia PSI Agent; E:\Programy\Secunia\PSI\PSIA.exe [2011-01-10 993848]
R2 Secunia Update Agent;Secunia Update Agent; E:\Programy\Secunia\PSI\sua.exe [2011-01-10 399416]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-04 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 250568]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-04 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-31 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje.

[Mc_Murphy]

Tak v první řadě odeber ze spouštění po startu systému programy MBAM a SUPERAntiSpyware. U obou také v jejich nastaveních zruš rezidentní štít, jinak se Ti budou tlouct s Avastem, kterým máš v počítači. Oba programy používej pouze k občasným scanům.
Pak proveď úplný scan s MBAM podle návodu níže (Ty nemusíš MBAM stahovat, jen se ujisti, že máš program i jeho databázi aktuální) a proveď také scan se SUPERAntiSpyware a vlož mi sem jeho výsledný log. Čekám tedy na dva logy.


Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

• Proveď aktualizaci virové databáze.
• V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
• Předem nic nemaž!!
• MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

[matej7]

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verzia databázy: v2012.09.02.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
PC :: MAREK-1F0500E1B [administrátor]

2.9.2012 17:26:49
mbam-log-2012-09-02 (18-36-32).txt

Typ kontroly: Úplná kontrola (C:\|E:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 362015
Uplynutý čas: 1 hod, 9 min, 23 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 57
HKCR\CLSID\{0792acac-28af-40d0-96eb-1b2351d3b1c3} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.MultipleButton.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.MultipleButton (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{78858c79-ada7-44d7-bb40-e5e0eb4954a6} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{2132ffce-9679-4d2e-a465-6245430f7632} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{2C6C26D5-71CE-4E14-A0C9-5E45F5D849B5} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{f16bd948-3c1f-49c3-81d0-14fb2c6404a2} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{6e406c23-ce4a-4959-8e1b-85e77c4ffb65} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{E67F63B3-5534-431C-B30D-FB5D39EA74E3} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{6ff77204-71d7-449d-a5bc-e5091dfe5550} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.DynamicBarButton.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.DynamicBarButton (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{19c4894d-f577-49e7-8c96-552791902190} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{bea94a15-2272-48b3-a81f-212e810028fa} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{4E106BDA-78D9-4626-A4D7-7BC700966265} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.FeedManager.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.FeedManager (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{372ce50c-9133-4f60-8251-932c5467188a} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{5bee64f6-3975-48ac-9afd-2422e3adb2a7} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{3F53D2FE-BDE8-4908-92FA-FF7C44FF35D9} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.HTMLPanel.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.HTMLPanel (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{372CE50C-9133-4F60-8251-932C5467188A} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{D8FA12AA-184F-4DEA-B519-E27A99177B75} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.HTMLMenu.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.HTMLMenu (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D8FA12AA-184F-4DEA-B519-E27A99177B75} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{b5ffa725-5ca7-46f5-b339-afd70f24497f} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{748f7818-7f87-4389-a61e-34193d238539} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{50FD3F6E-E9F8-47E8-B514-3AA98D83846C} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{2168385e-2013-4654-aa27-17c17568b51e} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{5ae6e474-031e-49a4-b175-3c5b2241e47d} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{7BAF466B-3BAA-465D-BE83-2C3388C4B166} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.XMLSessionPlugin (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2168385E-2013-4654-AA27-17C17568B51E} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{26de3365-17ee-4cec-9fb8-f8726a0e8ded} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.Radio.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.Radio (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{1b8ce4cd-57b7-4d6f-9ba1-972f6d2eeb5a} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.ScriptButton.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.ScriptButton (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{4c2aea88-cec9-4de1-974b-85cacc39f098} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{40d140cc-38f2-4784-bd51-58589465d8ff} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{33A537C2-7D28-45E7-BE6A-42D4A4CAB6F4} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.PseudoTransparentPlugin (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4C2AEA88-CEC9-4DE1-974B-85CACC39F098} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{5c473699-4bcd-404a-81c3-4c703c09be65} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{7a8f3efc-4531-4cb0-ba2c-e70615a85cc0} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\Interface\{4EF06F18-DE8F-445A-B00C-25306D488A51} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.ThirdPartyInstaller (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5C473699-4BCD-404A-81C3-4C703C09BE65} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{e53666d7-edff-458b-9b33-ddaf861f020c} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.UrlAlertButton.1 (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
HKCR\ChristmasHolidayLaughs_4m.UrlAlertButton (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 29
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mmlbtn.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mauxstb.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mbrstub.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mdatact.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mdlghk.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mdyn.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mfeedmg.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mhighin.exe (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mhkstub.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mhtml.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mhtmlmu.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mhttpct.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4midle.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mieovr.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mimpipe.exe (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mmedint.exe (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mmsg.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mPlugin.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mradio.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mregfft.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mreghk.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mregiet.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mscript.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mskin.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mskplay.exe (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4mtpinst.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\4muabtn.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\ChristmasHolidayLaughs_4m\bar\1.bin\NP4mStub.dll (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{1321EA93-5B0E-4CD0-9D1B-92AA32C04A24}\RP265\A0102832.dll (Spyware.Password) -> Žiadna úloha nevykonaná.

