VIRY.CZ

OTL uz jede

Ok

a kdyz davam ten kod a pak opravit v tom otl tak tam mam zase vybrat ty kontorly na havet "lop" a "purity" a pro "vsechny uzivatele"???

Ne ne Jen vložit skript.

zas to hodilo ze neodpovida

Aplikujte ComboFix podle návodu http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-07-25.02 - Honza 27.07.2011 17:43:25.1.2 - x64
Spuštěný z: c:\users\Honza\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\FunWebProducts
c:\program files (x86)\FunWebProducts\Installr\2.bin\F3EZSETP.DLL
c:\program files (x86)\FunWebProducts\Installr\2.bin\F3PLUGIN.DLL
c:\program files (x86)\FunWebProducts\Installr\2.bin\NPFUNWEB.DLL
c:\users\Honza\AppData\Roaming\.#
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\front_ip_list.txt
c:\windows\gbot111.exe
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\l1rezerv.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\proc_list1.log
c:\windows\rpcminer.rar
c:\windows\services32.exe
c:\windows\sysdriver32_.exe
c:\windows\systemup.exe
c:\windows\SysWow64\f3PSSavr.scr
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.3
c:\windows\update.3\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\update.tray-14-0\svchost.exe
c:\windows\update.tray-3-0\svchost.exe
c:\windows\update.tray-9-0\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_srviecheck
-------\Service_wxpdrivers
-------\Service_srvbtcclient
-------\Service_srvbtcclient
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 15:52 . 2011-07-27 15:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-27 15:41 . 2011-07-27 15:41 -------- d-----w- C:\32788R22FWJFW
2011-07-26 19:11 . 2011-07-26 19:11 -------- d-----w- c:\windows\system32\SPReview
2011-07-26 19:09 . 2011-07-26 19:09 -------- d-----w- c:\windows\system32\EventProviders
2011-07-26 17:01 . 2011-07-26 17:01 -------- d-----w- C:\_OTL
2011-07-25 19:46 . 2011-07-26 15:11 512 ----a-w- C:\PhysicalMBR.bin
2011-07-25 19:05 . 2011-07-25 19:30 -------- d-----w- c:\program files\trend micro
2011-07-25 19:05 . 2011-07-25 19:06 -------- d-----w- C:\rsit
2011-07-24 13:48 . 2011-07-27 15:51 -------- d--h--w- c:\windows\update.tray-3-0
2011-07-24 13:48 . 2011-07-24 13:48 -------- d--h--w- c:\windows\update.tray-3-0-lnk
2011-07-21 12:02 . 2011-07-21 12:02 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-07-21 09:17 . 2011-07-27 15:51 -------- d--h--w- c:\windows\update.tray-14-0
2011-07-21 09:17 . 2011-07-21 09:17 -------- d--h--w- c:\windows\update.tray-14-0-lnk
2011-07-21 09:13 . 2011-07-21 09:13 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-07-21 09:13 . 2011-07-21 09:17 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-20 11:47 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-07-19 19:00 . 2011-07-19 19:00 -------- d-----w- c:\windows\ufa
2011-07-19 19:00 . 2011-07-19 19:00 -------- d-----w- c:\windows\rpcminer
2011-07-19 19:00 . 2011-07-19 19:00 -------- d-----w- c:\windows\phoenix
2011-07-19 18:52 . 2011-07-19 19:00 246272 ----a-w- c:\windows\unrar.exe
2011-07-19 18:50 . 2011-07-24 13:50 -------- d-----w- c:\windows\av_ico
2011-07-19 18:48 . 2011-07-27 15:51 -------- d--h--w- c:\windows\update.tray-9-0
2011-07-19 18:48 . 2011-07-19 18:48 -------- d--h--w- c:\windows\update.tray-9-0-lnk
2011-07-15 18:38 . 2011-07-15 18:38 -------- d-----w- c:\users\Honza\AppData\Roaming\skypePM
2011-07-15 18:35 . 2011-07-15 21:38 -------- d-----r- c:\program files (x86)\Skype
2011-07-15 18:35 . 2011-07-26 15:53 -------- d-----w- c:\users\Honza\AppData\Roaming\Skype
2011-07-15 18:35 . 2011-07-15 21:38 -------- d-----w- c:\programdata\Skype
2011-07-13 17:59 . 2011-06-03 06:57 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-13 17:59 . 2011-06-03 06:57 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-13 17:59 . 2011-06-03 06:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-13 17:59 . 2011-06-03 06:57 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 17:59 . 2011-06-03 06:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-13 17:59 . 2011-06-03 06:53 338944 ----a-w- c:\windows\system32\conhost.exe
