Prosím o kontrolu logu Vyřešeno

[Plot]

Tak sem to provedl ale nevím jestli to dopadlo podle představ. Běželo to asi hodinku a zdálo se mi že pc vůbec nepracuje. No a tohle je to co s toho vyšlo.Nevím na log je to nějaké krátké.


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
127.0.0.1 localhost removed from HOSTS file successfully
127.0.0.1 007guard.com removed from HOSTS file successfully
127.0.0.1 008i.com removed from HOSTS file successfully
127.0.0.1 008k.com removed from HOSTS file successfully
127.0.0.1 00hq.com removed from HOSTS file successfully
127.0.0.1 010402.com removed from HOSTS file successfully
127.0.0.1 032439.com removed from HOSTS file successfully
127.0.0.1 0scan.com removed from HOSTS file successfully
127.0.0.1 1-2005-search.com removed from HOSTS file successfully
127.0.0.1 1-domains-registrations.com removed from HOSTS file successfully
127.0.0.1 1000gratisproben.com removed from HOSTS file successfully
127.0.0.1 1001namen.com removed from HOSTS file successfully
127.0.0.1 100888290cs.com removed from HOSTS file successfully
127.0.0.1 100sexlinks.com removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\msn.com\ deleted successfully.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.0.14.0 log created on 09242009_200734

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Reklama]

[Damned]

Ještě jednou to zkopíruj, tak aby měl v okýnku ten skript od začátku okýnka, aby tam nebyla mezera.

[Plot]

Tak teď už by to mělo být správně. Posílám log


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\VDM1D.tmp moved successfully.
C:\WINDOWS\Application Data\Chessmaster Challenge\local.ini.tmp moved successfully.
C:\WINDOWS\Application Data\Chessmaster Challenge\Lucka.ini.tmp moved successfully.
C:\WINDOWS\Application Data\Chessmaster Challenge\Paja.ini.tmp moved successfully.
C:\WINDOWS\Application Data\Microsoft\Office\fbc22B.tmp moved successfully.
C:\WINDOWS\Application Data\SecuROM\UserData\securom_v7_01.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\System32\DRIVERS\klif.sys moved successfully.
C:\WINDOWS\tasks\SA.DAT moved successfully.
========== SERVICES/DRIVERS ==========
Service\Driver vkquwexg not found.
Service\Driver vkquwexg not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Storm
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 974130 bytes
->FireFox cache emptied: 129896613 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
Session Manager Temp folder emptied: 0 bytes
Session Manager Tmp folder emptied: 0 bytes
RecycleBin emptied: 101530 bytes

Total Files Cleaned = 124,94 mb


OTL by OldTimer - Version 3.0.14.0 log created on 09252009_172203

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Damned]

Jak se chová PC?
Spusť ještě jednou OTL. Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. Klikni na Run Scan.
Vlož mi sem pak oba logy.

[Plot]

Posílám log. Co se týče chování počítače - stále okno Tento počítač nabíhá tak půl minuty, zvuk stále nejde vůbec (řekl bych, že mi zmizeli všechny ovladače, když jsme v tom Malware vše smazali před pár dny). Víš, myslím si že bych měl mít všechna zařízení ve správci zařízení, ale nic tam nemám - můžu se zeptat jestli jsme něco nesmazali nebo jestli je to jen nějak skrytý?


OTL logfile created on: 25.9.2009 17:40:51 - Run 2
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Storm\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Czech Republic | Language: csy | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 243,00 Mb Available Physical Memory | 47,51% Memory free
1,22 Gb Paging File | 1,01 Gb Available in Paging File | 82,63% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,76 Gb Total Space | 21,02 Gb Free Space | 18,81% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAJA
Current User Name: Storm
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Eset\nod32krn.exe (Eset )
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\Eset\nod32kui.exe (Eset )
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
PRC - C:\Documents and Settings\Storm\Plocha\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NMIndexingService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NOD32krn [Auto | Running]) -- C:\Program Files\Eset\nod32krn.exe (Eset )
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UMWdf [Auto | Stopped]) -- C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
SRV - (vsmon [Auto | Stopped]) -- C:\WINDOWS\System32\ZONELABS\vsmon.exe (Zone Labs, LLC)