(koniec)

pocas toho mi avast sem tam vyskocil ( http://i.imgur.com/75NEu.jpg )

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/02/2012 at 06:46 PM

Application Version : 5.5.1012

Core Rules Database Version : 9166
Trace Rules Database Version: 6978

Scan type : Quick Scan
Total Scan Time : 00:07:54

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 514
Memory threats detected : 0
Registry items scanned : 29286
Registry threats detected : 0
File items scanned : 7039
File threats detected : 176

Adware.Tracking Cookie
C:\Documents and Settings\PC\Cookies\INKZULD6.txt [ /atdmt.com ]
C:\Documents and Settings\PC\Cookies\4JAL5GCZ.txt [ /c.atdmt.com ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.stats.betradar.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.stats.betradar.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.stats.betradar.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www.addfreestats.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
sk.search.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
e2.emediate.se [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
e2.emediate.se [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www.grapeshot-media.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
banners.victor.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.banners.victor.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ox-d.adventuremediaglobal.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.aimfar.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
aimfar.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.aimfar.solution.weborama.fr [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www2.adserverpub.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.iwarez.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.iwarez.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.iwarez.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.iwarez.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.iwarez.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.iwarez.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.warez4um.sk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.warez4um.sk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.warez4um.sk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.toplist.sk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.warez4um.sk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.warez4um.sk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.warez4um.sk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
e2.emediate.se [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
audit.median.hu [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
sk.static.etargetnet.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.eliteprospects.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.eliteprospects.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www.eliteleague.co.uk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
www.eliteleague.co.uk [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.everysport.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.eliteprospects.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.eliteprospects.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
reklama.livemediacz.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\8HWZXGIX.DEFAULT\COOKIES.SQLITE ]

[Mc_Murphy]

No, pěkně zaliskané, jen co je pravda.

Takže pokud jsi tak ještě neučinil, všechny nálezy SUPERAntiSpyware dej odstranit. A jak sám vidíš, navštěvování warezovských a podobných stránek není vždycky tak bezpečné, o legalitě ani nehovořím.

Pokud to jde, odinstaluj C:\Program Files\ChristmasHolidayLaughs_4m, pak spusť MBAM ještě jednou podle stejného návodu a případné nálezy dej smazat.
Pokud to odinstalovat z nějakého důvodu nejde, dej nálezy smazat rovnou a spusť MBAM ještě jednou, aby ses přesvědčil, jestli už nic nenašel.
Test SUPERAntiSpyware už podruhé spouštět nemusíš.

Podle tohoto návodu (klik) smaž a znovu vytvoř Bod obnovy pro svůj počítač, neboť v tom starém máš havěť.

Pak mi napiš, jak ses s tím vším vypořádal.

[matej7]

vsetko spravane

[Mc_Murphy]

OK, super, tak pokračujeme dál.

Fixni tedy v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: C:\Program Files\trend micro\PC.exe

Bude-li Avast křičet, že to chce otevřít v Sandboxu, nedovol to! Vyber možnost Otevřít normálně!

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O8 - Extra context menu item: &Search - http://tbedits.holidaylaughs.com/one-to ... 2012020207
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - E:\Programy\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - E:\Programy\ICQ7.1\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
• http://oldtimer.geekstogo.com/OTM.com
• http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Bude-li Avast křičet, že to chce otevřít v Sandboxu, nedovol to! Vyber možnost Otevřít normálně!

