Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Win32/Olmarik

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#46 Příspěvek od Kn1gu4 »

Obrázek
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#47 Příspěvek od Kn1gu4 »

a mam zaškrtnut aj scan all user či nie ?
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Win32/Olmarik

#48 Příspěvek od riffman »

ne, nemusite...tak jak jsem psal...a obsah logu OTL.txt, ktery bude po ukonceni skenu vygenerovan, sem ;)
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#49 Příspěvek od Kn1gu4 »

ok takže aj run scan aj run fix ?
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Win32/Olmarik

#50 Příspěvek od riffman »

ne, ted pouze Run scan; Run fix se pouziva pri pripadnem opravovani
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#51 Příspěvek od Kn1gu4 »

ok už sa na tom pracuje
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#52 Příspěvek od Kn1gu4 »

OTL logfile created on: 25. 7. 2010 12:27:59 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Acer\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 43,92 Gb Free Space | 30,49% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 82,41 Gb Free Space | 58,65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-PC
Current User Name: Acer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
PRC - [2010/07/24 15:40:42 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2010/06/30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010/06/21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2010/04/27 14:51:00 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
PRC - [2010/04/27 14:51:00 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
PRC - [2010/04/15 10:16:48 | 000,288,064 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/09/11 08:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/09/11 08:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/08/09 12:49:55 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/04/16 17:56:36 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/19 15:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008/04/28 09:35:36 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/25 21:36:02 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/03/03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe


========== Modules (SafeList) ==========

MOD - [2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
MOD - [2008/01/21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe -- (SandraDataSrv)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (MySQL)
SRV - [2010/07/24 13:00:59 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/06/21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/06/16 13:25:03 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/04/27 14:51:00 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe -- (EmmaDevMgmtSvc)
SRV - [2010/04/27 14:51:00 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe -- (EmmaUpdMgmtSvc)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/09/11 08:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 08:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/08/09 12:49:55 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/07/14 13:18:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/19 14:51:34 | 000,069,632 | ---- | M] (ElcomSoft Co. Ltd.) [On_Demand | Stopped] -- C:\Program Files\ElcomSoft\Proactive System Password Recovery\psprserv.exe -- (PSPRSERV)
SRV - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/04/16 17:56:36 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/10/19 15:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/04/25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/25 21:36:02 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/03/03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/21 04:25:21 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Acer\AppData\Local\Temp\VWIDAAA.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Acer\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/07/21 12:22:51 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/05/11 20:15:03 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/04/12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/11/07 19:20:47 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/09/11 08:26:26 | 000,038,240 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2009/09/11 08:26:20 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2009/09/11 08:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 08:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/08/07 08:42:36 | 001,053,056 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CamthWDM.sys -- (CAMTHWDM)
DRV - [2009/06/19 10:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/05/25 13:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009/05/25 13:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009/05/25 13:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009/05/25 13:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009/05/25 13:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009/05/25 13:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009/05/25 13:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009/04/09 15:59:48 | 000,958,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/08 18:46:38 | 003,848,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/05/30 13:17:54 | 000,093,968 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/05/28 18:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008/05/28 08:47:08 | 000,171,016 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/27 12:13:48 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2008/05/27 12:13:42 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2008/05/16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/05/09 13:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008/04/28 19:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/04/28 10:26:42 | 002,127,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/28 03:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/03/27 22:44:56 | 000,210,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008/03/26 00:41:30 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008/03/26 00:39:20 | 000,207,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008/03/26 00:38:32 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/03/21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/04 23:38:44 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008/03/04 23:38:44 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008/03/04 23:38:42 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008/02/27 13:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/02/18 16:09:40 | 000,166,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/14 03:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008/01/30 11:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008/01/30 11:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008/01/21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/10/19 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/16 02:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007/07/16 02:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/06/29 10:59:34 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2007/01/27 20:28:04 | 000,047,854 | ---- | M] (Silence of Troubles United Company Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FDCENT.SYS -- (FDCENT)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.mywebsearch.com/mywebsear ... 8Gq7_UZVOA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..extensions.enabledItems: {9565115d-c7d6-46d3-bd63-b67b481a4368}:2.4.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,regnow.com"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 7070
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/23 15:29:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/20 17:07:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/02/20 17:47:09 | 000,000,000 | ---D | M]