2011-07-13 17:59 . 2011-06-03 06:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-13 17:59 . 2011-06-03 05:57 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-13 17:59 . 2011-06-03 05:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-13 17:59 . 2011-06-03 03:53 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-13 17:59 . 2011-06-03 03:53 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-06 14:14 . 2011-07-06 14:14 -------- d-----w- c:\programdata\boost_interprocess
2011-07-04 10:27 . 2011-07-04 10:30 -------- d-----w- c:\program files (x86)\mswt kart
2011-07-01 19:45 . 2011-07-01 19:45 -------- d-----w- c:\program files (x86)\Little Fighter 2.5 - v2.0
2011-07-01 08:15 . 2011-07-01 08:15 -------- d-----w- C:\MyWinLockerData
2011-06-30 22:48 . 2011-06-30 22:48 16856 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-container.exe
2011-06-30 22:48 . 2011-06-30 22:48 719832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozcpp19.dll
2011-06-30 16:34 . 2011-06-30 16:34 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-06-30 16:30 . 2011-06-30 16:33 -------- d-----w- c:\programdata\SpeedBit
2011-06-30 16:30 . 2011-06-30 16:30 90784 ----a-w- c:\windows\SysWow64\EasyHook32.dll
2011-06-30 16:30 . 2011-06-30 16:30 109216 ----a-w- c:\windows\SysWow64\EasyHook64.dll
2011-06-30 16:30 . 2011-06-30 16:30 -------- d-----w- c:\program files (x86)\Common Files\SpeedBit
2011-06-30 16:30 . 2011-06-30 16:34 -------- d-----w- c:\program files (x86)\DAP
2011-06-30 15:02 . 2011-06-30 15:02 194 ----a-w- C:\Delme.bat
2011-06-30 14:57 . 2011-06-30 15:02 -------- d-----w- c:\program files (x86)\LittleFighter2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-26 19:25 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-26 19:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-24 13:05 . 2010-02-26 14:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-07-24 13:04 . 2010-03-04 14:51 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-07-13 04:53 . 2011-07-26 14:31 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6F0A362-D32F-418A-93D2-79F97CD1F18D}\mpengine.dll
2011-06-03 14:02 . 2011-06-03 14:02 62496 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2011-06-03 14:01 . 2011-06-03 14:01 38288 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2011-06-03 14:01 . 2011-06-03 14:01 187632 ----a-w- c:\windows\system32\drivers\epfw.sys
2011-06-03 14:01 . 2011-06-03 14:01 146432 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2011-06-03 14:00 . 2011-06-03 14:00 202064 ----a-w- c:\windows\system32\drivers\eamonm.sys
2011-06-03 05:57 . 2011-07-13 17:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-30 17:57 . 2010-02-04 19:34 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-30 17:57 . 2010-02-04 19:34 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-05-28 03:30 . 2011-06-17 12:32 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-28 02:53 . 2011-06-17 12:32 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-27 15:28 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-27 15:28 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-25 15:11 . 2010-03-18 16:32 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-25 15:11 . 2010-02-26 14:31 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-03 05:29 . 2011-06-17 12:32 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-17 12:32 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-17 12:32 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-17 12:32 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-17 12:32 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-06-07 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-09-24 825864]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-06 181480]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Smart Security\EShaSrv.exe [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
