Preventivní kontrola Vyřešeno

[Mous]

ComboFix 10-01-21.08 - Mous 22.01.2010 22:51:21.2.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.3063.1660 [GMT 1:00]
Spuštěný z: c:\users\Mous\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Mous\Desktop\CFScript.txt
AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Symantec Endpoint Protection *disabled* (Updated) {6C85A515-B91D-4D2B-AF18-40984A4A8493}

FILE ::
"C:\client_extractor.exe"
"C:\dll_loading_1.1652.0.exe"
"C:\run_dll.exe"
"c:\users\Mous\AppData\Local\Temp\KXXA66D.tmp"
"c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\client_extractor.exe
C:\dll_loading_1.1652.0.exe
c:\program files\F-Secure
c:\program files\F-Secure\common\custom\custom1\common\banner_vs_common_422x60.bmp
c:\program files\F-Secure\common\custom\custom1\common\gres.custom
c:\program files\F-Secure\common\custom\custom1\common\ico_all.ico
c:\program files\F-Secure\common\custom\custom1\common\strres.custom
c:\program files\F-Secure\common\custom\custom1\fsbw\banner_setup_370x60.bmp
c:\program files\F-Secure\common\custom\custom1\fsbw\banner_setup_492x74.bmp
c:\program files\F-Secure\common\custom\custom1\fsbw\fsbwres.custom
c:\program files\F-Secure\common\custom\custom1\fsbw\ico_uninstall.ico
c:\program files\F-Secure\common\custom\custom1\fsgui\advanced\banner_advanced_591x59.bmp
c:\program files\F-Secure\common\custom\custom1\fsgui\advanced\banner_advanced_788x72.bmp
c:\program files\F-Secure\common\custom\custom1\fsgui\advanced\fsavauires.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\dialogs\scanwizard\fsavures.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\dialogs\securitynews\banner_virus_news_422x60.bmp
c:\program files\F-Secure\common\custom\custom1\fsgui\dialogs\securitynews\fsavvnres.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\flyer\flyer.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\banner_main_563x60.bmp
c:\program files\F-Secure\common\custom\custom1\fsgui\main\banner_main_750x74.bmp
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-csy.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-dan.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-deu.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-ell.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-eng.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-esn.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-eti.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-fin.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-fra.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-hun.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-chs.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-cht.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-ita.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-jpn.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-nld.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-nor.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-plk.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-ptb.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-ptg.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-rom.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-rus.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-slv.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-sve.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-trk.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres-zhh.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\main\fsavgres.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\splash\aboutres.custom
c:\program files\F-Secure\common\custom\custom1\fsgui\splash\bmp_about_406x259.bmp
c:\program files\F-Secure\common\custom\custom1\fsgui\splash\bmp_splash_208x320.bmp
c:\program files\F-Secure\common\custom\custom1\fsma\fsmres.custom
c:\program files\F-Secure\common\custom\custom1\help\custom.css
c:\program files\F-Secure\common\custom\custom1\help\f_icon.gif
c:\program files\F-Secure\common\custom\custom1\help\f_icon_errorstate.gif
c:\program files\F-Secure\common\custom\custom1\help\f_icon_installing.gif
c:\program files\F-Secure\common\custom\custom1\help\f_icon_unloaded.gif
c:\program files\F-Secure\common\custom\custom1\help\f_icon_warning.gif
c:\program files\F-Secure\common\custom\custom1\help\gui_disabl_yellow.gif
c:\program files\F-Secure\common\custom\custom1\help\gui_error_state.gif
c:\program files\F-Secure\common\custom\custom1\help\gui_ok_blue.gif
c:\program files\F-Secure\common\custom\custom1\help\gui_ok_green.gif
c:\program files\F-Secure\common\custom\custom1\help\gui_subs_expired.gif
c:\program files\F-Secure\common\custom\custom1\help\chmres.custom
c:\program files\F-Secure\common\custom\custom1\help\icon_alert.png
c:\program files\F-Secure\common\custom\custom1\help\icon_allow.png
c:\program files\F-Secure\common\custom\custom1\help\icon_allow_number.png
c:\program files\F-Secure\common\custom\custom1\help\icon_deny.png
c:\program files\F-Secure\common\custom\custom1\help\icon_deny_number.png
c:\program files\F-Secure\common\custom\custom1\help\icon_ruledir_both.png
c:\program files\F-Secure\common\custom\custom1\help\icon_ruledir_in.png
c:\program files\F-Secure\common\custom\custom1\help\icon_ruledir_out.png
c:\program files\F-Secure\common\custom\custom1\help\icon_ruledir_start.gif
c:\program files\F-Secure\common\custom\custom1\help\pc_adult.png
c:\program files\F-Secure\common\custom\custom1\help\pc_dating.png
c:\program files\F-Secure\common\custom\custom1\help\pc_drugs.png
c:\program files\F-Secure\common\custom\custom1\help\pc_gambling.png
c:\program files\F-Secure\common\custom\custom1\help\pc_hate.png
c:\program files\F-Secure\common\custom\custom1\help\pc_chat.png
c:\program files\F-Secure\common\custom\custom1\help\pc_sport.png
c:\program files\F-Secure\common\custom\custom1\help\pc_travel.png
c:\program files\F-Secure\common\custom\custom1\help\pc_unknown.png
c:\program files\F-Secure\common\custom\custom1\help\pc_violence.png
c:\program files\F-Secure\common\custom\custom1\help\pc_weapons.png
c:\program files\F-Secure\common\custom\custom1\help\pc_webmail.png
c:\program files\F-Secure\common\custom\custom1\help\sys_tray.gif
c:\program files\F-Secure\common\custom\custom1\help\sys_tray2.gif
c:\program files\F-Secure\common\custom\custom1\help\systray_icon_critical_warning.gif
c:\program files\F-Secure\common\custom\custom1\help\systray_icon_download_progress.gif
c:\program files\F-Secure\common\custom\custom1\help\tooltip.gif
c:\program files\F-Secure\common\custom\custom1\rifs\FSR000004B4.JAR
c:\program files\F-Secure\common\custom\custom1\rifs\rifs.ini
c:\program files\F-Secure\common\custom\custom1\setup\fssetup.custom
