zmetek Heuristics.Broken.Executable a problémy po odstranění

[Sopta]

OTL LOG:

"Vaše zpráva obsahuje 74129 znaků. Maximální povolený počet znaků je 60000."

nejde mi to sem vlozit, je to moc dlouhe

[vyosek]

Rozdelte log do vice prispevku...

[Sopta]

booze, jn to me nenapadlo, sry...

OTL logfile created on: 28.9.2010 19:09:43 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\OEM\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 88,61 Gb Free Space | 29,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ZDENDA-PC
Current User Name: OEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.09.28 19:06:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OEM\Plocha\OTL.exe
PRC - [2010.09.20 17:11:43 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.09.10 14:11:42 | 005,809,616 | ---- | M] (QIP) -- C:\Program Files\QIP 2010\qip.exe
PRC - [2010.09.10 14:11:40 | 000,190,928 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\QipGuard\QipGuard.exe
PRC - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.07.21 16:12:32 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010.07.08 11:50:37 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.06.22 16:14:04 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.06.22 16:13:56 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.06.22 16:13:53 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.06.22 16:13:20 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.06.22 16:13:18 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.06.22 16:13:16 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010.04.14 20:49:51 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010.04.14 20:49:51 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.02.18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009.11.24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009.11.13 14:14:26 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2009.10.14 15:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009.08.06 01:00:00 | 000,024,640 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
PRC - [2009.06.16 10:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009.02.25 21:59:06 | 001,352,960 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2009.02.25 21:58:04 | 002,553,088 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodtray.exe
PRC - [2009.01.15 19:42:46 | 007,430,144 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.01.15 19:42:44 | 007,434,240 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008.06.11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.19 12:49:26 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
PRC - [2006.12.23 19:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.12.18 15:34:36 | 000,868,352 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2004.12.14 19:19:44 | 000,221,184 | ---- | M] (Labtec Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004.12.14 18:51:34 | 000,217,088 | ---- | M] (Labtec Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2004.12.14 18:34:18 | 000,192,512 | ---- | M] (Labtec Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe


========== Modules (SafeList) ==========

MOD - [2010.09.28 19:06:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OEM\Plocha\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.07.29 11:56:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.07.21 16:12:32 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.06.22 16:13:53 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.04.19 10:25:46 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010.04.14 20:49:51 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009.10.14 15:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009.08.06 01:00:00 | 000,024,640 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009.06.16 10:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009.02.25 21:59:06 | 001,352,960 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.19 12:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Start_Pending] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2005.11.22 22:58:48 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\update.sys -- (Update)
DRV - File not found [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sojuscsi.sys -- (sojuscsi)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\OEM\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.06.22 16:13:57 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.06.22 16:13:18 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.06.09 16:17:59 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.06.02 16:06:44 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.03.05 13:12:23 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010.01.27 12:22:02 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2009.12.23 22:59:09 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.11.13 14:14:26 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.11.13 14:14:26 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator\fileobjinfo.sys -- (FileObjInfo)
DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009.08.12 00:19:20 | 000,056,992 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009.08.06 16:50:00 | 007,753,888 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.02.13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.09.25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007.05.12 15:49:54 | 000,380,928 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2007.04.17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2007.01.16 03:09:06 | 000,293,888 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006.10.30 05:31:58 | 000,043,648 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2006.07.27 03:49:10 | 000,083,712 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.03.17 11:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006.02.07 13:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2005.12.11 12:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.10.11 19:22:02 | 000,211,712 | R--- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Labtec WebCam(PID_0928)
DRV - [2004.10.11 19:18:58 | 000,022,016 | R--- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\OEM\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "WebHledani"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.855
FF - prefs.js..extensions.enabledItems: avg@igeared:4.504.019.002
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.608
FF - prefs.js..extensions.enabledItems: {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.3.92
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: QipCounter@qip.ru:1.0
FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.0.0
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {104cba90-6fb2-11df-be2b-0800200c9a66}:1.2
FF - prefs.js..keyword.URL: "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.09.20 17:12:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010.06.25 20:18:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.26 20:58:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.29 12:12:17 | 000,000,000 | ---D | M]