R3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 nuvotonhidcir;Nuvoton HID CIR Receiver;c:\windows\system32\DRIVERS\nuvotonhidcir.sys [x]
R3 nuvotonir;Nuvoton CIR Transceiver;c:\windows\system32\DRIVERS\nuvotonir.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-10-03 788000]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-10-17 239720]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 19:56]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 19:56]
.
2011-07-25 c:\windows\Tasks\Norton Security Scan for Honza.job
- c:\progra~2\Norton Security Scan\Engine\3.0.0.103\Nss.exe [2011-04-26 02:19]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF30625.cfxxe" [X]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-10-03 496160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-17 16405096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-04 8098848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5739g&r=273612092606l03h3z176t6864y705
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:58949
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://home.speedbit.com/search.aspx?aff=106&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://home.speedbit.com/?aff=105
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm047YYCZ&ptb=MvHwVlVEN0CSEEyz5gSqmg&psa=&ind=2010090416&ptnrS=GRxdm047YYCZ&si=&st=kwd&n=77cf8bb0&searchfor=
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
Toolbar-Locked - (no file)
Toolbar-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
Wow6432Node-HKCU-Run-RGSC - c:\program files\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-mcagent_exe - c:\program files (x86)\McAfee.com\Agent\mcagent.exe
Wow6432Node-HKLM-Run-wxpdrv - c:\windows\services32.exe
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico0 - c:\windows\update.tray-9-0\svchost.exe
Wow6432Node-HKLM-Run-tray_ico1 - c:\windows\update.tray-14-0\svchost.exe
Wow6432Node-HKLM-Run-tray_ico2 - c:\windows\update.tray-3-0\svchost.exe
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
Wow6432Node-HKLM-Run-sysdriver32.exe - c:\windows\sysdriver32.exe
Wow6432Node-HKLM-Run-sysdriver32_.exe - c:\windows\sysdriver32_.exe
Wow6432Node-HKLM-Run-l1rezerv.exe - c:\windows\l1rezerv.exe
Wow6432Node-HKLM-Run-systemup - c:\windows\systemup.exe
Wow6432Node-HKLM-Run-w_distrib.exe - c:\windows\update.3\svchost.exe
Toolbar-Locked - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Corel Photo Downloader - c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
HKLM-Run-MSC - c:\program files\Microsoft Security Client\msseces.exe
HKLM-Run-egui - c:\program files\ESET\ESET Smart Security\egui.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-DAEMON Tools Toolbar - c:\program files (x86)\DAEMON Tools Toolbar\uninst.exe
AddRemove-ICQToolbar - c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-MSC - c:\program files (x86)\McAfee\MSC\mcuninst.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\Shockwave 8\UNWISE.EXE
AddRemove-{259C0ABB-A3B2-4D70-008F-BF7EE491B70B} - c:\gamesky\EAUninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Y*%]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Y*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\SecuROM\License information*]
"datasecu"=hex:4e,a5,cb,9a,af,3e,d6,1e,42,ac,be,2a,1e,8e,1e,75,58,13,11,3a,04,
cb,2e,86,3a,35,4e,5f,50,5e,3d,d9,53,9b,fc,40,2b,4c,64,1c,56,06,f7,25,60,fa,\
"rkeysecu"=hex:50,26,22,a5,e8,27,07,7f,fb,4f,ab,81,73,b2,63,f4
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\windows\SysWOW64\PSIService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 18:02:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 16:02
.
Před spuštěním: Volných bajtů: 77 506 150 400
Po spuštění: Volných bajtů: 77 069 713 408
.
- - End Of File - - 8BD06EBAFA1358BEB5DB6F1CF0C9F5F2