c:\program files\F-Secure\common\custom\custom1\setup\fsuninst.custom
c:\program files\F-Secure\common\custom\custom1\setup\wizard256.bmp
c:\program files\F-Secure\common\custom\custom1\setup\wizard256large.bmp
c:\program files\F-Secure\common\custom\custom1\tnb\banner_tnb_458x60.bmp
c:\program files\F-Secure\common\custom\custom1\tnb\banner_tnb_610x74.bmp
c:\program files\F-Secure\common\custom\custom1\tnb\tnbres.custom
c:\program files\F-Secure\common\custom\custom2\common\banner_vs_common_422x60.bmp
c:\program files\F-Secure\common\custom\custom2\common\gres.custom
c:\program files\F-Secure\common\custom\custom2\common\ico_all.ico
c:\program files\F-Secure\common\custom\custom2\common\strres.custom
c:\program files\F-Secure\common\custom\custom2\fsbw\banner_setup_370x60.bmp
c:\program files\F-Secure\common\custom\custom2\fsbw\banner_setup_492x74.bmp
c:\program files\F-Secure\common\custom\custom2\fsbw\fsbwres.custom
c:\program files\F-Secure\common\custom\custom2\fsbw\ico_uninstall.ico
c:\program files\F-Secure\common\custom\custom2\fsgui\advanced\banner_advanced_591x59.bmp
c:\program files\F-Secure\common\custom\custom2\fsgui\advanced\banner_advanced_788x72.bmp
c:\program files\F-Secure\common\custom\custom2\fsgui\advanced\fsavauires.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\dialogs\scanwizard\fsavures.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\dialogs\securitynews\banner_virus_news_422x60.bmp
c:\program files\F-Secure\common\custom\custom2\fsgui\dialogs\securitynews\fsavvnres.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\flyer\flyer.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\banner_main_563x60.bmp
c:\program files\F-Secure\common\custom\custom2\fsgui\main\banner_main_750x74.bmp
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-csy.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-dan.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-deu.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-ell.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-eng.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-esn.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-eti.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-fin.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-fra.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-hun.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-chs.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-cht.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-ita.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-jpn.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-nld.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-nor.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-plk.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-ptb.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-ptg.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-rom.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-rus.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-slv.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-sve.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-trk.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres-zhh.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\main\fsavgres.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\splash\aboutres.custom
c:\program files\F-Secure\common\custom\custom2\fsgui\splash\bmp_about_406x259.bmp
c:\program files\F-Secure\common\custom\custom2\fsgui\splash\bmp_splash_208x320.bmp
c:\program files\F-Secure\common\custom\custom2\fsma\fsmres.custom
c:\program files\F-Secure\common\custom\custom2\help\custom.css
c:\program files\F-Secure\common\custom\custom2\help\f_icon.gif
c:\program files\F-Secure\common\custom\custom2\help\f_icon_errorstate.gif
c:\program files\F-Secure\common\custom\custom2\help\f_icon_installing.gif
c:\program files\F-Secure\common\custom\custom2\help\f_icon_unloaded.gif
c:\program files\F-Secure\common\custom\custom2\help\f_icon_warning.gif
c:\program files\F-Secure\common\custom\custom2\help\gui_disabl_yellow.gif
c:\program files\F-Secure\common\custom\custom2\help\gui_error_state.gif
c:\program files\F-Secure\common\custom\custom2\help\gui_ok_blue.gif
c:\program files\F-Secure\common\custom\custom2\help\gui_ok_green.gif
c:\program files\F-Secure\common\custom\custom2\help\gui_subs_expired.gif
c:\program files\F-Secure\common\custom\custom2\help\chmres.custom
c:\program files\F-Secure\common\custom\custom2\help\icon_alert.png
c:\program files\F-Secure\common\custom\custom2\help\icon_allow.png
c:\program files\F-Secure\common\custom\custom2\help\icon_allow_number.png
c:\program files\F-Secure\common\custom\custom2\help\icon_deny.png
c:\program files\F-Secure\common\custom\custom2\help\icon_deny_number.png
c:\program files\F-Secure\common\custom\custom2\help\icon_ruledir_both.png
c:\program files\F-Secure\common\custom\custom2\help\icon_ruledir_in.png
c:\program files\F-Secure\common\custom\custom2\help\icon_ruledir_out.png
c:\program files\F-Secure\common\custom\custom2\help\icon_ruledir_start.gif
c:\program files\F-Secure\common\custom\custom2\help\pc_adult.png
c:\program files\F-Secure\common\custom\custom2\help\pc_dating.png
c:\program files\F-Secure\common\custom\custom2\help\pc_drugs.png
c:\program files\F-Secure\common\custom\custom2\help\pc_gambling.png
c:\program files\F-Secure\common\custom\custom2\help\pc_hate.png
c:\program files\F-Secure\common\custom\custom2\help\pc_chat.png
c:\program files\F-Secure\common\custom\custom2\help\pc_sport.png
c:\program files\F-Secure\common\custom\custom2\help\pc_travel.png
c:\program files\F-Secure\common\custom\custom2\help\pc_unknown.png
c:\program files\F-Secure\common\custom\custom2\help\pc_violence.png
c:\program files\F-Secure\common\custom\custom2\help\pc_weapons.png
c:\program files\F-Secure\common\custom\custom2\help\pc_webmail.png
c:\program files\F-Secure\common\custom\custom2\help\sys_tray.gif
c:\program files\F-Secure\common\custom\custom2\help\sys_tray2.gif
c:\program files\F-Secure\common\custom\custom2\help\systray_icon_critical_warning.gif
c:\program files\F-Secure\common\custom\custom2\help\systray_icon_download_progress.gif
c:\program files\F-Secure\common\custom\custom2\help\tooltip.gif
c:\program files\F-Secure\common\custom\custom2\rifs\FSR000004B4.JAR
c:\program files\F-Secure\common\custom\custom2\rifs\rifs.ini
c:\program files\F-Secure\common\custom\custom2\setup\fssetup.custom
c:\program files\F-Secure\common\custom\custom2\setup\fsuninst.custom
c:\program files\F-Secure\common\custom\custom2\setup\wizard256.bmp
c:\program files\F-Secure\common\custom\custom2\setup\wizard256large.bmp