[2009/03/27 18:18:27 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Extensions
[2010/07/24 18:16:51 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (FBFan) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009/03/30 18:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/03/30 18:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/06/24 10:14:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\toolbar@ask.com
[2009/03/28 18:27:13 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles(28)\oww2j8c3.default\extensions
[2009/03/27 18:29:06 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles(28)\oww2j8c3.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/06/26 20:57:06 | 000,000,950 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Mozilla\FireFox\Profiles\3gucj1bf.default\searchplugins\icqplugin.xml
[2010/06/24 21:02:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/03/30 18:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/10/15 18:24:03 | 000,000,000 | ---D | M] (PageRage Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
[2010/06/24 21:02:06 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/27 20:54:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/10/15 18:23:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\plugin@yontoo.com
[2010/05/27 20:53:31 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009/06/24 14:56:44 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009/06/24 14:56:44 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009/06/24 14:56:44 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009/06/24 14:56:45 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009/06/24 14:56:45 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009/06/24 14:56:45 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010/07/23 15:36:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\Jccatch.dll (www.flashget.com)
O2 - BHO: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (no name) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PageRage Toolbar) - {9565115D-C7D6-46D3-BD63-B67B481A4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe (Koninklijke Philips Electronics N.V.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Acer\AppData\LocalLow\Microńoft\redir.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/25 12:18:57 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2010/07/24 18:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Get Styles
[2010/07/24 14:53:06 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/07/24 14:52:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/07/23 15:33:20 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\temp
[2010/07/23 15:33:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/07/21 12:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2010/07/21 12:20:42 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010/07/21 11:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\AMR to MP3 Converter
[2010/07/20 23:45:10 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/07/20 22:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/20 22:05:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/20 17:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/07/20 17:07:30 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Winamp
[2010/07/20 17:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/07/12 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\softendo.com
[2010/07/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\BSplayer Pro
[2010/07/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\BSplayer
[2010/07/06 11:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2010/07/02 16:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010/07/01 19:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2010/06/26 22:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2008/07/22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/25 12:23:12 | 002,883,584 | ---- | M] () -- C:\Users\Acer\ntuser.dat
[2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2010/07/25 12:17:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1002UA.job
[2010/07/25 12:14:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1001UA.job
[2010/07/25 12:00:02 | 000,000,484 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2010/07/25 11:47:01 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1000UA.job
[2010/07/25 11:46:01 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/25 11:42:36 | 000,000,214 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100725_114233.reg
[2010/07/25 11:42:21 | 002,910,642 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/25 11:42:21 | 002,328,196 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/25 11:42:21 | 000,005,272 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/25 11:37:24 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010/07/25 11:37:22 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/07/25 11:37:00 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/25 11:36:56 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/25 11:36:56 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/25 11:36:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/25 11:36:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/25 11:36:39 | 2649,145,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/24 23:15:05 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/07/24 23:15:04 | 000,524,288 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TMContainer00000000000000000002.regtrans-ms
[2010/07/24 23:15:04 | 000,065,536 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TM.blf
[2010/07/24 23:15:01 | 001,608,696 | -H-- | M] () -- C:\Users\Acer\AppData\Local\IconCache.db
[2010/07/24 20:55:36 | 000,050,519 | ---- | M] () -- C:\Users\Acer\Desktop\354DF3EB80F8E3E4C1F69BE082ED7D4E596A43C0.torrent
[2010/07/24 20:17:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1002Core.job
[2010/07/24 19:57:18 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Acer.job
[2010/07/24 13:39:01 | 000,000,780 | ---- | M] () -- C:\Users\Acer\Desktop\Virtual DJ.lnk
[2010/07/24 13:14:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1001Core.job
[2010/07/24 11:55:30 | 000,524,288 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TMContainer00000000000000000001.regtrans-ms
[2010/07/24 11:05:12 | 000,003,086 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100724_110509.reg
[2010/07/23 15:36:29 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/07/21 12:26:03 | 001,695,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/21 12:22:58 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/07/21 12:22:51 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/07/21 11:27:51 | 000,091,576 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010/07/21 09:47:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1000Core.job
[2010/07/20 23:45:21 | 148,197,423 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/20 20:55:22 | 000,000,740 | ---- | M] () -- C:\Users\Acer\Desktop\Winamp.lnk
[2010/07/12 18:45:27 | 000,002,048 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100712_184523.reg
[2010/07/09 20:10:10 | 062,428,594 | ---- | M] () -- C:\Users\Acer\Desktop\Babysitter_Edina_preteen_incest_(teenage_sex_porn_lolita_rus.wbmp
[2010/07/09 19:50:19 | 036,658,181 | ---- | M] () -- C:\Users\Acer\Desktop\powerpuff_girl_loli_porn_hentai_sex_dp_anal_pedo_incest.rar
[2010/07/08 21:13:17 | 000,001,044 | ---- | M] () -- C:\Users\Acer\Desktop\CM 10.lnk
[2010/07/03 20:05:27 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/07/03 17:37:24 | 000,102,750 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100703_173709.reg
[2010/07/01 20:33:03 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III - The WarChiefs.lnk
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/25 11:42:35 | 000,000,214 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100725_114233.reg
[2010/07/24 20:55:36 | 000,050,519 | ---- | C] () -- C:\Users\Acer\Desktop\354DF3EB80F8E3E4C1F69BE082ED7D4E596A43C0.torrent
[2010/07/24 12:58:35 | 2649,145,344 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/24 11:05:11 | 000,003,086 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100724_110509.reg
[2010/07/21 12:22:58 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/07/21 10:19:32 | 000,000,780 | ---- | C] () -- C:\Users\Acer\Desktop\Virtual DJ.lnk
[2010/07/20 22:34:02 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/07/20 20:54:44 | 000,000,740 | ---- | C] () -- C:\Users\Acer\Desktop\Winamp.lnk
[2010/07/12 18:45:26 | 000,002,048 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100712_184523.reg
[2010/07/09 19:55:11 | 062,428,594 | ---- | C] () -- C:\Users\Acer\Desktop\Babysitter_Edina_preteen_incest_(teenage_sex_porn_lolita_rus.wbmp
[2010/07/09 19:45:43 | 036,658,181 | ---- | C] () -- C:\Users\Acer\Desktop\powerpuff_girl_loli_porn_hentai_sex_dp_anal_pedo_incest.rar
[2010/07/08 21:13:17 | 000,001,044 | ---- | C] () -- C:\Users\Acer\Desktop\CM 10.lnk
[2010/07/03 17:37:12 | 000,102,750 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100703_173709.reg
[2010/07/01 20:33:03 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III - The WarChiefs.lnk
[2010/05/07 18:42:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/05/07 18:42:34 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/04/15 20:27:48 | 000,000,032 | ---- | C] () -- C:\Windows\tdlp32.ini
[2010/04/06 16:08:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\APmpg4v1.dll
[2010/02/11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010/02/01 14:49:12 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/12/07 21:59:03 | 000,000,120 | ---- | C] () -- C:\Windows\disney.ini
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/10/28 18:26:51 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/10/04 19:31:40 | 000,000,048 | ---- | C] () -- C:\Windows\winfile.ini
[2009/07/07 10:18:58 | 000,000,068 | ---- | C] () -- C:\Windows\Awpr.ini
[2009/07/02 09:56:07 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/06/06 17:24:49 | 000,001,387 | ---- | C] () -- C:\Windows\Bringer.INI
[2009/05/25 21:08:09 | 000,000,023 | ---- | C] () -- C:\Windows\clofghls.dll
[2009/04/28 21:10:44 | 000,001,888 | ---- | C] () -- C:\Windows\wininit.ini
[2009/03/15 18:35:17 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI
[2009/01/13 00:01:50 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/01/12 22:22:12 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2009/01/12 21:14:20 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/01/12 21:10:51 | 000,000,026 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2008/12/24 21:11:24 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/12/24 21:11:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2008/12/23 20:22:21 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/12/23 16:22:20 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/12/23 16:22:20 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/08/21 08:05:45 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/26 19:18:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/05/26 19:18:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/05/26 18:10:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008/05/26 18:05:27 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/05/26 17:48:55 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/02/09 06:58:22 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\CamthWDM.sys
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:861A898F
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:8173A019
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:C95B63DA
@Alternate Data Stream - 64 bytes -> C:\Users\Acer\Desktop\LSD trip.avi:TOC.WMV
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:2D303E10
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:9F683177
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:2B99FE60
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:9D1B94FD
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:FEBEC560
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:131C0EE9
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:4BB26BE9
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:580E04D8
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:3E7393FC
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:302A9871
< End of report >
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Win32/Olmarik