[2010.03.01 12:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Extensions
[2009.12.24 23:31:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Extensions\MediaCoder
[2009.12.24 23:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Extensions\MediaCoder-MCEX
[2009.12.24 23:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2010.09.28 15:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions
[2010.06.12 14:48:19 | 000,000,000 | ---D | M] (TV.wrzuc.to) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{104cba90-6fb2-11df-be2b-0800200c9a66}
[2010.05.26 14:25:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.16 17:47:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.26 20:58:04 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.03.15 19:39:36 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010.03.15 19:39:36 | 000,000,000 | ---D | M] (MeasureIt) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2010.03.01 12:25:29 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010.08.29 21:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.04.06 21:42:51 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.03.01 12:29:37 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.06.13 14:53:16 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2010.05.26 14:25:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\firebug@software.joehewitt.com
[2010.07.04 21:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\LogMeInClient@logmein.com
[2010.09.26 20:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\QipCounter@qip.ru
[2010.06.16 15:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\radiobar@toolbar
[2010.07.04 21:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\staged-xpis
[2010.03.01 12:22:54 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icq-search.xml
[2010.04.03 18:28:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-1.xml
[2010.06.26 10:09:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-2.xml
[2010.07.08 11:51:03 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-3.xml
[2010.09.26 21:02:34 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-4.xml
[2008.07.10 12:19:06 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin.xml
[2010.09.26 20:58:25 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\qip-search.xml
[2010.06.16 15:15:49 | 000,001,589 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\web-search.xml
[2010.09.28 15:44:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.27 20:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.28 15:52:01 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.05.11 13:33:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.27 21:52:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.07.08 11:50:42 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.08 11:50:42 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.08 11:50:42 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.08 11:50:42 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.08 11:50:42 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.09.28 18:22:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\OEM\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Labtec Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Labtec Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Labtec Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - Startup: C:\Documents and Settings\OEM\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\OEM\Nabídka Start\Programy\Po spuštění\Registration Assassin.LNK = C:\Program Files\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\OEM\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 7351125589 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.05 15:47:39 | 000,000,014 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

[Sopta]

druhá část
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Labtec Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 7 Days ==========