c:\program files\F-Secure\common\custom\custom2\tnb\banner_tnb_458x60.bmp
c:\program files\F-Secure\common\custom\custom2\tnb\banner_tnb_610x74.bmp
c:\program files\F-Secure\common\custom\custom2\tnb\tnbres.custom
c:\program files\F-Secure\common\custom\custom3\common\banner_vs_common_422x60.bmp
c:\program files\F-Secure\common\custom\custom3\common\gres.custom
c:\program files\F-Secure\common\custom\custom3\common\ico_all.ico
c:\program files\F-Secure\common\custom\custom3\common\strres.custom
c:\program files\F-Secure\common\custom\custom3\fsbw\banner_setup_370x60.bmp
c:\program files\F-Secure\common\custom\custom3\fsbw\banner_setup_492x74.bmp
c:\program files\F-Secure\common\custom\custom3\fsbw\fsbwres.custom
c:\program files\F-Secure\common\custom\custom3\fsbw\ico_uninstall.ico
c:\program files\F-Secure\common\custom\custom3\fsgui\advanced\banner_advanced_591x59.bmp
c:\program files\F-Secure\common\custom\custom3\fsgui\advanced\banner_advanced_788x72.bmp
c:\program files\F-Secure\common\custom\custom3\fsgui\advanced\fsavauires.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\dialogs\scanwizard\fsavures.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\dialogs\securitynews\banner_virus_news_422x60.bmp
c:\program files\F-Secure\common\custom\custom3\fsgui\dialogs\securitynews\fsavvnres.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\flyer\flyer.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\banner_main_563x60.bmp
c:\program files\F-Secure\common\custom\custom3\fsgui\main\banner_main_750x74.bmp
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-csy.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-dan.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-deu.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-ell.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-eng.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-esn.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-eti.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-fin.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-fra.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-hun.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-chs.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-cht.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-ita.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-jpn.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-nld.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-nor.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-plk.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-ptb.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-ptg.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-rom.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-rus.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-slv.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-sve.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-trk.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres-zhh.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\main\fsavgres.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\splash\aboutres.custom
c:\program files\F-Secure\common\custom\custom3\fsgui\splash\bmp_about_406x259.bmp
c:\program files\F-Secure\common\custom\custom3\fsgui\splash\bmp_splash_208x320.bmp
c:\program files\F-Secure\common\custom\custom3\fsma\fsmres.custom
c:\program files\F-Secure\common\custom\custom3\help\custom.css
c:\program files\F-Secure\common\custom\custom3\help\f_icon.gif
c:\program files\F-Secure\common\custom\custom3\help\f_icon_errorstate.gif
c:\program files\F-Secure\common\custom\custom3\help\f_icon_installing.gif
c:\program files\F-Secure\common\custom\custom3\help\f_icon_unloaded.gif
c:\program files\F-Secure\common\custom\custom3\help\f_icon_warning.gif
c:\program files\F-Secure\common\custom\custom3\help\gui_disabl_yellow.gif
c:\program files\F-Secure\common\custom\custom3\help\gui_error_state.gif
c:\program files\F-Secure\common\custom\custom3\help\gui_ok_blue.gif
c:\program files\F-Secure\common\custom\custom3\help\gui_ok_green.gif
c:\program files\F-Secure\common\custom\custom3\help\gui_subs_expired.gif
c:\program files\F-Secure\common\custom\custom3\help\chmres.custom
c:\program files\F-Secure\common\custom\custom3\help\icon_alert.png
c:\program files\F-Secure\common\custom\custom3\help\icon_allow.png
c:\program files\F-Secure\common\custom\custom3\help\icon_allow_number.png
c:\program files\F-Secure\common\custom\custom3\help\icon_deny.png
c:\program files\F-Secure\common\custom\custom3\help\icon_deny_number.png
c:\program files\F-Secure\common\custom\custom3\help\icon_ruledir_both.png
c:\program files\F-Secure\common\custom\custom3\help\icon_ruledir_in.png
c:\program files\F-Secure\common\custom\custom3\help\icon_ruledir_out.png
c:\program files\F-Secure\common\custom\custom3\help\icon_ruledir_start.gif
c:\program files\F-Secure\common\custom\custom3\help\pc_adult.png
c:\program files\F-Secure\common\custom\custom3\help\pc_dating.png
c:\program files\F-Secure\common\custom\custom3\help\pc_drugs.png
c:\program files\F-Secure\common\custom\custom3\help\pc_gambling.png
c:\program files\F-Secure\common\custom\custom3\help\pc_hate.png
c:\program files\F-Secure\common\custom\custom3\help\pc_chat.png
c:\program files\F-Secure\common\custom\custom3\help\pc_sport.png
c:\program files\F-Secure\common\custom\custom3\help\pc_travel.png
c:\program files\F-Secure\common\custom\custom3\help\pc_unknown.png
c:\program files\F-Secure\common\custom\custom3\help\pc_violence.png
c:\program files\F-Secure\common\custom\custom3\help\pc_weapons.png
c:\program files\F-Secure\common\custom\custom3\help\pc_webmail.png
c:\program files\F-Secure\common\custom\custom3\help\sys_tray.gif
c:\program files\F-Secure\common\custom\custom3\help\sys_tray2.gif
c:\program files\F-Secure\common\custom\custom3\help\systray_icon_critical_warning.gif
c:\program files\F-Secure\common\custom\custom3\help\systray_icon_download_progress.gif
c:\program files\F-Secure\common\custom\custom3\help\tooltip.gif
c:\program files\F-Secure\common\custom\custom3\rifs\FSR000004B4.JAR
c:\program files\F-Secure\common\custom\custom3\rifs\rifs.ini
c:\program files\F-Secure\common\custom\custom3\setup\fssetup.custom
c:\program files\F-Secure\common\custom\custom3\setup\fsuninst.custom
c:\program files\F-Secure\common\custom\custom3\setup\wizard256.bmp
c:\program files\F-Secure\common\custom\custom3\setup\wizard256large.bmp
c:\program files\F-Secure\common\custom\custom3\tnb\banner_tnb_458x60.bmp
c:\program files\F-Secure\common\custom\custom3\tnb\banner_tnb_610x74.bmp
c:\program files\F-Secure\common\custom\custom3\tnb\tnbres.custom