Pokud nemáte, přesuňte Combofix na plochu

• Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

• Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
• Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
  
  
• Po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

ComboFix 11-07-25.02 - Honza 27.07.2011 22:17:12.3.2 - x64
Spuštěný z: c:\users\Honza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
.
FILE ::
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\av_ico
c:\windows\av_ico\ico_Essentials_start.ico
c:\windows\av_ico\ico_mcafee_start.ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-14-0-lnk
c:\windows\update.tray-14-0-lnk\svchost.exe
c:\windows\update.tray-14-0
c:\windows\update.tray-3-0-lnk
c:\windows\update.tray-3-0-lnk\svchost.exe
c:\windows\update.tray-3-0
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-9-0-lnk\svchost.exe
c:\windows\update.tray-9-0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 20:25 . 2011-07-27 20:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-27 20:25 . 2011-07-27 20:25 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-07-26 19:11 . 2011-07-26 19:11 -------- d-----w- c:\windows\system32\SPReview
2011-07-26 19:09 . 2011-07-26 19:09 -------- d-----w- c:\windows\system32\EventProviders
2011-07-26 17:01 . 2011-07-26 17:01 -------- d-----w- C:\_OTL
2011-07-26 14:31 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B6F0A362-D32F-418A-93D2-79F97CD1F18D}\mpengine.dll
2011-07-25 19:46 . 2011-07-26 15:11 512 ----a-w- C:\PhysicalMBR.bin
2011-07-25 19:05 . 2011-07-25 19:30 -------- d-----w- c:\program files\trend micro
2011-07-25 19:05 . 2011-07-25 19:06 -------- d-----w- C:\rsit
2011-07-21 12:02 . 2011-07-21 12:02 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-07-21 09:13 . 2011-07-21 09:13 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-07-21 09:13 . 2011-07-21 09:17 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-20 11:47 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-07-15 18:38 . 2011-07-15 18:38 -------- d-----w- c:\users\Honza\AppData\Roaming\skypePM
2011-07-15 18:35 . 2011-07-15 21:38 -------- d-----r- c:\program files (x86)\Skype
2011-07-15 18:35 . 2011-07-26 15:53 -------- d-----w- c:\users\Honza\AppData\Roaming\Skype
2011-07-15 18:35 . 2011-07-15 21:38 -------- d-----w- c:\programdata\Skype
2011-07-13 17:59 . 2011-06-03 06:57 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-13 17:59 . 2011-06-03 06:57 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-13 17:59 . 2011-06-03 06:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-13 17:59 . 2011-06-03 06:57 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 17:59 . 2011-06-03 06:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-13 17:59 . 2011-06-03 06:53 338944 ----a-w- c:\windows\system32\conhost.exe
2011-07-13 17:59 . 2011-06-03 06:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-13 17:59 . 2011-06-03 05:57 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-13 17:59 . 2011-06-03 05:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-13 17:59 . 2011-06-03 03:53 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-13 17:59 . 2011-06-03 03:53 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-06 14:14 . 2011-07-06 14:14 -------- d-----w- c:\programdata\boost_interprocess
2011-07-04 10:27 . 2011-07-04 10:30 -------- d-----w- c:\program files (x86)\mswt kart
2011-07-01 19:45 . 2011-07-01 19:45 -------- d-----w- c:\program files (x86)\Little Fighter 2.5 - v2.0
2011-07-01 08:15 . 2011-07-01 08:15 -------- d-----w- C:\MyWinLockerData
2011-06-30 22:48 . 2011-06-30 22:48 16856 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-container.exe
2011-06-30 22:48 . 2011-06-30 22:48 719832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozcpp19.dll
2011-06-30 16:34 . 2011-06-30 16:34 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2011-06-30 16:30 . 2011-06-30 16:33 -------- d-----w- c:\programdata\SpeedBit
2011-06-30 16:30 . 2011-06-30 16:30 90784 ----a-w- c:\windows\SysWow64\EasyHook32.dll
2011-06-30 16:30 . 2011-06-30 16:30 109216 ----a-w- c:\windows\SysWow64\EasyHook64.dll
2011-06-30 16:30 . 2011-06-30 16:30 -------- d-----w- c:\program files (x86)\Common Files\SpeedBit
2011-06-30 16:30 . 2011-06-30 16:34 -------- d-----w- c:\program files (x86)\DAP
2011-06-30 15:02 . 2011-06-30 15:02 194 ----a-w- C:\Delme.bat
2011-06-30 14:57 . 2011-06-30 15:02 -------- d-----w- c:\program files (x86)\LittleFighter2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-26 19:25 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-26 19:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-24 13:05 . 2010-02-26 14:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-07-24 13:04 . 2010-03-04 14:51 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-06-03 14:02 . 2011-06-03 14:02 62496 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2011-06-03 14:01 . 2011-06-03 14:01 38288 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2011-06-03 14:01 . 2011-06-03 14:01 187632 ----a-w- c:\windows\system32\drivers\epfw.sys
2011-06-03 14:01 . 2011-06-03 14:01 146432 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2011-06-03 14:00 . 2011-06-03 14:00 202064 ----a-w- c:\windows\system32\drivers\eamonm.sys
2011-06-03 05:57 . 2011-07-13 17:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-30 17:57 . 2010-02-04 19:34 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-30 17:57 . 2010-02-04 19:34 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-05-28 03:30 . 2011-06-17 12:32 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-28 02:53 . 2011-06-17 12:32 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-27 15:28 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-27 15:28 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-25 15:11 . 2010-03-18 16:32 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-25 15:11 . 2010-02-26 14:31 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-03 05:29 . 2011-06-17 12:32 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-17 12:32 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-17 12:32 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-17 12:32 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-17 12:32 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-27_15.54.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-10 00:20 . 2011-07-27 19:22 75258 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-27 19:22 45726 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-28 17:31 . 2011-07-27 16:08 23206 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3634586708-3529570969-1562118592-1001_UserData.bin