[2010.09.28 19:05:58 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\OEM\Plocha\OTL.exe
[2010.09.28 18:12:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.09.28 18:12:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.09.28 18:12:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.09.28 18:12:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.09.28 12:54:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oodag
[2010.09.28 12:18:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.09.28 12:14:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.09.28 12:11:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.09.27 21:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2010.09.27 21:02:43 | 014,361,616 | ---- | C] (O&O Software GmbH ) -- C:\Documents and Settings\OEM\Plocha\OODefrag11ProfessionalEnu.exe
[2010.09.27 20:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6.5
[2010.09.27 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.27 20:23:08 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.27 18:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2010.09.26 20:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OEM\Data aplikací\QIP
[2010.09.26 20:58:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OEM\Data aplikací\QipGuard
[2010.09.26 20:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\QIP 2010
[2010.09.26 20:55:58 | 007,008,336 | ---- | C] (QIP.ru ) -- C:\Documents and Settings\OEM\Plocha\qip2010.exe
[2010.09.26 20:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OEM\Plocha\256489014
[2010.09.26 20:50:48 | 017,001,848 | ---- | C] (Macrovision Corporation) -- C:\Documents and Settings\OEM\Plocha\install_icq65.exe
[2010.09.26 12:21:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DivX
[2010.09.26 12:21:02 | 000,000,000 | ---D | C] -- C:\Program Files\DirectShow FilterPack
[2010.09.21 21:01:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OEM\Dokumenty\FIFA 11
[2010.09.21 20:46:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\OEM\Dokumenty\Nová složka
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.10.28 17:10:44 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\OEM\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.28 19:06:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\OEM\Plocha\OTL.exe
[2010.09.28 18:24:25 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.28 18:22:17 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.09.28 18:22:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.09.28 18:10:11 | 003,855,377 | R--- | M] () -- C:\Documents and Settings\OEM\Plocha\ComboFix.exe
[2010.09.28 14:55:08 | 000,156,793 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\errors.JPG
[2010.09.28 14:51:59 | 000,248,739 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.09.28 14:51:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.28 14:51:48 | 000,209,464 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.09.28 12:29:13 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\OEM\ntuser.ini
[2010.09.28 12:29:12 | 009,437,184 | -H-- | M] () -- C:\Documents and Settings\OEM\NTUSER.DAT
[2010.09.28 12:18:28 | 000,000,506 | RHS- | M] () -- C:\boot.ini
[2010.09.28 12:13:43 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.28 12:03:12 | 065,401,937 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.09.27 23:30:57 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.27 22:31:33 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\CKScanner.exe
[2010.09.27 21:06:02 | 000,001,762 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[2010.09.27 21:03:03 | 014,361,616 | ---- | M] (O&O Software GmbH ) -- C:\Documents and Settings\OEM\Plocha\OODefrag11ProfessionalEnu.exe
[2010.09.27 20:57:55 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ6.5.lnk
[2010.09.27 20:22:42 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\RSIT.exe
[2010.09.27 20:19:09 | 000,148,765 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\po_restartu.jpg
[2010.09.27 20:13:46 | 000,063,381 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\druhy_sken.jpg
[2010.09.27 19:49:19 | 000,082,270 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\divx.JPG
[2010.09.27 19:47:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.09.27 18:48:39 | 000,134,788 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\prvni_sken.jpg
[2010.09.27 18:09:06 | 001,562,086 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\kniha.zip
[2010.09.27 13:28:43 | 000,273,664 | ---- | M] () -- C:\WINDOWS\System32\msgazmqf.dll
[2010.09.26 23:34:37 | 000,239,104 | ---- | M] () -- C:\WINDOWS\Zbuxac.exe
[2010.09.26 21:00:14 | 000,239,104 | ---- | M] () -- C:\WINDOWS\Zbuxab.exe
[2010.09.26 20:59:14 | 000,239,104 | ---- | M] () -- C:\WINDOWS\Zbuxad.exe
[2010.09.26 20:59:07 | 000,239,104 | ---- | M] () -- C:\WINDOWS\Zbuxaa.exe
[2010.09.26 20:58:20 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\QIP 2010.lnk
[2010.09.26 20:56:21 | 007,008,336 | ---- | M] (QIP.ru ) -- C:\Documents and Settings\OEM\Plocha\qip2010.exe
[2010.09.26 20:51:06 | 017,001,848 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\OEM\Plocha\install_icq65.exe
[2010.09.26 12:30:32 | 000,001,430 | ---- | M] () -- C:\Documents and Settings\OEM\Dokumenty\DivX Movies.lnk
[2010.09.26 12:30:15 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\OEM\Dokumenty\DivX Plus Player.lnk
[2010.09.26 12:29:49 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\OEM\Dokumenty\DivX Plus Converter.lnk
[2010.09.24 17:24:10 | 000,002,241 | ---- | M] () -- C:\Documents and Settings\OEM\Plocha\Google Chrome.lnk
[2010.09.23 21:15:06 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.09.23 21:14:44 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.28 18:12:03 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.09.28 18:12:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.09.28 18:12:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.09.28 18:12:03 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.09.28 18:12:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.09.28 18:08:49 | 003,855,377 | R--- | C] () -- C:\Documents and Settings\OEM\Plocha\ComboFix.exe
[2010.09.28 14:55:08 | 000,156,793 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\errors.JPG
[2010.09.28 12:18:28 | 000,000,389 | ---- | C] () -- C:\Boot.bak
[2010.09.28 12:18:25 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.09.27 22:31:33 | 000,443,392 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\CKScanner.exe
[2010.09.27 21:06:02 | 000,001,762 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\O&O Defrag.lnk
[2010.09.27 20:57:55 | 000,001,487 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ6.5.lnk
[2010.09.27 20:22:42 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\RSIT.exe
[2010.09.27 20:19:09 | 000,148,765 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\po_restartu.jpg
[2010.09.27 20:13:46 | 000,063,381 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\druhy_sken.jpg
[2010.09.27 19:49:19 | 000,082,270 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\divx.JPG
[2010.09.27 18:48:39 | 000,134,788 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\prvni_sken.jpg
[2010.09.27 18:25:04 | 001,754,260 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\kniha.pdf
[2010.09.27 18:09:06 | 001,562,086 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\kniha.zip
[2010.09.27 13:28:37 | 000,273,664 | ---- | C] () -- C:\WINDOWS\System32\msgazmqf.dll
[2010.09.27 11:59:04 | 000,239,104 | ---- | C] () -- C:\WINDOWS\Zbuxad.exe
[2010.09.27 11:33:41 | 000,239,104 | ---- | C] () -- C:\WINDOWS\Zbuxac.exe
[2010.09.26 21:54:04 | 000,239,104 | ---- | C] () -- C:\WINDOWS\Zbuxab.exe
[2010.09.26 20:59:12 | 000,239,104 | ---- | C] () -- C:\WINDOWS\Zbuxaa.exe
[2010.09.26 20:58:20 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\OEM\Plocha\QIP 2010.lnk
[2010.09.26 12:30:32 | 000,001,430 | ---- | C] () -- C:\Documents and Settings\OEM\Dokumenty\DivX Movies.lnk
[2010.09.26 12:30:15 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\OEM\Dokumenty\DivX Plus Player.lnk
[2010.09.26 12:29:49 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\OEM\Dokumenty\DivX Plus Converter.lnk
[2010.07.15 18:07:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini
[2010.07.15 17:25:50 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\OEM\Data aplikací\PnkBstrK.sys
[2010.07.04 20:25:52 | 000,000,094 | ---- | C] () -- C:\WINDOWS\winin.ini
[2010.06.26 14:21:53 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Installer.log
[2010.06.13 14:41:17 | 000,014,682 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.03.17 22:44:05 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.01.13 22:53:08 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.12.03 18:21:28 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009.12.03 18:05:36 | 000,001,187 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.11.15 16:38:08 | 000,049,976 | ---- | C] () -- C:\WINDOWS\php.ini