c:\program files\F-Secure\common\custom\custom4\common\banner_vs_common_422x60.bmp
c:\program files\F-Secure\common\custom\custom4\common\gres.custom
c:\program files\F-Secure\common\custom\custom4\common\ico_all.ico
c:\program files\F-Secure\common\custom\custom4\common\strres.custom
c:\program files\F-Secure\common\custom\custom4\fsbw\banner_setup_370x60.bmp
c:\program files\F-Secure\common\custom\custom4\fsbw\banner_setup_492x74.bmp
c:\program files\F-Secure\common\custom\custom4\fsbw\fsbwres.custom
c:\program files\F-Secure\common\custom\custom4\fsbw\ico_uninstall.ico
c:\program files\F-Secure\common\custom\custom4\fsgui\advanced\banner_advanced_591x59.bmp
c:\program files\F-Secure\common\custom\custom4\fsgui\advanced\banner_advanced_788x72.bmp
c:\program files\F-Secure\common\custom\custom4\fsgui\advanced\fsavauires.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\dialogs\scanwizard\fsavures.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\dialogs\securitynews\banner_virus_news_422x60.bmp
c:\program files\F-Secure\common\custom\custom4\fsgui\dialogs\securitynews\fsavvnres.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\flyer\flyer.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\banner_main_563x60.bmp
c:\program files\F-Secure\common\custom\custom4\fsgui\main\banner_main_750x74.bmp
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-csy.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-dan.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-deu.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-ell.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-eng.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-esn.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-eti.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-fin.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-fra.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-hun.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-chs.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-cht.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-ita.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-jpn.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-nld.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-nor.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-plk.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-ptb.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-ptg.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-rom.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-rus.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-slv.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-sve.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-trk.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres-zhh.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\main\fsavgres.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\splash\aboutres.custom
c:\program files\F-Secure\common\custom\custom4\fsgui\splash\bmp_about_406x259.bmp
c:\program files\F-Secure\common\custom\custom4\fsgui\splash\bmp_splash_208x320.bmp
c:\program files\F-Secure\common\custom\custom4\fsma\fsmres.custom
c:\program files\F-Secure\common\custom\custom4\help\custom.css
c:\program files\F-Secure\common\custom\custom4\help\f_icon.gif
c:\program files\F-Secure\common\custom\custom4\help\f_icon_errorstate.gif
c:\program files\F-Secure\common\custom\custom4\help\f_icon_installing.gif
c:\program files\F-Secure\common\custom\custom4\help\f_icon_unloaded.gif
c:\program files\F-Secure\common\custom\custom4\help\f_icon_warning.gif
c:\program files\F-Secure\common\custom\custom4\help\gui_disabl_yellow.gif
c:\program files\F-Secure\common\custom\custom4\help\gui_error_state.gif
c:\program files\F-Secure\common\custom\custom4\help\gui_ok_blue.gif
c:\program files\F-Secure\common\custom\custom4\help\gui_ok_green.gif
c:\program files\F-Secure\common\custom\custom4\help\gui_subs_expired.gif
c:\program files\F-Secure\common\custom\custom4\help\chmres.custom
c:\program files\F-Secure\common\custom\custom4\help\icon_alert.png
c:\program files\F-Secure\common\custom\custom4\help\icon_allow.png
c:\program files\F-Secure\common\custom\custom4\help\icon_allow_number.png
c:\program files\F-Secure\common\custom\custom4\help\icon_deny.png
c:\program files\F-Secure\common\custom\custom4\help\icon_deny_number.png
c:\program files\F-Secure\common\custom\custom4\help\icon_ruledir_both.png
c:\program files\F-Secure\common\custom\custom4\help\icon_ruledir_in.png
c:\program files\F-Secure\common\custom\custom4\help\icon_ruledir_out.png
c:\program files\F-Secure\common\custom\custom4\help\icon_ruledir_start.gif
c:\program files\F-Secure\common\custom\custom4\help\pc_adult.png
c:\program files\F-Secure\common\custom\custom4\help\pc_dating.png
c:\program files\F-Secure\common\custom\custom4\help\pc_drugs.png
c:\program files\F-Secure\common\custom\custom4\help\pc_gambling.png
c:\program files\F-Secure\common\custom\custom4\help\pc_hate.png
c:\program files\F-Secure\common\custom\custom4\help\pc_chat.png
c:\program files\F-Secure\common\custom\custom4\help\pc_sport.png
c:\program files\F-Secure\common\custom\custom4\help\pc_travel.png
c:\program files\F-Secure\common\custom\custom4\help\pc_unknown.png
c:\program files\F-Secure\common\custom\custom4\help\pc_violence.png
c:\program files\F-Secure\common\custom\custom4\help\pc_weapons.png
c:\program files\F-Secure\common\custom\custom4\help\pc_webmail.png
c:\program files\F-Secure\common\custom\custom4\help\sys_tray.gif
c:\program files\F-Secure\common\custom\custom4\help\sys_tray2.gif
c:\program files\F-Secure\common\custom\custom4\help\systray_icon_critical_warning.gif
c:\program files\F-Secure\common\custom\custom4\help\systray_icon_download_progress.gif
c:\program files\F-Secure\common\custom\custom4\help\tooltip.gif
c:\program files\F-Secure\common\custom\custom4\rifs\FSR000004B4.JAR
c:\program files\F-Secure\common\custom\custom4\rifs\rifs.ini
c:\program files\F-Secure\common\custom\custom4\setup\fssetup.custom
c:\program files\F-Secure\common\custom\custom4\setup\fsuninst.custom
c:\program files\F-Secure\common\custom\custom4\setup\wizard256.bmp
c:\program files\F-Secure\common\custom\custom4\setup\wizard256large.bmp
c:\program files\F-Secure\common\custom\custom4\tnb\banner_tnb_458x60.bmp
c:\program files\F-Secure\common\custom\custom4\tnb\banner_tnb_610x74.bmp
c:\program files\F-Secure\common\custom\custom4\tnb\tnbres.custom
c:\program files\F-Secure\common\custom\uninst.log
C:\run_dll.exe
c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP\WiseCustomCalla.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-22 do 2010-01-22 )))))))))))))))))))))))))))))))
.