+ 2009-12-29 02:16 . 2011-07-27 17:09 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-29 02:16 . 2011-07-27 14:52 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-07-26 21:03 . 2011-07-27 17:09 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-07-26 21:03 . 2011-07-27 14:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 17:09 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-27 14:52 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-28 17:36 . 2011-07-27 19:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-28 17:36 . 2011-07-27 15:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-07-27 16:05 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-12-28 17:36 . 2011-07-27 19:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-28 17:36 . 2011-07-27 15:57 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-28 17:36 . 2011-07-27 19:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-28 17:36 . 2011-07-27 15:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-29 02:21 . 2011-07-27 20:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-29 02:21 . 2011-07-27 15:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-29 02:21 . 2011-07-27 20:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-29 02:21 . 2011-07-27 15:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-27 19:20 . 2011-07-27 19:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-27 15:53 . 2011-07-27 15:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-27 19:20 . 2011-07-27 19:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-27 15:53 . 2011-07-27 15:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-28 11:56 . 2011-07-27 19:14 489002 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2011-07-26 20:02 618108 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-07-27 19:26 618108 c:\windows\system32\perfh009.dat
- 2009-01-11 02:15 . 2011-07-26 20:02 633392 c:\windows\system32\perfh005.dat
+ 2009-01-11 02:15 . 2011-07-27 19:26 633392 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-07-26 20:02 107388 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-07-27 19:26 107388 c:\windows\system32\perfc009.dat
+ 2009-01-11 02:15 . 2011-07-27 19:26 122914 c:\windows\system32\perfc005.dat
- 2009-01-11 02:15 . 2011-07-26 20:02 122914 c:\windows\system32\perfc005.dat
- 2009-07-14 05:12 . 2011-07-27 14:52 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-07-27 17:09 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2011-07-27 15:52 444636 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-27 19:19 444636 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-08-21 21:29 . 2011-07-27 19:19 890276 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3634586708-3529570969-1562118592-1001-8192.dat
- 2010-08-21 21:29 . 2011-07-27 15:52 890276 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3634586708-3529570969-1562118592-1001-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-06-07 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-09-24 825864]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-06 181480]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Smart Security\EShaSrv.exe [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 136176]
R3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\DRIVERS\hidshim.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 nuvotonhidcir;Nuvoton HID CIR Receiver;c:\windows\system32\DRIVERS\nuvotonhidcir.sys [x]
R3 nuvotonir;Nuvoton CIR Transceiver;c:\windows\system32\DRIVERS\nuvotonir.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-10-03 788000]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-24 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-10-17 239720]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 19:56]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-04 19:56]
.
2011-07-25 c:\windows\Tasks\Norton Security Scan for Honza.job
- c:\progra~2\Norton Security Scan\Engine\3.0.0.103\Nss.exe [2011-04-26 02:19]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-10-03 496160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-17 16405096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-04 8098848]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Corel Photo Downloader"="c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [BU]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [BU]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5739g&r=273612092606l03h3z176t6864y705
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:58949
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://home.speedbit.com/search.aspx?aff=106&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://home.speedbit.com/?aff=105
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRxdm047YYCZ&ptb=MvHwVlVEN0CSEEyz5gSqmg&psa=&ind=2010090416&ptnrS=GRxdm047YYCZ&si=&st=kwd&n=77cf8bb0&searchfor=
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
Toolbar-Locked - (no file)
Toolbar-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Y*%]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Y*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\SecuROM\License information*]
"datasecu"=hex:4e,a5,cb,9a,af,3e,d6,1e,42,ac,be,2a,1e,8e,1e,75,58,13,11,3a,04,
cb,2e,86,3a,35,4e,5f,50,5e,3d,d9,53,9b,fc,40,2b,4c,64,1c,56,06,f7,25,60,fa,\
"rkeysecu"=hex:50,26,22,a5,e8,27,07,7f,fb,4f,ab,81,73,b2,63,f4
.
Celkový čas: 2011-07-27 22:28:02
ComboFix-quarantined-files.txt 2011-07-27 20:28
ComboFix2.txt 2011-07-27 16:02
.
Před spuštěním: Volných bajtů: 77 083 095 040
Po spuštění: Volných bajtů: 77 014 446 080
.
- - End Of File - - 909E3C0C7A19BC9AAC65EC2BB64F840C