========== Driver Services (SafeList) ==========

DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AMON [Auto | Running]) -- C:\WINDOWS\System32\drivers\amon.sys (Eset )
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (FETNDIS [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys (VIA Technologies, Inc. )
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (ms_mpu401 [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (NTSIM [On_Demand | Stopped]) -- C:\WINDOWS\System32\ntsim.sys (VIA Technologies, Inc. )
DRV - (Pfc [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (PolarUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\PolarUSB.sys (Polar Electro)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (srescan [Boot | Running]) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys (Zone Labs, LLC)
DRV - (viaagp1 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (VIAudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\viaudio.sys (VIA Technologies, Inc.)
DRV - (vsdatant [System | Running]) -- C:\WINDOWS\System32\vsdatant.sys (Zone Labs, LLC)
DRV - (vulfnths [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA Technologies, Inc.)
DRV - (vulfntrs [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA Technologies, Inc.)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/webhp?client=firefox-a&rls=org.mozilla:cs:official&channel=s&hl=cs&lr=&btnG=Vyhledat+Googlem"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.06.12 12:09:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008.06.12 12:09:50 | 00,000,000 | ---D | M]

[2008.12.10 22:18:20 | 00,000,000 | ---D | M] -- C:\WINDOWS\Application Data\mozilla\Extensions
[2008.12.10 22:18:20 | 00,000,000 | ---D | M] -- C:\WINDOWS\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008.06.12 12:10:20 | 00,000,000 | ---D | M] -- C:\WINDOWS\Application Data\mozilla\Firefox\Profiles\7qoe2bq4.default\extensions
[2009.09.23 17:11:16 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-3.xml
[2009.07.19 14:16:14 | 00,000,944 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin.xml
[2009.06.19 14:49:12 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-12.xml
[2009.08.05 14:16:12 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-14.xml
[2009.07.26 18:09:10 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-13.xml
[2009.09.14 14:36:10 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-15.xml
[2009.06.10 14:40:10 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-6.xml
[2009.06.10 20:54:04 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-1.xml
[2009.06.12 20:24:52 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-2.xml
[2009.06.13 10:27:58 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-7.xml
[2009.06.14 21:37:24 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-10.xml
[2009.06.14 22:17:24 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-4.xml
[2009.06.15 21:38:34 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-5.xml
[2009.06.16 15:29:28 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-9.xml
[2009.06.16 21:37:26 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-8.xml
[2009.06.17 20:41:32 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-11.xml
[2008.06.12 12:09:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.07.15 16:54:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.06.12 12:09:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.09.13 19:49:08 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.09.13 19:49:08 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008.03.24 20:21:00 | 02,889,088 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2008.03.19 19:23:20 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2007.05.10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007.04.10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009.09.13 19:49:10 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009.03.07 19:26:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.03.07 19:26:04 | 00,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.03.07 19:26:04 | 00,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.03.07 19:26:04 | 00,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.03.07 19:26:04 | 00,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.03.07 19:26:04 | 00,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (578290 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 127.0.0.1 123simsen.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 125sms.co.uk
O1 - Hosts: 127.0.0.1 125sms.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 1337crew.info
O1 - Hosts: 127.0.0.1 1337-crew.to
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 150freesms.de
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 127.0.0.1 171203.com
O1 - Hosts: 127.0.0.1 17-plus.com
O1 - Hosts: 127.0.0.1 1800searchonline.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1 181.365soft.info
O1 - Hosts: 127.0.0.1 1987324.com
O1 - Hosts: 127.0.0.1 1sexparty.com
O1 - Hosts: 127.0.0.1 1sms.de
O1 - Hosts: 127.0.0.1 1stantivirus.com
O1 - Hosts: 127.0.0.1 1stpagehere.com
O1 - Hosts: 127.0.0.1 1stsearchportal.com
O1 - Hosts: 127.0.0.1 2.82211.net
O1 - Hosts: 9981 more lines...
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (&Rádio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (Odka&zy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk = C:\Program Files\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\Storm\Nabídka Start\Programy\Po spuštění\ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\MSDXM.OCX (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.09.25 17:19:10 | 00,000,000 | -HSD | C] -- C:\Recycled
[2009.09.24 20:07:34 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.09.24 18:27:52 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Storm\Plocha\OTL.exe
[2009.09.24 17:44:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009.09.23 18:38:24 | 00,000,000 | ---D | C] -- C:\rsit
[2009.09.23 18:34:45 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Storm\Plocha\RSIT.exe
[2009.09.23 18:34:11 | 00,000,320 | ---- | C] () -- C:\Documents and Settings\Storm\Plocha\fix.reg
[2009.09.22 18:21:02 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.09.22 18:21:02 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009.09.22 18:21:02 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009.09.22 18:21:02 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009.09.22 18:21:02 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.09.22 18:21:02 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.09.22 18:21:02 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.09.22 18:21:02 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009.09.22 18:20:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.09.22 18:20:04 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.09.22 17:45:05 | 03,317,785 | R--- | C] () -- C:\Documents and Settings\Storm\Plocha\ComboFix.exe
[2009.09.21 17:26:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Storm\Plocha\Stahování
[2009.05.22 17:38:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\jppc.INI
[2009.01.11 11:14:36 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2008.09.15 09:07:36 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008.06.12 13:19:35 | 00,000,268 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.06.06 15:16:15 | 00,000,031 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008.06.06 15:16:04 | 00,000,181 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2008.05.09 21:38:47 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.03.20 17:49:44 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008.03.10 17:41:46 | 00,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2008.03.07 18:39:39 | 00,002,389 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.02.17 18:28:45 | 00,000,807 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2008.01.02 18:29:24 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008.01.02 18:29:24 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2008.01.02 18:29:24 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008.01.02 18:29:24 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2007.12.13 19:34:42 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.12.13 19:34:42 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.12.13 19:34:41 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.11.11 19:37:45 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.11.11 18:11:27 | 00,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2007.11.11 15:30:49 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.11.09 19:55:27 | 00,000,241 | ---- | C] () -- C:\WINDOWS\level.ini
[2007.11.09 18:48:07 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.11.09 18:48:07 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.11.09 18:48:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.11.09 18:48:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.11.09 18:48:07 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.11.09 18:48:07 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007.11.09 17:55:19 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2007.11.09 17:55:14 | 00,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2007.11.09 17:53:18 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2007.11.09 17:41:03 | 00,012,327 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2007.11.09 17:41:03 | 00,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2007.11.09 17:41:03 | 00,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2007.11.09 17:41:03 | 00,000,865 | ---- | C] () -- C:\WINDOWS\DOSREP.INI
[2007.11.09 17:41:03 | 00,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2007.11.09 17:41:03 | 00,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2007.11.09 17:41:03 | 00,000,120 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2007.11.09 17:41:03 | 00,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2007.11.09 17:41:03 | 00,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2007.11.09 17:41:03 | 00,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007.11.09 17:41:03 | 00,000,026 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI
[2007.11.09 17:41:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\progman.ini
[2007.11.09 17:41:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSINFO32.INI
[2007.11.09 17:41:02 | 00,000,043 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007.11.09 17:23:33 | 00,001,157 | ---- | C] () -- C:\WINDOWS\win.ini
[2007.11.09 17:23:06 | 00,000,375 | ---- | C] () -- C:\WINDOWS\system.ini
[2007.11.09 17:20:46 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2003.04.09 14:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.12.05 17:51:00 | 00,059,392 | R--- | C] () -- C:\WINDOWS\streamhlp.dll
[1980.01.01 00:00:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[1980.01.01 00:00:00 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[1980.01.01 00:00:00 | 00,000,025 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== Files - Modified Within 30 Days ==========