2099-12-24 07:16 . 2099-12-24 07:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2099-12-24 07:16 . 2099-12-24 07:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2099-12-23 21:04 . 2010-01-22 19:36 -------- d-----w- c:\users\Mous\AppData\Roaming\Hamachi
2099-12-23 21:04 . 2009-11-25 16:50 -------- d-----w- c:\program files\Hamachi
2010-01-22 21:56 . 2010-01-22 21:56 -------- d-----w- c:\users\Mous\AppData\Local\temp
2010-01-22 21:56 . 2010-01-22 21:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-22 21:56 . 2010-01-22 21:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-22 21:07 . 2010-01-22 21:47 -------- d-----w- c:\users\Mous\DoctorWeb
2010-01-22 20:14 . 2010-01-22 20:14 -------- d-----w- c:\users\Mous\AppData\Roaming\Ubisoft
2010-01-22 20:14 . 2010-01-22 20:14 -------- d-----w- c:\programdata\Ubisoft
2010-01-22 20:12 . 2010-01-22 20:12 -------- d--h--w- c:\windows\PIF
2010-01-21 21:14 . 2010-01-21 21:14 -------- d-----w- c:\program files\Trend Micro
2010-01-21 19:25 . 2010-01-21 19:25 -------- d-----w- c:\users\Mous\AppData\Roaming\Malwarebytes
2010-01-21 19:25 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-21 19:25 . 2010-01-21 19:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-21 19:25 . 2010-01-21 19:25 -------- d-----w- c:\programdata\Malwarebytes
2010-01-21 19:25 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-21 19:18 . 2009-12-14 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\CCERASER.DLL
2010-01-21 19:18 . 2009-11-16 09:00 84912 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\NAVENG.SYS
2010-01-21 19:18 . 2009-11-16 09:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\EECTRL.SYS
2010-01-21 19:18 . 2009-11-16 09:00 259440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\ECMSVR32.DLL
2010-01-21 19:18 . 2009-11-16 09:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\NAVENG32.DLL
2010-01-21 19:18 . 2009-11-16 09:00 1647984 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\NAVEX32A.DLL
2010-01-21 19:18 . 2009-11-16 09:00 1323568 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\NAVEX15.SYS
2010-01-21 19:18 . 2009-11-16 09:00 102448 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100121.005\ERASER.SYS
2010-01-20 19:12 . 2009-04-20 21:12 149768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\cndcipsdefs\20100119.001\WPSHelper.sys
2010-01-05 18:13 . 2010-01-05 18:13 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-05 18:13 . 2010-01-05 18:13 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-05 18:13 . 2010-01-05 18:13 -------- d-----w- c:\program files\OpenAL
2010-01-05 18:12 . 2010-01-05 18:13 -------- d-----w- c:\program files\Zombie Driver
2010-01-04 23:06 . 2010-01-04 23:06 -------- d-----w- c:\programdata\Martau
2010-01-04 23:06 . 2010-01-04 23:06 -------- d-----w- c:\program files\Total Uninstall 5
2010-01-04 16:55 . 2010-01-04 16:55 -------- d-----w- c:\programdata\Futuremark
2010-01-04 16:33 . 2010-01-04 16:33 -------- d-----w- c:\windows\system32\Futuremark
2010-01-04 16:33 . 2010-01-04 16:33 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2010-01-04 16:33 . 2008-04-22 07:53 27672 ----a-r- c:\windows\system32\drivers\Entech.sys
2010-01-04 16:32 . 2010-01-04 16:32 -------- d-----w- c:\program files\Futuremark
2010-01-04 16:30 . 2010-01-04 16:30 -------- d-----w- c:\users\Mous\AppData\Roaming\InstallShield
2010-01-03 13:11 . 2010-01-03 13:11 -------- d-----w- C:\Diskeeper
2010-01-03 13:07 . 2009-10-21 00:04 45232 ----a-w- c:\windows\system32\drivers\DKRtWrt.sys
2010-01-03 13:07 . 2010-01-03 13:07 -------- d-----w- c:\programdata\Diskeeper Corporation
2010-01-03 13:07 . 2010-01-03 13:07 -------- d-----w- c:\program files\Common Files\Diskeeper Corporation
2010-01-03 13:07 . 2010-01-03 13:07 -------- d-----w- c:\program files\Windows Home Server
2010-01-03 13:07 . 2010-01-03 13:07 -------- d-----w- c:\program files\Diskeeper Corporation
2010-01-01 21:34 . 2010-01-01 21:34 -------- d-----w- c:\users\Mous\AppData\Local\Divinity 2
2010-01-01 21:32 . 2010-01-01 21:32 -------- d-----w- c:\programdata\Divinity 2
2010-01-01 01:12 . 2010-01-01 01:12 -------- d-----w- c:\users\Mous\AppData\Roaming\DAEMON Tools
2010-01-01 01:09 . 2010-01-01 01:09 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-01 01:09 . 2010-01-01 01:09 -------- d-----w- c:\users\Mous\AppData\Roaming\DAEMON Tools Pro
2010-01-01 00:55 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-01-01 00:55 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-01-01 00:55 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-01-01 00:50 . 2010-01-01 00:50 -------- d-----w- c:\program files\Codemasters
2009-12-30 20:20 . 2010-01-04 23:09 -------- d-----w- c:\users\Mous\AppData\Roaming\Vso
2009-12-30 20:20 . 2009-12-30 20:20 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-30 20:20 . 2009-12-30 20:20 47360 ----a-w- c:\users\Mous\AppData\Roaming\pcouffin.sys
2009-12-30 20:20 . 2009-12-30 20:20 -------- d-----w- c:\program files\DVDFab 6
2009-12-30 20:17 . 2009-12-30 20:17 -------- d-----w- c:\programdata\DVD Shrink
2009-12-30 20:17 . 2009-12-30 20:17 -------- d-----w- c:\program files\DVD Shrink
2009-12-30 20:10 . 2009-12-30 20:10 -------- d-----w- c:\users\Mous\AppData\Roaming\Nero
2009-12-29 23:18 . 2009-12-29 23:18 -------- d-----w- c:\users\Mous\AppData\Roaming\Ventrilo
2009-12-29 23:14 . 2009-12-29 23:14 -------- d-----w- c:\windows\Trine v1.04 Steam Update
2009-12-29 23:09 . 2009-12-31 00:14 -------- d-----w- c:\program files\Trine
2009-12-29 20:56 . 2009-12-29 20:56 -------- d-----w- c:\program files\Alawar
2009-12-28 12:08 . 2009-12-28 12:14 -------- d-----w- c:\users\Mous\AppData\Roaming\GetRight