Jak se chová PC?

pc se sam od sebe se neresetuje(takze v poho), internet jaks taks jede, jen fb moc ne, nwm co byste potreboval vedet?

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.scr na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte log OTL.Txt

zkousel jsem to a neco po pulce nacitani to hodilo Cannot create file C:\Users\Honza\Desktop\cmb.bat.

Tak zkuste OTL spustit bez skriptu.

OTL logfile created on: 7/28/2011 4:21:22 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Honza\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.97 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 54.63% Memory free
7.93 Gb Paging File | 6.12 Gb Available in Paging File | 77.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.57 Gb Total Space | 70.46 Gb Free Space | 12.14% Space Free | Partition Type: NTFS

Computer Name: HONZA-PC | User Name: Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/26 21:45:34 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/07/25 21:42:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.scr
PRC - [2011/07/09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/06/07 18:01:07 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2009/10/17 09:16:00 | 000,239,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvSCPAPISvr.exe
PRC - [2009/10/07 00:18:26 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/10/06 05:15:10 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/09/25 01:42:32 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/24 14:14:48 | 000,825,864 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.EXE
PRC - [2009/09/10 15:42:46 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009/09/10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/08/04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/11 01:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/07/10 12:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 05:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe


========== Modules (SafeList) ==========

MOD - [2011/07/25 21:42:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.scr
MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/10/03 02:57:58 | 000,788,000 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/18 03:20:34 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/27 12:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2011/07/26 21:45:34 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/17 09:16:00 | 000,239,720 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/09/25 01:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/10 15:42:46 | 000,305,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/10 12:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 05:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/06/05 14:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/03 16:02:02 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/06/03 16:01:58 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/06/03 16:01:58 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/06/03 16:01:22 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/06/03 16:00:22 | 000,202,064 | ---- | M] (ESET) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/31 15:35:35 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/02/24 10:27:52 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/11/04 17:54:06 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/11/04 17:54:06 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/11/04 17:54:06 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/11/04 17:47:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/09/15 06:40:00 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/09/04 07:39:08 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/09/01 01:36:18 | 000,006,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim)
DRV:64bit: - [2009/09/01 01:36:16 | 000,026,624 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys -- (nuvotonhidcir)
DRV:64bit: - [2009/08/31 23:45:20 | 000,068,096 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotonir.sys -- (nuvotonir)
DRV:64bit: - [2009/08/31 22:42:04 | 000,048,128 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV:64bit: - [2009/08/21 07:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/08/14 16:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/21 08:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/01 06:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/07/01 06:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 06:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 06:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/24 05:00:18 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 04:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/23 01:08:37 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/05/05 10:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 10:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/10 00:23:02 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2009/04/07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/02/17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2008/11/19 17:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/19 17:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/19 17:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2008/03/28 17:25:30 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\OEM\factory\int15.sys -- (int15.sys)
DRV:64bit: - [2005/11/03 16:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2005/09/23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005/08/10 14:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005/05/16 15:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2007/02/07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 6t6864y705
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 6t6864y705
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - File not found


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:51434

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:51434



IE - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:58949

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://home.speedbit.com/search.aspx?aff=106&q="
FF - prefs.js..browser.search.order.1: "SpeedBit Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://home.speedbit.com/?aff=105"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsear ... searchfor="
FF - prefs.js..network.proxy.type: 4