#53 Příspěvek od riffman »

spustte znovu HiJackThis

spustte C:\Program Files\trend micro\Acer.exe


v operacnich systemech Windows Vista a Windows 7 spoustejte aplikaci jako spravce (kliknutim pravym mysitkem na ikonu aplikace a volbou "Spustit jako spravce" :!:

neprovadejte sken, ale kliknete na tlacitko Open the Misc Tools Section

nahore jsou ctyri tlacitka, musi byt zamacknute Misc Tools:

Obrázek

najdete vlevo tlacitko Open ADS Spy , kliknete na nej, v nasledujicim okne zruste zaskrtnuti chlivku Quick scan (Windows base folder only), kliknete na Scan, chvili vyckejte, nez probehne sken, pote kliknete na Save log (obsah logu sem) a dale pak klik na Remove selected

po restartu sem hodte novy log z OTL
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#54 Příspěvek od Kn1gu4 »

C:\ComboFix\f_system : test (3 bytes)
C:\Program Files\Acer GameZone\PopCap Games\Chuzzle Deluxe\Chuzzle.exe : {12A3A8D0-3ED0-553D-12CB-D54A9B622179} (95 bytes)
C:\Program Files\Acer GameZone\PopCap Games\Chuzzle Deluxe\Chuzzle.exe : {2B3DDB40-12FE-49D1-A492-D319BB2C9719} (95 bytes)
C:\Program Files\Acer GameZone\PopCap Games\Chuzzle Deluxe\Chuzzle.exe : {ACC79AF4-1A45-0791-8A52-6208E8EA3509} (95 bytes)
C:\Program Files\Acer GameZone\PopCap Games\Chuzzle Deluxe\Chuzzle.exe : {E2F234EA-8C80-4582-A60D-BDE2A62FE644} (95 bytes)
C:\ProgramData\Temp : 131C0EE9 (122 bytes)
C:\ProgramData\Temp : 2B99FE60 (126 bytes)
C:\ProgramData\Temp : 2D303E10 (135 bytes)
C:\ProgramData\Temp : 302A9871 (100 bytes)
C:\ProgramData\Temp : 3E7393FC (106 bytes)
C:\ProgramData\Temp : 4BB26BE9 (109 bytes)
C:\ProgramData\Temp : 4CF61E54 (113 bytes)
C:\ProgramData\Temp : 580E04D8 (107 bytes)
C:\ProgramData\Temp : 793F316E (106 bytes)
C:\ProgramData\Temp : 8173A019 (99 bytes)
C:\ProgramData\Temp : 861A898F (99 bytes)
C:\ProgramData\Temp : 9D1B94FD (124 bytes)
C:\ProgramData\Temp : 9E22BBE8 (123 bytes)
C:\ProgramData\Temp : 9F683177 (133 bytes)
C:\ProgramData\Temp : A8ADE5D8 (109 bytes)
C:\ProgramData\Temp : C95B63DA (98 bytes)
C:\ProgramData\Temp : DFC5A2B2 (147 bytes)
C:\ProgramData\Temp : FEBEC560 (123 bytes)
C:\ProgramData\Temp : 131C0EE9 (122 bytes)
C:\ProgramData\Temp : 2B99FE60 (126 bytes)
C:\ProgramData\Temp : 2D303E10 (135 bytes)
C:\ProgramData\Temp : 302A9871 (100 bytes)
C:\ProgramData\Temp : 3E7393FC (106 bytes)
C:\ProgramData\Temp : 4BB26BE9 (109 bytes)
C:\ProgramData\Temp : 4CF61E54 (113 bytes)
C:\ProgramData\Temp : 580E04D8 (107 bytes)
C:\ProgramData\Temp : 793F316E (106 bytes)
C:\ProgramData\Temp : 8173A019 (99 bytes)
C:\ProgramData\Temp : 861A898F (99 bytes)
C:\ProgramData\Temp : 9D1B94FD (124 bytes)
C:\ProgramData\Temp : 9E22BBE8 (123 bytes)
C:\ProgramData\Temp : 9F683177 (133 bytes)
C:\ProgramData\Temp : A8ADE5D8 (109 bytes)
C:\ProgramData\Temp : C95B63DA (98 bytes)
C:\ProgramData\Temp : DFC5A2B2 (147 bytes)
C:\ProgramData\Temp : FEBEC560 (123 bytes)
C:\Users\Acer\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\11D176C4-00000001.eml : OECustomProperty (1072 bytes)
C:\Users\Acer\Desktop\LSD trip.avi : TOC.WMV (64 bytes)
C:\Users\All Users\Temp : 131C0EE9 (122 bytes)
C:\Users\All Users\Temp : 2B99FE60 (126 bytes)
C:\Users\All Users\Temp : 2D303E10 (135 bytes)
C:\Users\All Users\Temp : 302A9871 (100 bytes)
C:\Users\All Users\Temp : 3E7393FC (106 bytes)
C:\Users\All Users\Temp : 4BB26BE9 (109 bytes)
C:\Users\All Users\Temp : 4CF61E54 (113 bytes)
C:\Users\All Users\Temp : 580E04D8 (107 bytes)
C:\Users\All Users\Temp : 793F316E (106 bytes)
C:\Users\All Users\Temp : 8173A019 (99 bytes)
C:\Users\All Users\Temp : 861A898F (99 bytes)
C:\Users\All Users\Temp : 9D1B94FD (124 bytes)
C:\Users\All Users\Temp : 9E22BBE8 (123 bytes)
C:\Users\All Users\Temp : 9F683177 (133 bytes)
C:\Users\All Users\Temp : A8ADE5D8 (109 bytes)
C:\Users\All Users\Temp : C95B63DA (98 bytes)
C:\Users\All Users\Temp : DFC5A2B2 (147 bytes)
C:\Users\All Users\Temp : FEBEC560 (123 bytes)
C:\Users\All Users\Temp : 131C0EE9 (122 bytes)
C:\Users\All Users\Temp : 2B99FE60 (126 bytes)
C:\Users\All Users\Temp : 2D303E10 (135 bytes)
C:\Users\All Users\Temp : 302A9871 (100 bytes)
C:\Users\All Users\Temp : 3E7393FC (106 bytes)
C:\Users\All Users\Temp : 4BB26BE9 (109 bytes)
C:\Users\All Users\Temp : 4CF61E54 (113 bytes)
C:\Users\All Users\Temp : 580E04D8 (107 bytes)
C:\Users\All Users\Temp : 793F316E (106 bytes)
C:\Users\All Users\Temp : 8173A019 (99 bytes)
C:\Users\All Users\Temp : 861A898F (99 bytes)
C:\Users\All Users\Temp : 9D1B94FD (124 bytes)
C:\Users\All Users\Temp : 9E22BBE8 (123 bytes)
C:\Users\All Users\Temp : 9F683177 (133 bytes)
C:\Users\All Users\Temp : A8ADE5D8 (109 bytes)
C:\Users\All Users\Temp : C95B63DA (98 bytes)
C:\Users\All Users\Temp : DFC5A2B2 (147 bytes)
C:\Users\All Users\Temp : FEBEC560 (123 bytes)
C:\Users\BaYa\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\1562162F-00000001.eml : OECustomProperty (1072 bytes)
C:\Users\BaYa\Desktop\mp3\Arsenium - Rumadai.mp3 : TOC.WMV (64 bytes)
C:\Users\BaYa\Desktop\mp3\baya.mp3 : TOC.WMV (64 bytes)
C:\Users\BaYa\Desktop\mp3\safri-duo_baya-baya.mp3 : TOC.WMV (64 bytes)
C:\Users\BaYa\Desktop\strojopiss\Ja som hroch,ja som hroch - XXX.mp3 : TOC.WMV (64 bytes)
C:\Users\BaYa\Downloads\Twilight.[2008.English].TS.HQ.DivX-LTT\Twilight.[2008.English].TS.HQ.DivX-LTT.avi : TOC.WMV (64 bytes)
C:\Users\Zuzka\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\046A215A-00000001.eml : OECustomProperty (1072 bytes)
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#55 Příspěvek od Kn1gu4 »

+ Log z OTL :
OTL logfile created on: 25. 7. 2010 15:43:05 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Acer\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 43,88 Gb Free Space | 30,46% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 82,41 Gb Free Space | 58,65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-PC
Current User Name: Acer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
PRC - [2010/07/24 15:40:42 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2010/06/30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010/06/21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2010/04/27 14:51:00 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
PRC - [2010/04/27 14:51:00 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
PRC - [2010/04/15 10:16:48 | 000,288,064 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/09/11 08:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/09/11 08:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/08/09 12:49:55 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/04/16 17:56:36 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/19 15:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008/04/28 09:35:36 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/25 21:36:02 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/03/03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe


========== Modules (SafeList) ==========

MOD - [2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
MOD - [2008/01/21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe -- (SandraDataSrv)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (MySQL)
SRV - [2010/07/24 13:00:59 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/06/21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/06/16 13:25:03 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/04/27 14:51:00 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe -- (EmmaDevMgmtSvc)
SRV - [2010/04/27 14:51:00 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe -- (EmmaUpdMgmtSvc)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/09/11 08:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 08:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/08/09 12:49:55 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/07/14 13:18:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/19 14:51:34 | 000,069,632 | ---- | M] (ElcomSoft Co. Ltd.) [On_Demand | Stopped] -- C:\Program Files\ElcomSoft\Proactive System Password Recovery\psprserv.exe -- (PSPRSERV)
SRV - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/04/16 17:56:36 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/10/19 15:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/04/25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/25 21:36:02 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/03/03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/21 04:25:21 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Acer\AppData\Local\Temp\VWIDAAA.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Acer\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/07/21 12:22:51 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/05/11 20:15:03 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/04/12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/11/07 19:20:47 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/09/11 08:26:26 | 000,038,240 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2009/09/11 08:26:20 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2009/09/11 08:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 08:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/08/07 08:42:36 | 001,053,056 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CamthWDM.sys -- (CAMTHWDM)
DRV - [2009/06/19 10:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/05/25 13:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009/05/25 13:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009/05/25 13:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009/05/25 13:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009/05/25 13:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009/05/25 13:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009/05/25 13:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009/04/09 15:59:48 | 000,958,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/08 18:46:38 | 003,848,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/05/30 13:17:54 | 000,093,968 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/05/28 18:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008/05/28 08:47:08 | 000,171,016 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/27 12:13:48 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2008/05/27 12:13:42 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2008/05/16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/05/09 13:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008/04/28 19:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/04/28 10:26:42 | 002,127,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/28 03:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/03/27 22:44:56 | 000,210,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008/03/26 00:41:30 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008/03/26 00:39:20 | 000,207,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008/03/26 00:38:32 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/03/21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/04 23:38:44 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008/03/04 23:38:44 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008/03/04 23:38:42 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008/02/27 13:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/02/18 16:09:40 | 000,166,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/14 03:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008/01/30 11:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008/01/30 11:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008/01/21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/10/19 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/16 02:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007/07/16 02:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/06/29 10:59:34 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2007/01/27 20:28:04 | 000,047,854 | ---- | M] (Silence of Troubles United Company Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FDCENT.SYS -- (FDCENT)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.mywebsearch.com/mywebsear ... 8Gq7_UZVOA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..extensions.enabledItems: {9565115d-c7d6-46d3-bd63-b67b481a4368}:2.4.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,regnow.com"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 7070
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/23 15:29:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/20 17:07:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/02/20 17:47:09 | 000,000,000 | ---D | M]

[2009/03/27 18:18:27 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Extensions
[2010/07/24 18:16:51 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (FBFan) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009/03/30 18:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/03/30 18:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/06/24 10:14:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\toolbar@ask.com
[2009/03/28 18:27:13 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles(28)\oww2j8c3.default\extensions
[2009/03/27 18:29:06 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles(28)\oww2j8c3.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/06/26 20:57:06 | 000,000,950 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Mozilla\FireFox\Profiles\3gucj1bf.default\searchplugins\icqplugin.xml
[2010/06/24 21:02:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/03/30 18:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/10/15 18:24:03 | 000,000,000 | ---D | M] (PageRage Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
[2010/06/24 21:02:06 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/27 20:54:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/10/15 18:23:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\plugin@yontoo.com
[2010/05/27 20:53:31 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009/06/24 14:56:44 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009/06/24 14:56:44 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009/06/24 14:56:44 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009/06/24 14:56:45 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009/06/24 14:56:45 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009/06/24 14:56:45 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010/07/23 15:36:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\Jccatch.dll (www.flashget.com)
O2 - BHO: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (no name) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PageRage Toolbar) - {9565115D-C7D6-46D3-BD63-B67B481A4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe (Koninklijke Philips Electronics N.V.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Acer\AppData\LocalLow\Microńoft\redir.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/25 12:18:57 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2010/07/24 18:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Get Styles
[2010/07/24 14:53:06 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/07/24 14:52:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/07/23 15:33:20 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\temp