[2009.09.25 17:24:42 | 00,352,918 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009.09.25 17:24:28 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.09.25 17:24:26 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2009.09.25 17:23:48 | 00,000,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009.09.25 17:23:48 | 00,000,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009.09.24 18:27:54 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Storm\Plocha\OTL.exe
[2009.09.24 17:56:42 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.09.24 17:47:18 | 00,000,375 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.09.23 18:34:48 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Storm\Plocha\RSIT.exe
[2009.09.23 18:34:12 | 00,000,320 | ---- | M] () -- C:\Documents and Settings\Storm\Plocha\fix.reg
[2009.09.22 18:37:36 | 00,094,720 | ---- | M] () -- C:\Documents and Settings\Storm\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.22 17:45:34 | 03,317,785 | R--- | M] () -- C:\Documents and Settings\Storm\Plocha\ComboFix.exe
[2009.09.21 15:43:48 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.09.19 22:26:18 | 06,399,794 | -H-- | M] () -- C:\Documents and Settings\Storm\Local Settings\Data aplikací\IconCache.db
[2009.09.14 02:12:38 | 00,229,888 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009.09.10 19:20:48 | 00,067,072 | ---- | M] () -- C:\Documents and Settings\Storm\Dokumenty\Odložené případy.doc
[2009.09.10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.09.10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== LOP Check ==========