[2009.11.13 16:23:54 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.11.13 14:14:26 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.11.10 21:03:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.11.10 21:03:06 | 000,006,812 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.11.06 21:20:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.11.06 20:42:28 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\OEM\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.05 21:22:13 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2009.11.05 21:11:37 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2009.11.05 21:11:37 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\9EF00F99BA.sys
[2009.11.05 17:06:28 | 000,000,544 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2009.11.05 16:17:05 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.11.05 16:17:04 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.11.05 16:10:22 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.11.05 15:47:38 | 000,000,454 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2009.11.04 16:35:40 | 000,014,720 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.11.04 16:34:56 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.11.04 16:34:44 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2001.07.07 04:00:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999.01.27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2010.08.17 20:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2010.06.25 20:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2010.09.27 20:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.08.30 13:05:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SiComponents
[2010.06.24 20:25:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.09.28 12:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.11.12 19:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2009.11.12 17:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.01.27 20:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WD_SmartWareCommon
[2009.12.25 17:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Western Digital
[2009.11.12 17:55:59 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009.11.12 19:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2010.05.27 22:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\avidemux
[2009.12.24 23:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Broad Intelligence
[2009.11.05 20:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\BSplayer Pro
[2009.12.28 00:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\DBDesigner4
[2009.11.13 18:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Dev-Cpp
[2010.08.30 13:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\DVDVideoSoftIEHelpers
[2010.06.13 21:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Facebook
[2010.09.28 18:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\FileZilla
[2010.06.23 18:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\FreeScreenToVideo
[2010.03.30 20:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\GameRanger
[2010.06.28 12:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\ICQ
[2010.08.03 15:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Image Zone Express
[2009.12.28 00:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\MySQL
[2009.11.05 15:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\OpenOffice.org
[2009.11.05 20:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Opera
[2010.06.24 16:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Publish Providers
[2010.09.26 20:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\QIP
[2010.09.26 20:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\QipGuard
[2010.06.24 16:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Sony
[2010.09.27 20:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Spyware Terminator
[2010.09.27 22:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Toolbar4
[2010.06.28 12:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\TS3Client
[2009.11.12 17:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\TuneUp Software
[2010.06.30 18:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\TweakNow SecureDelete
[2010.09.26 12:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\uTorrent
[2009.12.25 17:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Western Digital
[2010.06.29 23:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Wireshark
[2010.07.03 10:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.08.11 16:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Adobe
[2009.11.09 17:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Ahead
[2010.04.02 16:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Apple Computer
[2010.05.27 22:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\avidemux
[2009.12.24 23:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Broad Intelligence
[2009.11.05 20:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\BSplayer Pro
[2009.11.05 21:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Corel
[2009.12.28 00:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\DBDesigner4
[2009.11.13 18:30:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Dev-Cpp
[2010.09.26 15:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\DivX
[2010.09.26 15:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\dvdcss
[2010.08.30 13:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\DVDVideoSoftIEHelpers
[2010.06.13 21:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Facebook
[2010.09.28 18:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\FileZilla
[2010.06.23 18:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\FreeScreenToVideo
[2010.03.30 20:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\GameRanger
[2010.06.28 13:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Hamachi
[2010.04.26 18:46:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\HP
[2010.06.28 12:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\ICQ
[2009.11.04 16:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Identities
[2010.08.03 15:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Image Zone Express
[2010.01.25 20:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\InstallShield
[2009.11.10 18:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Macromedia
[2010.07.27 11:17:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\OEM\Data aplikací\Microsoft
[2009.11.05 15:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla
[2009.12.28 00:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\MySQL
[2009.11.05 15:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\OpenOffice.org
[2009.11.05 20:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Opera
[2010.06.24 16:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Publish Providers
[2010.09.26 20:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\QIP
[2010.09.26 20:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\QipGuard
[2010.01.25 21:24:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\OEM\Data aplikací\SecuROM
[2010.09.16 22:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Skype
[2010.09.16 19:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\skypePM
[2010.07.02 23:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\SmartFTP
[2010.06.24 16:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Sony
[2010.09.27 20:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Spyware Terminator
[2009.11.13 14:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Sun
[2010.09.27 22:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Toolbar4
[2010.06.28 12:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\TS3Client
[2009.11.12 17:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\TuneUp Software
[2010.06.30 18:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\TweakNow SecureDelete
[2010.07.04 20:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\UltraVNC
[2010.09.26 12:30:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\uTorrent
[2009.12.17 20:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\vlc
[2009.12.25 17:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Western Digital
[2010.06.29 23:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Wireshark
[2010.07.03 10:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.06.13 21:22:18 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\OEM\Data aplikací\Facebook\uninstall.exe
[2010.06.20 20:57:12 | 001,240,800 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\OEM\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[2007.12.30 06:01:18 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.30 06:01:18 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
[2010.01.15 14:25:04 | 000,372,736 | ---- | M] (LogMeIn, Inc.) -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\LogMeInClient@logmein.com\plugins\LMIGuardian.exe
[2010.01.15 14:26:54 | 000,070,984 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\LogMeInClient@logmein.com\plugins\LMIProxyHelper.exe
[2010.09.10 14:11:40 | 000,190,928 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\QipGuard\QipGuard.exe
[2009.09.12 23:20:28 | 000,245,248 | ---- | M] (www.half-open.com) -- C:\Documents and Settings\OEM\Data aplikací\uTorrent\half-open-fix.exe
[2009.12.20 12:11:32 | 000,697,965 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\uTorrent\unins000.exe
[2009.11.25 22:34:10 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\OEM\Data aplikací\uTorrent\utorrent.exe


< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2009.08.06 01:00:00 | 000,028,787 | ---- | M] () MD5=9517DD94BABFCCDBA18772AB41AF4A57 -- C:\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\system32\DRIVERS\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.11.04 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.11.04 17:04:02 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.11.04 17:04:02 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.09.27 19:47:25 | 000,001,324 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2010.09.27 13:28:43 | 000,273,664 | ---- | M] () -- C:\WINDOWS\system32\msgazmqf.dll
[2010.09.28 14:51:59 | 000,248,739 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.09.28 14:51:48 | 000,209,464 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2010.09.28 12:13:43 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Files - Unicode (All) ==========
[2010.09.27 00:52:47 | 000,000,000 | ---D | M](C:\Documents and Settings\OEM\Data aplikac?) -- C:\Documents and Settings\OEM\Data aplikac�
[2010.09.27 00:52:47 | 000,000,000 | ---D | C](C:\Documents and Settings\OEM\Data aplikac?) -- C:\Documents and Settings\OEM\Data aplikac�
< End of report >

[vyosek]

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

• C:\WINDOWS\System32\msgazmqf.dll
• Kliknete na Prochazet
• Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
• Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
• Kliknete na Otestovat soubor
• Vysledek analyzy sem vlozte (jako odkaz)

Co je v teto slozce C:\Documents and Settings\OEM\Data aplikac?

[Sopta]

http://www.virustotal.com/file-scan/rep ... 1285696824
snad ten odkaz je spravne...


složka C:\Documents and Settings\OEM\Data aplikací:

Opera -> opera-> qip_auth.js

nic jinyho tam neni

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
  SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\update.sys -- (Update)
  DRV - File not found [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sojuscsi.sys -- (sojuscsi)
  DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
  DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\OEM\LOCALS~1\Temp\catchme.sys -- (catchme)
  IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
  IE - HKU\S-1-5-21-1085031214-583907252-1417001333-1004\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\OEM\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
  FF - prefs.js..browser.search.order.1: "Crawler Search"
  FF - prefs.js..keyword.URL: "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="
  [2010.09.26 20:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\QipCounter@qip.ru
  [2010.03.01 12:22:54 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icq-search.xml
  [2010.04.03 18:28:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-1.xml
  [2010.06.26 10:09:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-2.xml
  [2010.07.08 11:51:03 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-3.xml
  [2010.09.26 21:02:34 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-4.xml
  [2008.07.10 12:19:06 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin.xml
  [2010.09.26 20:58:25 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\qip-search.xml
  [2010.06.16 15:15:49 | 000,001,589 | ---- | M] () -- C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\web-search.xml
  O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\OEM\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
  O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
  O4 - Startup: C:\Documents and Settings\OEM\Nabídka Start\Programy\Po spuštění\Registration Assassin.LNK = C:\Program Files\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe File not found
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
  [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
  ""=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [CLEARALLRESTOREPOINTS]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Sopta]

tak sem to provedl, ale zadny LOG me to nedalo, a posledni LOG co mam na plose tak jsou z te predesle operace:

OTL logfile created on: 28.9.2010 19:09:43 - Run 1
OTL Extras logfile created on: 28.9.2010 19:09:43 - Run 1

[vyosek]

Ve slozce C:\_OTL neni mel by mit tvar DatumAplikace_CasAplikace

[Sopta]

neni, je tam jen slozka 09282010_201301 ale ta je prazdna

[vyosek]

Zkuste opravu pomoci OTL provest znovu ale v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

[Sopta]

tady je te LOG:

All processes killed
========== OTL ==========
Error: No service named HidServ was found to stop!
Service\Driver key HidServ not found.
File C:\WINDOWS\System32\hidserv.dll not found.
Error: No service named AppMgmt was found to stop!
Service\Driver key AppMgmt not found.
File C:\WINDOWS\System32\appmgmts.dll not found.
Error: No service named Update was found to stop!
Service\Driver key Update not found.
File C:\WINDOWS\System32\DRIVERS\update.sys not found.
Error: No service named sojuscsi was found to stop!
Service\Driver key sojuscsi not found.
File C:\WINDOWS\System32\DRIVERS\sojuscsi.sys not found.
Service LMIInfo stopped successfully!
Service LMIInfo deleted successfully!
File C:\Program Files\LogMeIn\x86\RaInfo.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\OEM\LOCALS~1\Temp\catchme.sys not found.
Registry value HKEY_USERS\S-1-5-21-1085031214-583907252-1417001333-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1085031214-583907252-1417001333-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ deleted successfully.
C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1085031214-583907252-1417001333-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\OEM\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "Crawler Search" removed from browser.search.order.1
Prefs.js: "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q=" removed from keyword.URL
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\QipCounter@qip.ru\chrome\content folder moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\QipCounter@qip.ru\chrome folder moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\extensions\QipCounter@qip.ru folder moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icq-search.xml moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\qip-search.xml moved successfully.
C:\Documents and Settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\d33dem4d.default\searchplugins\web-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Documents and Settings\OEM\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
C:\Documents and Settings\OEM\Nabídka Start\Programy\Po spuštění\Registration Assassin.LNK moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET188.tmp deleted successfully.
C:\WINDOWS\System32\SET194.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater\\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP425.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP67B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP698.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6EE.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP70.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI22F.tmp moved successfully.
C:\WINDOWS\Installer\MSIA9.tmp moved successfully.
C:\WINDOWS\Temp\f9cc33cc-420f-4f04-b79e-95988ab36731.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: OEM
->Temp folder emptied: 1238064 bytes
->Temporary Internet Files folder emptied: 147484 bytes
->Java cache emptied: 1550057 bytes
->FireFox cache emptied: 100603178 bytes
->Google Chrome cache emptied: 6192407 bytes
->Opera cache emptied: 9061479 bytes
->Flash cache emptied: 13090 bytes

User: test
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 113,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: LogMeInRemoteUser

User: NetworkService

User: OEM
->Flash cache emptied: 0 bytes

User: test

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.14.1 log created on 09282010_203555

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[vyosek]

Sjupr Jak se chova PC

[Sopta]

noo nic se nedeje, AVG zatim nic nervalo ...akorat ten unload porad votravuje? nevite co by ses tim dalo delat?

[vyosek]

Vysledek neni zarucen ale melo by pomoci tohle:

Stahnete a nainstalujte Windows Intaller Clean Up http://www.brothersoft.com/windows-inst ... 71773.html

Spustte msciuu jako spravce

Najdete polozku Unload a kliknete na ni, nasledne kliknete na Remove