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Honza\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\3.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/01 00:48:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/21 14:02:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009/12/28 16:57:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\mozilla\Extensions
[2011/07/24 17:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\mozilla\Firefox\Profiles\iz1hoxl4.default\extensions
[2010/06/04 16:30:47 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Honza\AppData\Roaming\mozilla\Firefox\Profiles\iz1hoxl4.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010/10/15 19:19:49 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Honza\AppData\Roaming\mozilla\Firefox\Profiles\iz1hoxl4.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/06/16 22:58:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Honza\AppData\Roaming\mozilla\Firefox\Profiles\iz1hoxl4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010/02/24 10:29:13 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Honza\AppData\Roaming\mozilla\Firefox\Profiles\iz1hoxl4.default\extensions\DTToolbar@toolbarnet.com
[2010/02/24 10:28:57 | 000,002,055 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\searchplugins\daemon-search.xml
[2011/06/16 22:58:20 | 000,000,168 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\searchplugins\icqplugin.gif
[2011/06/16 22:58:20 | 000,000,618 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\searchplugins\icqplugin.src
[2011/07/18 17:25:51 | 000,001,056 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\searchplugins\icqplugin.xml
[2010/11/19 15:17:41 | 000,010,025 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\searchplugins\mywebsearch.xml
[2010/06/04 16:30:46 | 000,002,062 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\searchplugins\qip-search.xml
[2011/06/30 18:31:07 | 000,002,516 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\iz1hoxl4.default\searchplugins\speedbit.xml
[2011/07/24 17:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/07/15 23:38:26 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/07/01 00:48:48 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011/07/01 00:48:48 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011/07/01 00:48:48 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011/07/01 00:48:48 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011/07/01 00:48:48 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011/07/27 22:25:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - File not found
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - File not found
O2 - BHO: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - File not found
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - File not found
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [Corel Photo Downloader] File not found
O4:64bit: - HKLM..\Run: [egui] File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] File not found
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3634586708-3529570969-1562118592-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/28 13:44:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/07/27 17:33:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/07/27 17:33:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/07/27 17:33:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/07/27 17:33:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/07/27 17:33:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/07/27 17:32:33 | 004,152,159 | R--- | C] (Swearware) -- C:\Users\Honza\Desktop\ComboFix.exe
[2011/07/26 21:11:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/07/26 21:09:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/07/26 19:01:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/25 21:42:43 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.scr
[2011/07/25 21:41:24 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\RK_Quarantine
[2011/07/25 21:05:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011/07/25 21:05:35 | 000,000,000 | ---D | C] -- C:\rsit
[2011/07/24 15:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011/07/24 15:43:47 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/07/21 14:55:24 | 000,000,000 | ---D | C] -- C:\Users\Honza\Desktop\Kytara
[2011/07/21 14:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/07/21 11:13:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/07/21 11:13:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/07/21 11:10:48 | 010,388,944 | ---- | C] (Microsoft Corporation) -- C:\Users\Honza\Desktop\mseinstall.exe
[2011/07/15 23:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/07/15 21:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/07/15 20:38:56 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\skypePM
[2011/07/15 20:35:10 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/07/15 20:35:09 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Skype
[2011/07/15 20:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/07/13 20:00:14 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2011/07/13 20:00:08 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/07/13 20:00:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/07/13 20:00:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/07/13 20:00:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/07/13 20:00:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/13 20:00:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/13 20:00:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/13 20:00:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/13 20:00:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/13 20:00:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/07/13 20:00:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/07/13 20:00:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/13 20:00:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/13 20:00:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/13 20:00:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/07/13 20:00:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/07/13 20:00:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/13 20:00:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/07/13 20:00:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/07/13 20:00:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/07/13 20:00:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/07/13 20:00:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/07/13 19:59:57 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/07/13 19:59:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/07/13 19:59:56 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/07/13 19:59:56 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/07/13 19:59:56 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/07/13 19:59:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/07/13 19:59:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/07/13 19:59:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/07/13 19:59:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/07/13 19:59:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/07/13 19:59:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/07/13 19:59:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/07/06 16:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011/07/06 16:14:40 | 000,000,000 | ---D | C] -- C:\Users\Honza\Application Data
[2011/07/04 12:27:13 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSWT Kart
[2011/07/04 12:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSWT Kart
[2011/07/04 12:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mswt kart
[2011/07/01 21:45:28 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2.5
[2011/07/01 21:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Fighter 2.5
[2011/07/01 21:45:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Little Fighter 2.5 - v2.0
[2011/07/01 10:15:59 | 000,000,000 | ---D | C] -- C:\MyWinLockerData
[2011/06/30 18:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2011/06/30 18:30:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedBit
[2011/06/30 18:30:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAP
[2011/06/30 16:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LittleFighter2
[2011/06/29 09:15:46 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/06/29 09:15:46 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll
[2011/06/29 09:15:46 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011/06/29 09:15:42 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/06/29 09:15:42 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/06/29 09:15:41 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/06/29 09:15:41 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/06/29 09:15:40 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/06/29 09:15:40 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/06/29 09:15:40 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/06/29 09:15:40 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/06/29 09:15:40 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/06/29 09:15:40 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/06/29 09:15:40 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/06/29 09:15:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011/06/29 09:15:39 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/06/29 09:15:39 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2009/11/10 02:23:16 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