[1999.05.05 22:22:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI

========== Purity Check ==========


< End of report >

[Damned]

Stáhni si HostsXpert
- rozbal tento program do vlastní složky/adresáře a spusť ho:
- pak klikni na tlačítko Restore MS Hosts File (plocha napravo nesmí být šedá a na prvním tlačítku musí být napsaná tato volba )
- vyskočí ti hláška na potvrzení, klikni na OK
- pokud by ti program vyhodil chybovou hlášku: ERROR: Cannot create file C:\WINDOWS\system32\DRIVERS\ETC\hosts
tak klikni tlačítko Make Writeable? a pak teprve klikni na tlačítko Restore MS Hosts File
- po proběhnutí pak klikni na tlačítko Make ReadOnly?
- ukončí program a restartuj Pc

Zvuk uděláme na konec.

[Plot]

Tak snad jsem udělal co jsem měl. Kliknul jsem na to Restore MS Hosts File, pak hned vpravo něco naběhlo, tak jsem nevěděl, jestli je to to co mělo, vypnul program a restartoval pc.

[Damned]

Spusť znovu OTL a dej mi sem zas logy. Uvidíme zda ty šmejdy smazal.

[Plot]

tak posílám log


OTL logfile created on: 25.9.2009 19:30:53 - Run 3
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\Storm\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Czech Republic | Language: csy | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 247,80 Mb Available Physical Memory | 48,45% Memory free
1,22 Gb Paging File | 1,01 Gb Available in Paging File | 82,91% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,76 Gb Total Space | 20,97 Gb Free Space | 18,76% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAJA
Current User Name: Storm
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Eset\nod32krn.exe (Eset )
PRC - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\Eset\nod32kui.exe (Eset )
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
PRC - C:\WINDOWS\System32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Storm\Plocha\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (NMIndexingService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (NOD32krn [Auto | Running]) -- C:\Program Files\Eset\nod32krn.exe (Eset )
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UMWdf [Auto | Stopped]) -- C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
SRV - (vsmon [Auto | Stopped]) -- C:\WINDOWS\System32\ZONELABS\vsmon.exe (Zone Labs, LLC)

========== Driver Services (SafeList) ==========

DRV - (AgereSoftModem [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (AMON [Auto | Running]) -- C:\WINDOWS\System32\drivers\amon.sys (Eset )
DRV - (ati2mtag [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (FETNDIS [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys (VIA Technologies, Inc. )
DRV - (gameenum [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys (Microsoft Corporation)
DRV - (MODEMCSA [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\MODEMCSA.sys (Microsoft Corporation)
DRV - (ms_mpu401 [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (NTSIM [On_Demand | Stopped]) -- C:\WINDOWS\System32\ntsim.sys (VIA Technologies, Inc. )
DRV - (Pfc [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (PolarUSB [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\PolarUSB.sys (Polar Electro)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (srescan [Boot | Running]) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys (Zone Labs, LLC)
DRV - (viaagp1 [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (VIAudio [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\viaudio.sys (VIA Technologies, Inc.)
DRV - (vsdatant [System | Running]) -- C:\WINDOWS\System32\vsdatant.sys (Zone Labs, LLC)
DRV - (vulfnths [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA Technologies, Inc.)
DRV - (vulfntrs [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA Technologies, Inc.)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/webhp?client=firefox-a&rls=org.mozilla:cs:official&channel=s&hl=cs&lr=&btnG=Vyhledat+Googlem"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008.06.12 12:09:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008.06.12 12:09:50 | 00,000,000 | ---D | M]