[2010/07/23 15:33:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/07/21 12:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2010/07/21 12:20:42 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010/07/21 11:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\AMR to MP3 Converter
[2010/07/20 23:45:10 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/07/20 22:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/20 22:05:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/20 17:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/07/20 17:07:30 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Winamp
[2010/07/20 17:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/07/12 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\softendo.com
[2010/07/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\BSplayer Pro
[2010/07/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\BSplayer
[2010/07/06 11:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2010/07/02 16:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010/07/01 19:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2010/06/26 22:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2008/07/22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/25 15:47:21 | 002,915,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/25 15:47:21 | 002,332,894 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/25 15:47:20 | 000,005,272 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/25 15:47:10 | 002,883,584 | ---- | M] () -- C:\Users\Acer\ntuser.dat
[2010/07/25 15:47:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1000UA.job
[2010/07/25 15:46:01 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/25 15:40:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/07/25 15:40:45 | 000,000,435 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010/07/25 15:40:40 | 000,000,484 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2010/07/25 15:40:15 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/25 15:40:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/25 15:40:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/25 15:39:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/25 15:39:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/25 15:39:42 | 2649,145,344 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/25 15:38:43 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/07/25 15:38:33 | 000,524,288 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TMContainer00000000000000000002.regtrans-ms
[2010/07/25 15:38:33 | 000,065,536 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TM.blf
[2010/07/25 15:38:27 | 001,620,390 | -H-- | M] () -- C:\Users\Acer\AppData\Local\IconCache.db
[2010/07/25 15:17:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1002UA.job
[2010/07/25 15:14:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1001UA.job
[2010/07/25 13:13:59 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1001Core.job
[2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2010/07/25 11:42:36 | 000,000,214 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100725_114233.reg
[2010/07/24 20:55:36 | 000,050,519 | ---- | M] () -- C:\Users\Acer\Desktop\354DF3EB80F8E3E4C1F69BE082ED7D4E596A43C0.torrent
[2010/07/24 20:17:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1002Core.job
[2010/07/24 19:57:18 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Acer.job
[2010/07/24 13:39:01 | 000,000,780 | ---- | M] () -- C:\Users\Acer\Desktop\Virtual DJ.lnk
[2010/07/24 11:55:30 | 000,524,288 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TMContainer00000000000000000001.regtrans-ms
[2010/07/24 11:05:12 | 000,003,086 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100724_110509.reg
[2010/07/23 15:36:29 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/07/21 12:26:03 | 001,695,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/21 12:22:58 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/07/21 12:22:51 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/07/21 11:27:51 | 000,091,576 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010/07/21 09:47:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1000Core.job
[2010/07/20 23:45:21 | 148,197,423 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/20 20:55:22 | 000,000,740 | ---- | M] () -- C:\Users\Acer\Desktop\Winamp.lnk
[2010/07/12 18:45:27 | 000,002,048 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100712_184523.reg
[2010/07/09 19:50:19 | 036,658,181 | ---- | M] () -- C:\Users\Acer\Desktop\powerpuff_girl_loli_porn_hentai_sex_dp_anal_pedo_incest.rar
[2010/07/08 21:13:17 | 000,001,044 | ---- | M] () -- C:\Users\Acer\Desktop\CM 10.lnk
[2010/07/03 20:05:27 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/07/03 17:37:24 | 000,102,750 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100703_173709.reg
[2010/07/01 20:33:03 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III - The WarChiefs.lnk
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/25 11:42:35 | 000,000,214 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100725_114233.reg
[2010/07/24 20:55:36 | 000,050,519 | ---- | C] () -- C:\Users\Acer\Desktop\354DF3EB80F8E3E4C1F69BE082ED7D4E596A43C0.torrent
[2010/07/24 12:58:35 | 2649,145,344 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/24 11:05:11 | 000,003,086 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100724_110509.reg
[2010/07/21 12:22:58 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/07/21 10:19:32 | 000,000,780 | ---- | C] () -- C:\Users\Acer\Desktop\Virtual DJ.lnk
[2010/07/20 22:34:02 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/07/20 20:54:44 | 000,000,740 | ---- | C] () -- C:\Users\Acer\Desktop\Winamp.lnk
[2010/07/12 18:45:26 | 000,002,048 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100712_184523.reg
[2010/07/09 19:45:43 | 036,658,181 | ---- | C] () -- C:\Users\Acer\Desktop\powerpuff_girl_loli_porn_hentai_sex_dp_anal_pedo_incest.rar
[2010/07/08 21:13:17 | 000,001,044 | ---- | C] () -- C:\Users\Acer\Desktop\CM 10.lnk
[2010/07/03 17:37:12 | 000,102,750 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100703_173709.reg
[2010/07/01 20:33:03 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III - The WarChiefs.lnk
[2010/05/07 18:42:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/05/07 18:42:34 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/04/15 20:27:48 | 000,000,032 | ---- | C] () -- C:\Windows\tdlp32.ini
[2010/04/06 16:08:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\APmpg4v1.dll
[2010/02/11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010/02/01 14:49:12 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/12/07 21:59:03 | 000,000,120 | ---- | C] () -- C:\Windows\disney.ini
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/10/28 18:26:51 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/10/04 19:31:40 | 000,000,048 | ---- | C] () -- C:\Windows\winfile.ini
[2009/07/07 10:18:58 | 000,000,068 | ---- | C] () -- C:\Windows\Awpr.ini
[2009/07/02 09:56:07 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/06/06 17:24:49 | 000,001,387 | ---- | C] () -- C:\Windows\Bringer.INI
[2009/05/25 21:08:09 | 000,000,023 | ---- | C] () -- C:\Windows\clofghls.dll
[2009/04/28 21:10:44 | 000,001,888 | ---- | C] () -- C:\Windows\wininit.ini
[2009/03/15 18:35:17 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI
[2009/01/13 00:01:50 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/01/12 22:22:12 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2009/01/12 21:14:20 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/01/12 21:10:51 | 000,000,026 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2008/12/24 21:11:24 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/12/24 21:11:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2008/12/23 20:22:21 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/12/23 16:22:20 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/12/23 16:22:20 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/08/21 08:05:45 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/26 19:18:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/05/26 19:18:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/05/26 18:10:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008/05/26 18:05:27 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/05/26 17:48:55 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/02/09 06:58:22 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\CamthWDM.sys
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Win32/Olmarik