========== Files - Modified Within 30 Days ==========

[2011/07/28 16:00:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/28 14:03:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/07/28 13:54:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/28 13:54:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/28 13:44:58 | 000,000,435 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011/07/28 13:44:49 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/28 13:44:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/28 13:44:19 | 3193,643,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/27 22:25:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/07/27 21:26:32 | 001,476,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/27 21:26:32 | 000,633,392 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011/07/27 21:26:32 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/27 21:26:32 | 000,122,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011/07/27 21:26:32 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/27 17:32:48 | 004,152,159 | R--- | M] (Swearware) -- C:\Users\Honza\Desktop\ComboFix.exe
[2011/07/27 16:28:45 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011/07/27 16:28:00 | 000,520,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/26 21:25:03 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2011/07/26 21:25:02 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2011/07/25 21:42:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.scr
[2011/07/25 14:15:55 | 000,000,458 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Honza.job
[2011/07/21 11:13:39 | 001,495,982 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/21 11:07:44 | 010,388,944 | ---- | M] (Microsoft Corporation) -- C:\Users\Honza\Desktop\mseinstall.exe
[2011/07/20 13:20:43 | 000,004,603 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\2C12.95D
[2011/07/19 20:55:41 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011/07/19 20:47:15 | 000,041,229 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2011/07/17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011/07/15 23:38:17 | 000,002,545 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/07/15 21:15:49 | 000,002,265 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/07/15 20:39:10 | 000,000,048 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/07/04 12:34:34 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2011/06/30 18:34:04 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011/06/30 18:30:08 | 000,109,216 | ---- | M] () -- C:\Windows\SysWow64\EasyHook64.dll
[2011/06/30 18:30:08 | 000,090,784 | ---- | M] () -- C:\Windows\SysWow64\EasyHook32.dll
[2011/06/30 17:02:34 | 000,000,194 | ---- | M] () -- C:\Delme.bat
[2011/06/29 14:26:30 | 4274,716,828 | ---- | M] () -- C:\Users\Honza\Documents\TempImage.nrg

========== Files Created - No Company Name ==========

[2011/07/27 17:33:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/07/27 17:33:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/07/27 17:33:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/07/27 17:33:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/07/27 17:33:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/07/25 21:46:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/07/21 14:02:09 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/07/21 11:13:39 | 001,495,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/21 11:13:18 | 000,001,932 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/07/19 22:28:22 | 000,004,603 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\2C12.95D
[2011/07/19 20:52:34 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011/07/19 20:52:33 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011/07/15 23:38:17 | 000,002,545 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/07/15 21:15:49 | 000,002,265 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/07/15 20:39:10 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/07/04 12:34:34 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/06/30 18:34:03 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/06/30 18:30:07 | 000,109,216 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2011/06/30 18:30:07 | 000,090,784 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2011/06/30 17:02:34 | 000,000,194 | ---- | C] () -- C:\Delme.bat
[2011/06/29 15:35:48 | 005,515,645 | ---- | C] () -- C:\Users\Honza\Desktop\16 Run Dmc vs. Jason Nevins - Its like that.mp3
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/02/01 21:23:03 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2010/01/29 16:39:16 | 000,000,427 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010/01/29 16:39:16 | 000,000,087 | ---- | C] () -- C:\Windows\dswplug.ini
[2010/01/29 16:39:09 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\mplaw7.dll
[2010/01/29 16:39:09 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\mplaa6.dll
[2010/01/29 16:39:09 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\mplam6.dll
[2010/01/29 16:39:09 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2010/01/29 16:34:27 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\pxhpinst.exe
[2010/01/28 23:40:36 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\A685CB1A32.sys
[2010/01/28 23:10:58 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2010/01/23 21:47:39 | 000,000,732 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/12/28 18:16:10 | 000,011,776 | ---- | C] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/28 16:57:17 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/10/17 09:16:00 | 000,095,848 | ---- | C] () -- C:\Windows\SysWow64\nvimage.dll
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/01/11 04:39:43 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2007/06/05 14:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe
[2003/04/09 15:38:04 | 000,005,664 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000019.DLL

========== LOP Check ==========

[2010/12/22 23:35:40 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\BlackBean
[2010/03/10 09:49:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\CadSoft
[2010/02/24 10:38:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
[2010/03/05 17:17:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Facebook
[2009/12/28 22:34:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\fretsonfire
[2009/12/28 14:36:19 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GameConsole
[2010/02/06 22:41:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\HighAndes
[2011/07/27 17:40:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ICQ
[2011/01/31 10:23:20 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Leadertech
[2010/07/29 15:46:21 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\LG Electronics
[2010/03/08 21:48:44 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\NCH Swift Sound
[2010/08/07 21:29:48 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\New Technology Studio
[2009/12/28 20:00:24 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PlayFirst
[2010/02/15 14:51:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PowerCinema
[2010/06/04 16:31:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QIP
[2010/02/15 14:51:01 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\SoftDMA
[2011/04/12 21:23:12 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\uTorrent
[2009/12/29 18:30:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ViquaSoft
[2011/05/11 20:42:28 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:444C53BA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:553CA6CA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE

< End of report >