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-22 21:56 . 2009-12-05 22:46 -------- d-----w- c:\users\Mous\AppData\Roaming\Skype
2010-01-22 20:06 . 2009-11-23 12:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-22 19:40 . 2009-11-20 17:10 634392 ----a-w- c:\windows\system32\perfh005.dat
2010-01-22 19:40 . 2009-11-20 17:10 124754 ----a-w- c:\windows\system32\perfc005.dat
2010-01-22 19:37 . 2009-12-05 22:49 -------- d-----w- c:\users\Mous\AppData\Roaming\skypePM
2010-01-22 19:35 . 2009-11-26 19:29 -------- d-----w- c:\programdata\NVIDIA
2010-01-21 21:09 . 2009-07-30 00:13 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-04 16:32 . 2009-11-26 19:28 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-01 13:16 . 2009-07-30 00:11 -------- d-----w- c:\programdata\Nero
2010-01-01 13:16 . 2009-07-30 00:11 -------- d-----w- c:\program files\Nero
2010-01-01 13:16 . 2009-07-30 00:11 -------- d-----w- c:\program files\Common Files\Nero
2009-12-31 20:20 . 2009-11-20 16:53 109216 ----a-w- c:\users\Mous\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-28 12:15 . 2009-12-14 18:45 -------- d-----w- c:\users\Mous\AppData\Roaming\Hide IP NG
2009-12-27 12:21 . 2009-11-21 21:31 -------- d-----w- c:\program files\Cheat Engine
2009-12-17 19:30 . 2009-12-17 19:30 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-14 18:48 . 2009-12-14 18:48 -------- d-----w- c:\program files\ProxyShell
2009-12-14 18:36 . 2009-12-14 18:34 -------- d-----w- c:\program files\PingFu Iris
2009-12-14 18:35 . 2009-12-14 18:34 -------- d-----w- c:\users\Mous\AppData\Roaming\ArtOfPing
2009-12-14 09:00 . 2009-12-14 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\CCERASER.DLL
2009-12-10 20:38 . 2009-12-10 20:37 -------- d-----w- c:\users\Mous\AppData\Roaming\IObit
2009-12-09 21:06 . 2009-12-09 20:51 -------- d-----w- c:\program files\GamePark
2009-12-09 18:55 . 2009-12-09 18:55 -------- d-----w- c:\users\Mous\AppData\Roaming\Leadertech
2009-12-09 18:48 . 2009-11-23 12:10 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-08 16:42 . 2009-12-08 16:42 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-08 16:42 . 2009-12-08 16:42 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-08 16:42 . 2009-12-05 15:14 -------- d-----w- c:\program files\Nokia
2009-12-08 16:42 . 2009-12-08 16:42 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-08 16:41 . 2009-12-08 16:41 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-08 16:41 . 2009-12-08 16:41 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-08 16:41 . 2009-12-08 16:41 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-08 16:41 . 2009-12-08 16:41 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-08 16:40 . 2009-12-05 15:09 -------- d-----w- c:\programdata\Installations
2009-12-08 16:40 . 2009-12-08 16:41 34698816 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze.exe
2009-12-07 16:52 . 2009-12-07 16:52 -------- d-----w- c:\program files\ShowMyPCService
2009-12-07 15:48 . 2009-12-07 15:48 -------- d-----w- c:\users\Mous\AppData\Roaming\teamspeak2
2009-12-05 22:49 . 2009-12-05 22:49 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-05 22:46 . 2009-12-05 22:46 -------- d-----w- c:\program files\Common Files\Skype
2009-12-05 22:46 . 2009-12-05 22:46 -------- d-----r- c:\program files\Skype
2009-12-05 22:46 . 2009-12-05 22:46 -------- d-----w- c:\programdata\Skype
2009-12-05 21:38 . 2009-12-05 21:38 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-05 19:25 . 2009-12-05 19:25 -------- d-----w- c:\users\Mous\AppData\Roaming\Spore
2009-12-05 15:26 . 2009-12-05 15:07 -------- d-----w- c:\users\Mous\AppData\Roaming\Audacity
2009-12-05 15:20 . 2009-12-05 15:19 -------- d-----w- c:\program files\AudioCommander
2009-12-05 15:19 . 2009-12-05 15:19 -------- dc-h--w- c:\programdata\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
2009-12-05 15:16 . 2009-12-05 15:15 -------- d-----w- c:\users\Mous\AppData\Roaming\Nokia
2009-12-05 15:15 . 2009-12-05 15:15 -------- d-----w- c:\users\Mous\AppData\Roaming\PC Suite
2009-12-05 15:15 . 2009-12-05 15:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-05 15:15 . 2009-12-05 15:15 -------- d-----w- c:\programdata\PC Suite
2009-12-05 15:15 . 2009-12-05 15:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-05 15:15 . 2009-12-05 15:15 -------- d-----w- c:\program files\DIFX
2009-12-05 15:09 . 2009-12-05 15:09 95232 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-05 15:09 . 2009-12-05 15:09 8192 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-05 15:09 . 2009-12-05 15:09 61440 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-05 15:09 . 2009-12-05 15:09 10240 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-05 15:09 . 2009-12-05 15:09 33921368 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_cze_web.exe
2009-12-05 15:07 . 2009-12-05 15:07 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-12-05 15:06 . 2009-12-05 15:05 -------- d-----w- c:\program files\Magic Audio Editor Pro
2009-12-03 18:03 . 2009-12-03 18:03 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-12-03 15:32 . 2009-12-03 15:32 -------- d-----w- c:\programdata\Blizzard
2009-12-02 14:34 . 2009-07-30 00:09 -------- d-----w- c:\program files\Java
2009-12-01 20:00 . 2009-12-01 17:17 -------- d-----w- c:\program files\Algebrator
2009-11-27 21:19 . 2009-11-27 21:18 -------- d-----w- c:\programdata\PMB Files
2009-11-27 21:18 . 2009-11-27 21:18 -------- d-----w- c:\program files\Pando Networks
2009-11-26 19:29 . 2009-11-26 19:28 -------- d-----w- c:\program files\NVIDIA Corporation
2009-11-26 19:28 . 2009-11-26 19:28 -------- d-----w- c:\program files\AGEIA Technologies
2009-11-25 16:50 . 2009-11-25 16:50 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-11-24 19:07 . 2009-11-24 19:07 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-21 20:01 . 2009-11-21 20:01 1078 ----a-r- c:\users\Mous\AppData\Roaming\Microsoft\Installer\{484886B5-B589-4133-A2EB-8FF147F68ABE}\_294823.exe
2009-11-20 19:33 . 2009-11-20 19:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 19:33 . 2009-11-20 19:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 19:33 . 2009-11-20 19:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 19:33 . 2009-11-20 19:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:33 . 2009-11-20 19:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 19:33 . 2009-11-20 19:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-11-20 19:16 . 2009-11-20 19:16 0 ----a-w- c:\windows\nsreg.dat
2009-11-20 18:18 . 2009-12-08 16:21 4990056 ----a-w- c:\windows\system32\NVStWiz.exe
2009-11-20 17:08 . 2009-11-20 17:10 36232 ----a-w- c:\windows\system32\perfd005.dat
2009-11-20 17:08 . 2009-11-20 17:10 292004 ----a-w- c:\windows\system32\perfi005.dat
2009-11-20 17:08 . 2009-11-20 17:09 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfd.dat
2009-11-20 17:08 . 2009-11-20 17:09 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfc.dat
2009-11-20 17:08 . 2009-11-20 17:09 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfi.dat
2009-11-20 17:08 . 2009-11-20 17:09 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfh.dat
2009-11-16 09:00 . 2009-11-16 09:00 84912 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVENG.SYS
2009-11-16 09:00 . 2009-11-16 09:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\EECTRL.SYS
2009-11-16 09:00 . 2009-11-16 09:00 259440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ECMSVR32.DLL
2009-11-16 09:00 . 2009-11-16 09:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVENG32.DLL
2009-11-16 09:00 . 2009-11-16 09:00 1647984 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVEX32A.DLL
2009-11-16 09:00 . 2009-11-16 09:00 1323568 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\NAVEX15.SYS
2009-11-16 09:00 . 2009-11-16 09:00 102448 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\BinHub\ERASER.SYS
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Mous\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-11-20 135664]
"FileUploader"="e:\share-rapid manager\SRDownloader.exe" [2009-12-27 468992]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-11-27 2923192]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2009-02-12 115560]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