#56 Příspěvek od riffman »

prosim zopakovat postup s prejmenovanym HJT a OTL, stale tam neco zustalo
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#57 Příspěvek od Kn1gu4 »

log z HJT :

C:\ProgramData\Temp : DFC5A2B2 (147 bytes)
C:\ProgramData\Temp : DFC5A2B2 (147 bytes)
C:\Users\Acer\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\11D176C4-00000001.eml : OECustomProperty (976 bytes)
C:\Users\All Users\Temp : DFC5A2B2 (147 bytes)
C:\Users\All Users\Temp : DFC5A2B2 (147 bytes)
C:\Users\BaYa\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\1562162F-00000001.eml : OECustomProperty (976 bytes)
C:\Users\Zuzka\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\046A215A-00000001.eml : OECustomProperty (976 bytes)
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Win32/Olmarik

#58 Příspěvek od riffman »

jeste aktualni OTL prosim
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Kn1gu4
Návštěvník
Návštěvník
Příspěvky: 136
Registrován: 20 črc 2010 20:37

Re: Win32/Olmarik

#59 Příspěvek od Kn1gu4 »

log z OTL :

OTL logfile created on: 26. 7. 2010 11:50:43 - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Acer\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 42,18 Gb Free Space | 29,28% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 96,51 Gb Free Space | 68,69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-PC
Current User Name: Acer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
PRC - [2010/07/24 15:40:42 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Acer\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2010/06/30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010/06/21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2010/04/27 14:51:00 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
PRC - [2010/04/27 14:51:00 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
PRC - [2010/04/15 10:16:48 | 000,288,064 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/09/11 08:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/09/11 08:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/08/09 12:49:55 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/04/16 17:56:36 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/19 15:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008/04/28 09:35:36 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/25 21:36:02 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/03/03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe


========== Modules (SafeList) ==========

MOD - [2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
MOD - [2008/01/21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe -- (SandraDataSrv)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (MySQL)
SRV - [2010/07/24 13:00:59 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/06/21 10:23:34 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/06/16 13:25:03 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/04/27 14:51:00 | 000,306,296 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe -- (EmmaDevMgmtSvc)
SRV - [2010/04/27 14:51:00 | 000,162,936 | ---- | M] (Sony Ericsson Mobile Communications) [Auto | Running] -- C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe -- (EmmaUpdMgmtSvc)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/09/11 08:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/11 08:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/08/09 12:49:55 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/07/14 13:18:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/19 14:51:34 | 000,069,632 | ---- | M] (ElcomSoft Co. Ltd.) [On_Demand | Stopped] -- C:\Program Files\ElcomSoft\Proactive System Password Recovery\psprserv.exe -- (PSPRSERV)
SRV - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/04/16 17:56:36 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/10/19 15:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/04/25 21:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/25 21:36:02 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/21 13:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/03/03 13:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/21 04:25:21 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Acer\AppData\Local\Temp\VWIDAAA.tmp -- (GarenaPEngine)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Acer\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/07/21 12:22:51 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/05/11 20:15:03 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/04/12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/11/07 19:20:47 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/09/11 08:26:26 | 000,038,240 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2009/09/11 08:26:20 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2009/09/11 08:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/11 08:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/08/07 08:42:36 | 001,053,056 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CamthWDM.sys -- (CAMTHWDM)
DRV - [2009/06/19 10:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/05/25 13:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029unic.sys -- (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM)
DRV - [2009/05/25 13:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009/05/25 13:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029bus.sys -- (s1029bus) Sony Ericsson Device 1029 driver (WDM)
DRV - [2009/05/25 13:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009/05/25 13:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mgmt.sys -- (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM)
DRV - [2009/05/25 13:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009/05/25 13:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029nd5.sys -- (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS)
DRV - [2009/04/09 15:59:48 | 000,958,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/08 18:46:38 | 003,848,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/05/30 13:17:54 | 000,093,968 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/05/28 18:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008/05/28 08:47:08 | 000,171,016 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/27 12:13:48 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2008/05/27 12:13:42 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2008/05/16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/05/09 13:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008/04/28 19:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/04/28 10:26:42 | 002,127,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/28 03:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/03/27 22:44:56 | 000,210,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008/03/26 00:41:30 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008/03/26 00:39:20 | 000,207,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008/03/26 00:38:32 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/03/21 10:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/04 23:38:44 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008/03/04 23:38:44 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008/03/04 23:38:42 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008/02/27 13:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/02/18 16:09:40 | 000,166,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/02/14 03:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008/01/30 11:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008/01/30 11:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008/01/21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 04:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/10/19 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/16 02:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007/07/16 02:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007/06/29 10:59:34 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2007/01/27 20:28:04 | 000,047,854 | ---- | M] (Silence of Troubles United Company Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FDCENT.SYS -- (FDCENT)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.mywebsearch.com/mywebsear ... 8Gq7_UZVOA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..extensions.enabledItems: {9565115d-c7d6-46d3-bd63-b67b481a4368}:2.4.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,regnow.com"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 7070
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=megaup&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/23 15:29:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/20 17:07:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/02/20 17:47:09 | 000,000,000 | ---D | M]