[2008.12.10 22:18:20 | 00,000,000 | ---D | M] -- C:\WINDOWS\Application Data\mozilla\Extensions
[2008.12.10 22:18:20 | 00,000,000 | ---D | M] -- C:\WINDOWS\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008.06.12 12:10:20 | 00,000,000 | ---D | M] -- C:\WINDOWS\Application Data\mozilla\Firefox\Profiles\7qoe2bq4.default\extensions
[2009.09.23 17:11:16 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-3.xml
[2009.07.19 14:16:14 | 00,000,944 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin.xml
[2009.06.19 14:49:12 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-12.xml
[2009.08.05 14:16:12 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-14.xml
[2009.07.26 18:09:10 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-13.xml
[2009.09.14 14:36:10 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-15.xml
[2009.06.10 14:40:10 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-6.xml
[2009.06.10 20:54:04 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-1.xml
[2009.06.12 20:24:52 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-2.xml
[2009.06.13 10:27:58 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-7.xml
[2009.06.14 21:37:24 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-10.xml
[2009.06.14 22:17:24 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-4.xml
[2009.06.15 21:38:34 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-5.xml
[2009.06.16 15:29:28 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-9.xml
[2009.06.16 21:37:26 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-8.xml
[2009.06.17 20:41:32 | 00,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\FireFox\Profiles\7qoe2bq4.default\searchplugins\icqplugin-11.xml
[2008.06.12 12:09:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.07.15 16:54:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.06.12 12:09:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.09.13 19:49:08 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.09.13 19:49:08 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008.03.24 20:21:00 | 02,889,088 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2008.03.19 19:23:20 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2007.05.10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007.04.10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009.09.13 19:49:10 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009.03.07 19:26:04 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.03.07 19:26:04 | 00,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.03.07 19:26:04 | 00,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.03.07 19:26:04 | 00,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.03.07 19:26:04 | 00,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.03.07 19:26:04 | 00,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (698 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (&Rádio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (Odka&zy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk = C:\Program Files\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\Storm\Nabídka Start\Programy\Po spuštění\ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\MSDXM.OCX (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter: - Class Install Handler - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - lzdhtml - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/webviewhtml - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\WlNotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\System32\SHELL32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O27 - HKLM IFEO\Your Image File Name Here without a path: Debugger - C:\WINDOWS\System32\ntsd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.09.25 18:33:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Storm\Plocha\HostsXpert
[2009.09.25 18:19:49 | 00,353,485 | ---- | C] () -- C:\Documents and Settings\Storm\Plocha\HostsXpert.zip
[2009.09.25 17:19:10 | 00,000,000 | -HSD | C] -- C:\Recycled
[2009.09.24 20:07:34 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.09.24 18:27:52 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Storm\Plocha\OTL.exe
[2009.09.24 17:44:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009.09.23 18:38:24 | 00,000,000 | ---D | C] -- C:\rsit
[2009.09.23 18:34:45 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Storm\Plocha\RSIT.exe
[2009.09.23 18:34:11 | 00,000,320 | ---- | C] () -- C:\Documents and Settings\Storm\Plocha\fix.reg
[2009.09.22 18:21:02 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.09.22 18:21:02 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009.09.22 18:21:02 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009.09.22 18:21:02 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009.09.22 18:21:02 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.09.22 18:21:02 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.09.22 18:21:02 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.09.22 18:21:02 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009.09.22 18:20:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.09.22 18:20:04 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.09.22 17:45:05 | 03,317,785 | R--- | C] () -- C:\Documents and Settings\Storm\Plocha\ComboFix.exe
[2009.09.21 17:26:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Storm\Plocha\Stahování
[2009.05.22 17:38:01 | 00,000,000 | ---- | C] () -- C:\WINDOWS\jppc.INI
[2009.01.11 11:14:36 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2008.09.15 09:07:36 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008.06.12 13:19:35 | 00,000,268 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.06.06 15:16:15 | 00,000,031 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008.06.06 15:16:04 | 00,000,181 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2008.05.09 21:38:47 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.03.20 17:49:44 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008.03.10 17:41:46 | 00,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2008.03.07 18:39:39 | 00,002,389 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.02.17 18:28:45 | 00,000,807 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2008.01.02 18:29:24 | 00,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008.01.02 18:29:24 | 00,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2008.01.02 18:29:24 | 00,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008.01.02 18:29:24 | 00,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2007.12.13 19:34:42 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.12.13 19:34:42 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.12.13 19:34:41 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.11.11 19:37:45 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.11.11 18:11:27 | 00,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2007.11.11 15:30:49 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.11.09 19:55:27 | 00,000,241 | ---- | C] () -- C:\WINDOWS\level.ini
[2007.11.09 18:48:07 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.11.09 18:48:07 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.11.09 18:48:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.11.09 18:48:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.11.09 18:48:07 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.11.09 18:48:07 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007.11.09 17:55:19 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2007.11.09 17:55:14 | 00,000,260 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2007.11.09 17:53:18 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2007.11.09 17:41:03 | 00,012,327 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2007.11.09 17:41:03 | 00,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2007.11.09 17:41:03 | 00,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2007.11.09 17:41:03 | 00,000,865 | ---- | C] () -- C:\WINDOWS\DOSREP.INI
[2007.11.09 17:41:03 | 00,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2007.11.09 17:41:03 | 00,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2007.11.09 17:41:03 | 00,000,120 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2007.11.09 17:41:03 | 00,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2007.11.09 17:41:03 | 00,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2007.11.09 17:41:03 | 00,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007.11.09 17:41:03 | 00,000,026 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI
[2007.11.09 17:41:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\progman.ini
[2007.11.09 17:41:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSINFO32.INI
[2007.11.09 17:41:02 | 00,000,043 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2007.11.09 17:23:33 | 00,001,157 | ---- | C] () -- C:\WINDOWS\win.ini
[2007.11.09 17:23:06 | 00,000,375 | ---- | C] () -- C:\WINDOWS\system.ini
[2007.11.09 17:20:46 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2003.04.09 14:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.12.05 17:51:00 | 00,059,392 | R--- | C] () -- C:\WINDOWS\streamhlp.dll
[1980.01.01 00:00:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[1980.01.01 00:00:00 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL
[1980.01.01 00:00:00 | 00,000,025 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