c:\users\Mous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-11-25 624416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"TuneUp Utilities"=c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

R2 cpuz132;cpuz132;c:\windows\System32\drivers\cpuz132_x32.sys [22.11.2009 17:14 12672]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [24.12.2099 8:16 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [20.11.2009 19:17 240232]
R3 DKRtWrt;DKRtWrt;c:\windows\System32\drivers\DKRtWrt.sys [3.1.2010 14:07 45232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [3.1.2010 19:44 102448]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\System32\drivers\Rt86win7.sys [22.5.2009 15:52 167936]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [1.1.2010 2:09 717296]
S3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [18.11.2008 18:17 23888]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - DwShield00007A40
.
Obsah adresáře 'Naplánované úlohy'

2010-01-22 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-07-30 08:55]

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-929804540-3650226206-110450735-1001Core.job
- c:\users\Mous\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-20 16:54]

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-929804540-3650226206-110450735-1001UA.job
- c:\users\Mous\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-20 16:54]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Mous\AppData\Roaming\Mozilla\Firefox\Profiles\rtnkxsg1.default\
FF - plugin: c:\users\Mous\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.proxy.type - 0
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-01-22 22:57:28
ComboFix-quarantined-files.txt 2010-01-22 21:57
ComboFix2.txt 2010-01-22 19:39

Před spuštěním: 5 658 689 536 bytes free
Po spuštění: 5 591 048 192 bytes free

- - End Of File - - 88210F5595BD2762F3E3A8E6B8BF0DFE

[Reklama]

[Damned]

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Pokud ti nepůjde tak najdi a smaž:
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
a Combofix.exe
Pak si stáhni OTCleanIt.
- Připoj se k internetu a dvojklikem spusť program
- Klikni na tlačítko CleanUp
- Po dokončení povol restart PC
- Po restartu tento nástroj smaž - není určen pro běžné používání