[2009/03/27 18:18:27 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Extensions
[2010/07/24 18:16:51 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010/07/24 18:21:08 | 000,000,000 | ---D | M] (FBFan) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2009/03/30 18:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2009/03/30 18:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/03/30 18:29:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/06/24 10:14:35 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles\3gucj1bf.default\extensions\toolbar@ask.com
[2009/03/28 18:27:13 | 000,000,000 | ---D | M] -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles(28)\oww2j8c3.default\extensions
[2009/03/27 18:29:06 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Acer\AppData\Roaming\mozilla\Firefox\Profiles(28)\oww2j8c3.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2009/06/26 20:57:06 | 000,000,950 | ---- | M] () -- C:\Users\Acer\AppData\Roaming\Mozilla\FireFox\Profiles\3gucj1bf.default\searchplugins\icqplugin.xml
[2010/06/24 21:02:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/03/30 18:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/10/15 18:24:03 | 000,000,000 | ---D | M] (PageRage Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
[2010/06/24 21:02:06 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/27 20:54:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/10/15 18:23:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\plugin@yontoo.com
[2010/05/27 20:53:31 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009/06/24 14:56:44 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009/06/24 14:56:44 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009/06/24 14:56:44 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009/06/24 14:56:45 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009/06/24 14:56:45 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009/06/24 14:56:45 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010/07/23 15:36:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\Jccatch.dll (www.flashget.com)
O2 - BHO: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (no name) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PageRage Toolbar) - {9565115D-C7D6-46D3-BD63-B67B481A4368} - C:\Program Files\PageRage\tbPage.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe (Koninklijke Philips Electronics N.V.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Acer\AppData\LocalLow\Microńoft\redir.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/25 12:18:57 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2010/07/24 18:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Get Styles
[2010/07/24 14:53:06 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/07/24 14:52:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/07/23 15:33:20 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Local\temp
[2010/07/23 15:33:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/07/21 12:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2010/07/21 12:20:42 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010/07/21 11:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\AMR to MP3 Converter
[2010/07/20 23:45:10 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/07/20 22:05:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/20 22:05:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/20 17:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010/07/20 17:07:30 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\Winamp
[2010/07/20 17:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/07/12 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\softendo.com
[2010/07/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\BSplayer Pro
[2010/07/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Acer\AppData\Roaming\BSplayer
[2010/07/06 11:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2010/07/02 16:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010/07/01 19:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2010/06/26 22:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2008/07/22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/26 11:59:03 | 002,883,584 | ---- | M] () -- C:\Users\Acer\ntuser.dat
[2010/07/26 11:55:40 | 002,930,666 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/26 11:55:40 | 002,347,452 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/26 11:55:40 | 000,005,276 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/26 11:49:29 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010/07/26 11:49:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/07/26 11:49:26 | 000,000,484 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2010/07/26 11:49:05 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/26 11:48:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/26 11:48:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/26 11:48:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/26 11:48:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/26 11:48:43 | 2647,064,576 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/26 11:47:54 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/07/26 11:47:52 | 000,524,288 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TMContainer00000000000000000002.regtrans-ms
[2010/07/26 11:47:52 | 000,065,536 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TM.blf
[2010/07/26 11:47:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1000UA.job
[2010/07/26 11:46:02 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/26 00:17:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1002UA.job
[2010/07/26 00:13:59 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1001UA.job
[2010/07/25 20:30:02 | 000,000,472 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Acer.job
[2010/07/25 15:38:27 | 001,620,390 | -H-- | M] () -- C:\Users\Acer\AppData\Local\IconCache.db
[2010/07/25 13:13:59 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1001Core.job
[2010/07/25 12:18:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Acer\Desktop\OTL.exe
[2010/07/25 11:42:36 | 000,000,214 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100725_114233.reg
[2010/07/24 20:17:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1002Core.job
[2010/07/24 13:39:01 | 000,000,780 | ---- | M] () -- C:\Users\Acer\Desktop\Virtual DJ.lnk
[2010/07/24 11:55:30 | 000,524,288 | -HS- | M] () -- C:\Users\Acer\ntuser.dat{1ab6e869-4f9c-11de-9761-001eeccbbd29}.TMContainer00000000000000000001.regtrans-ms
[2010/07/24 11:05:12 | 000,003,086 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100724_110509.reg
[2010/07/23 15:36:29 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/07/21 12:26:03 | 001,695,168 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/21 12:22:58 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/07/21 12:22:51 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/07/21 11:27:51 | 000,091,576 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010/07/21 09:47:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-535194301-2542288228-1683754161-1000Core.job
[2010/07/20 23:45:21 | 148,197,423 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/07/20 20:55:22 | 000,000,740 | ---- | M] () -- C:\Users\Acer\Desktop\Winamp.lnk
[2010/07/12 18:45:27 | 000,002,048 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100712_184523.reg
[2010/07/09 19:50:19 | 036,658,181 | ---- | M] () -- C:\Users\Acer\Desktop\powerpuff_girl_loli_porn_hentai_sex_dp_anal_pedo_incest.rar
[2010/07/08 21:13:17 | 000,001,044 | ---- | M] () -- C:\Users\Acer\Desktop\CM 10.lnk
[2010/07/03 20:05:27 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/07/03 17:37:24 | 000,102,750 | ---- | M] () -- C:\Users\Acer\Documents\cc_20100703_173709.reg
[2010/07/01 20:33:03 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III - The WarChiefs.lnk
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/25 11:42:35 | 000,000,214 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100725_114233.reg
[2010/07/24 12:58:35 | 2647,064,576 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/24 11:05:11 | 000,003,086 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100724_110509.reg
[2010/07/21 12:22:58 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
[2010/07/21 10:19:32 | 000,000,780 | ---- | C] () -- C:\Users\Acer\Desktop\Virtual DJ.lnk
[2010/07/20 22:34:02 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/07/20 20:54:44 | 000,000,740 | ---- | C] () -- C:\Users\Acer\Desktop\Winamp.lnk
[2010/07/12 18:45:26 | 000,002,048 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100712_184523.reg
[2010/07/09 19:45:43 | 036,658,181 | ---- | C] () -- C:\Users\Acer\Desktop\powerpuff_girl_loli_porn_hentai_sex_dp_anal_pedo_incest.rar
[2010/07/08 21:13:17 | 000,001,044 | ---- | C] () -- C:\Users\Acer\Desktop\CM 10.lnk
[2010/07/03 17:37:12 | 000,102,750 | ---- | C] () -- C:\Users\Acer\Documents\cc_20100703_173709.reg
[2010/07/01 20:33:03 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III - The WarChiefs.lnk
[2010/05/07 18:42:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/05/07 18:42:34 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/04/15 20:27:48 | 000,000,032 | ---- | C] () -- C:\Windows\tdlp32.ini
[2010/04/06 16:08:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\APmpg4v1.dll
[2010/02/11 09:58:56 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010/02/01 14:49:12 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/12/07 21:59:03 | 000,000,120 | ---- | C] () -- C:\Windows\disney.ini
[2009/11/06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/10/28 18:26:51 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/10/04 19:31:40 | 000,000,048 | ---- | C] () -- C:\Windows\winfile.ini
[2009/07/07 10:18:58 | 000,000,068 | ---- | C] () -- C:\Windows\Awpr.ini
[2009/07/02 09:56:07 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/06/06 17:24:49 | 000,001,387 | ---- | C] () -- C:\Windows\Bringer.INI
[2009/05/25 21:08:09 | 000,000,023 | ---- | C] () -- C:\Windows\clofghls.dll
[2009/04/28 21:10:44 | 000,001,888 | ---- | C] () -- C:\Windows\wininit.ini
[2009/03/15 18:35:17 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI
[2009/01/13 00:01:50 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/01/12 22:22:12 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2009/01/12 21:14:20 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/01/12 21:10:51 | 000,000,026 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2008/12/24 21:11:24 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/12/24 21:11:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2008/12/23 20:22:21 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/12/23 16:22:20 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/12/23 16:22:20 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/08/21 08:05:45 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/26 19:18:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/05/26 19:18:19 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/05/26 18:10:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008/05/26 18:05:27 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/05/26 17:48:55 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/02/09 06:58:22 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\CamthWDM.sys
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Win32/Olmarik

#60 Příspěvek od riffman »

stahnete GMER , rozbalte a spustte


v operacnich systemech Windows Vista a Windows 7 spoustejte aplikaci jako spravce (kliknutim pravym mysitkem na ikonu aplikace a volbou "Spustit jako spravce" :!:

probehne sken, po jehoz ukonceni na vas bafnou vysledky

pote kliknete na Save a ulozite tak log, jehoz obsah sem vlozte

pote dle tohoto navodu absolvujte druhy sken a opet obsah logu sem :)
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“