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
!SASCORE
AdobeFlashPlayerUpdateSvc
gupdate
gupdatem
JavaQuickStarterService
MBAMService
SkypeUpdate
SASDIFSV
SASKUTIL
MBAMProtector

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Program Files\Ask.com
C:\Program Files\Pando Networks
C:\Documents and Settings\PC\Local Settings\Application Data\Akamai
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\4mffxtbr@ChristmasHolidayLaughs_4m.com
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\battlefieldplay4free@ea.com
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\djziggy@gmail.com
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\askcom.xml
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\daemon-search.xml
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\icqplugin-1.xml
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\icqplugin.xml
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\qipsearch.xml
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\startsear.xml
C:\Documents and Settings\All Users\Ponuka Štart\Programy\Pri spustení\Secunia PSI Tray.lnk

:Reg
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"Malwarebytes' Anti-Malware"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=-
"DAEMON Tools Lite"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Ponuka Štart^Programy^Pri spustení^LOLRecorder.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"=-
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"=-
"C:\Documents and Settings\PC\Local Settings\Application Data\Akamai\netsession_win.exe"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"=-

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

[matej7]

All processes killed
========== COMMANDS ==========

Restore point Set: OTM Restore Point
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 48835541 bytes

User: PC
->Temp folder emptied: 10537862 bytes
->Temporary Internet Files folder emptied: 165168134 bytes
->Java cache emptied: 53660381 bytes
->FireFox cache emptied: 60434375 bytes
->Flash cache emptied: 108568 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 555520 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1687800 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 253651650 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 567,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: PC
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service !SASCORE stopped successfully!
Service !SASCORE deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service MBAMService stopped successfully!
Service MBAMService deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service SASDIFSV stopped successfully!
Service SASDIFSV deleted successfully!
Service SASKUTIL stopped successfully!
Service SASKUTIL deleted successfully!
Error: Unable to stop service MBAMProtector!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP32C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP34C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP745.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI10C.tmp moved successfully.
C:\WINDOWS\Installer\MSI14A.tmp moved successfully.
C:\WINDOWS\Installer\MSI2E1.tmp moved successfully.
C:\WINDOWS\Installer\MSI31F.tmp moved successfully.
C:\WINDOWS\Installer\MSI320.tmp moved successfully.
C:\WINDOWS\Installer\MSI321.tmp moved successfully.
C:\WINDOWS\Installer\MSI322.tmp moved successfully.
C:\WINDOWS\Installer\MSI3D.tmp moved successfully.
C:\WINDOWS\Installer\MSI463.tmp moved successfully.
C:\WINDOWS\Installer\MSI47.tmp moved successfully.
C:\WINDOWS\Installer\MSI4A1.tmp moved successfully.
C:\WINDOWS\Installer\MSI64.tmp moved successfully.
C:\WINDOWS\Installer\MSI6A.tmp moved successfully.
C:\WINDOWS\Installer\MSI7C.tmp moved successfully.
C:\WINDOWS\Installer\MSI7D.tmp moved successfully.
C:\WINDOWS\Installer\MSI7E.tmp moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\Pando Networks\Media Booster\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files\Pando Networks\Media Booster folder moved successfully.
C:\Program Files\Pando Networks folder moved successfully.
File/Folder C:\Documents and Settings\PC\Local Settings\Application Data\Akamai not found.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\4mffxtbr@ChristmasHolidayLaughs_4m.com\chrome folder moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\4mffxtbr@ChristmasHolidayLaughs_4m.com folder moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\battlefieldplay4free@ea.com\plugins folder moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\battlefieldplay4free@ea.com\META-INF folder moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\battlefieldplay4free@ea.com folder moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\djziggy@gmail.com\chrome folder moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\extensions\djziggy@gmail.com folder moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\qipsearch.xml moved successfully.
C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\searchplugins\startsear.xml moved successfully.
C:\Documents and Settings\All Users\Ponuka Štart\Programy\Pri spustení\Secunia PSI Tray.lnk moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\tscuninstall deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\tscuninstall not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Ponuka Štart^Programy^Pri spustení^LOLRecorder.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Pando Networks\Media Booster\PMB.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\PC\Local Settings\Application Data\Akamai\netsession_win.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list\\C:\Program Files\Pando Networks\Media Booster\PMB.exe deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 09032012_212732

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Mc_Murphy]

Super, OTM provedlo, co mělo.

Jak je na tom počítač? Můžeme dočistit a hotovo?

[matej7]

nenastali ziadne problemy zatial

[Mc_Murphy]

OK, super, takže jen dočistíme a máme hotovo.


OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

[matej7]

ok, verela vdaka

[Mc_Murphy]

Není vůbec zač a rádo se stalo. Přeji pěkný den.