========== Files - Modified Within 30 Days ==========

[2009.09.25 18:36:42 | 00,352,918 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2009.09.25 18:36:14 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.09.25 18:36:12 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2009.09.25 18:19:44 | 00,353,485 | ---- | M] () -- C:\Documents and Settings\Storm\Plocha\HostsXpert.zip
[2009.09.25 17:44:14 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.09.25 17:23:48 | 00,000,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2009.09.25 17:23:48 | 00,000,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009.09.24 18:27:54 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Storm\Plocha\OTL.exe
[2009.09.24 17:47:18 | 00,000,375 | ---- | M] () -- C:\WINDOWS\system.ini
[2009.09.23 18:34:48 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Storm\Plocha\RSIT.exe
[2009.09.23 18:34:12 | 00,000,320 | ---- | M] () -- C:\Documents and Settings\Storm\Plocha\fix.reg
[2009.09.22 18:37:36 | 00,094,720 | ---- | M] () -- C:\Documents and Settings\Storm\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.22 17:45:34 | 03,317,785 | R--- | M] () -- C:\Documents and Settings\Storm\Plocha\ComboFix.exe
[2009.09.21 15:43:48 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.09.19 22:26:18 | 06,399,794 | -H-- | M] () -- C:\Documents and Settings\Storm\Local Settings\Data aplikací\IconCache.db
[2009.09.14 02:12:38 | 00,229,888 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009.09.10 19:20:48 | 00,067,072 | ---- | M] () -- C:\Documents and Settings\Storm\Dokumenty\Odložené případy.doc
[2009.09.10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.09.10 14:53:50 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== LOP Check ==========

[1999.05.05 22:22:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\DESKTOP.INI

========== Purity Check ==========


< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
O4 - Startup: C:\Documents and Settings\Storm\Nabídka Start\Programy\Po spuštění\ubisoft register.lnk = C:\Program Files\Ubi Soft\Register\schedule.exe
O34 - HKLM BootExecute: (autocheck)
O34 - HKLM BootExecute: (*)

:Files
C:\WINDOWS\System32\drivers\fidbox.idx
C:\WINDOWS\System32\drivers\fidbox.dat

:Reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
*****************************************************************************************************************************************
Stáhni si :Dr. Web CureIt
dej update , po aktualizaci dej úplný sken.
Tlačítky dole můzeš soubor léčit, smazat, přesunout nebo přejmenovat.Nejdříve dej léčit, kdyby nešlo, tak mazat. Sken může trvat dlouho.

[Plot]

Nedaří se mi provést to v tom programu OTL, vždy se to zastaví na té položce 04 - Startup a jakoby to zamrzlo, počítač vypadá že nefunguje. Když to 20 minut nic nedělo, restartoval jsem tvrdě počítač (program neodpovídal).

[Damned]

Dobrá, pokračuj tím Dr. Webem.