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

[Mous]

OTL logfile created on: 22.1.2010 23:43:10 - Run 1
OTL by OldTimer - Version 3.1.25.4 Folder = C:\Users\Mous\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,25 Gb Total Space | 6,93 Gb Free Space | 22,18% Space Free | Partition Type: NTFS
Drive D: | 186,30 Gb Total Space | 18,30 Gb Free Space | 9,82% Space Free | Partition Type: NTFS
Drive E: | 465,75 Gb Total Space | 236,32 Gb Free Space | 50,74% Space Free | Partition Type: NTFS
Drive F: | 117,80 Gb Total Space | 7,03 Gb Free Space | 5,96% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
I: Drive not present or media not loaded

Computer Name: MOUS-PC
Current User Name: Mous
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Mous\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Users\Mous\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Skype\Plugin Manager\skypePM.exe (Skype Technologies)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Mous\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (pcouffin) -- C:\Windows\System32\drivers\pcouffin.sys (VSO Software)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100121.005\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100121.005\NAVENG.SYS (Symantec Corporation)
DRV - (DKRtWrt) -- C:\Windows\System32\drivers\DKRtWrt.sys (Diskeeper Corporation)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbser) -- C:\Windows\System32\drivers\usbser.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (JRAID) -- C:\Windows\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek )
DRV - (WPS) -- C:\Windows\System32\drivers\WPSDRVnt.sys (Symantec Corporation)
DRV - (WpsHelper) -- C:\Windows\System32\drivers\WpsHelper.sys (Symantec Corporation)
DRV - (cpuz132) -- C:\Windows\System32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (COH_Mon) -- C:\Windows\System32\drivers\COH_Mon.sys (Symantec Corporation)
DRV - (Teefer2) -- C:\Windows\System32\drivers\Teefer2.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (ENTECH) -- C:\Windows\System32\drivers\Entech.sys (EnTech Taiwan)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = ED 43 FF E7 B3 9B CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:10.1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - user.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.08 17:42:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.11.20 20:16:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.21 22:09:29 | 00,000,000 | ---D | M]

[2009.11.20 20:16:58 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Mozilla\Extensions
[2009.11.20 20:16:58 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Mous\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.11.20 20:17:34 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Mozilla\Firefox\Profiles\rtnkxsg1.default\extensions
[2009.11.20 20:17:33 | 00,000,000 | ---D | M] (Tamper Data) -- C:\Users\Mous\AppData\Roaming\Mozilla\Firefox\Profiles\rtnkxsg1.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2009.12.02 15:35:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.11.20 20:16:40 | 00,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.12.02 15:35:04 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009.11.03 04:26:27 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009.11.03 04:26:27 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.10.11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.11.03 04:26:27 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009.11.27 22:18:47 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009.12.21 18:34:06 | 00,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009.11.03 02:45:38 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009.11.03 02:45:38 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.11.03 02:45:38 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.11.03 02:45:38 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.11.03 02:45:38 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.11.03 02:45:38 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.01.22 20:35:47 | 00,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [FileUploader] E:\Share-Rapid Manager\SRDownloader.exe ()
O4 - HKCU..\Run: [Google Update] C:\Users\Mous\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Mous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe (LogMeIn Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.16.7.1 80.250.20.74 80.250.1.161
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.04 21:16:33 | 08,352,136 | ---- | M] (AutoIt Team) - E:\autoit-v3-setup.exe -- [ NTFS ]
O32 - AutoRun File - [2008.02.15 20:58:31 | 00,131,720 | R--- | M] (InstallShield Software Corporation) - H:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2007.11.09 15:48:47 | 00,058,601 | R--- | M] () - H:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2007.11.09 15:48:47 | 00,000,047 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007.11.09 15:48:57 | 00,000,382 | R--- | M] () - H:\autorun.ini -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2099.12.24 08:16:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2099.12.24 08:16:50 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2099.12.23 22:04:58 | 00,000,000 | ---D | C] -- C:\Users\Mous\AppData\Roaming\Hamachi
[2099.12.23 22:04:43 | 00,000,000 | ---D | C] -- C:\Program Files\Hamachi
[2010.01.22 23:18:58 | 00,547,840 | ---- | C] (OldTimer Tools) -- C:\Users\Mous\Desktop\OTL.exe
[2010.01.22 22:57:31 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.01.22 22:57:30 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2010.01.22 22:57:30 | 00,000,000 | ---D | C] -- C:\Users\Mous\AppData\Local\temp
[2010.01.22 22:07:38 | 00,000,000 | ---D | C] -- C:\Users\Mous\DoctorWeb
[2010.01.22 21:14:22 | 00,000,000 | ---D | C] -- C:\Users\Mous\AppData\Roaming\Ubisoft
[2010.01.22 21:14:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010.01.22 21:12:34 | 00,000,000 | -H-D | C] -- C:\Windows\PIF
[2010.01.21 22:17:27 | 00,000,000 | R--D | C] -- C:\Users\Mous\Desktop\ANTI-virus
[2010.01.21 22:14:14 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.01.21 22:09:26 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.01.21 20:25:56 | 00,000,000 | ---D | C] -- C:\Users\Mous\AppData\Roaming\Malwarebytes
[2010.01.21 20:25:53 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.01.21 20:25:51 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.01.21 20:25:51 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.01.21 20:25:51 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.12.30 21:20:11 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\Mous\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 14 Days ==========

[2099.12.24 08:21:14 | 00,356,723 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20091213-185926.backup
[2010.01.22 23:44:27 | 06,029,312 | ---- | M] () -- C:\Users\Mous\NTUSER.DAT
[2010.01.22 23:40:53 | 00,100,864 | ---- | M] () -- C:\Users\Mous\Desktop\T-Cleaner.exe
[2010.01.22 23:32:24 | 00,016,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.01.22 23:32:24 | 00,016,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.01.22 23:30:49 | 01,481,670 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.01.22 23:30:49 | 00,634,392 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.01.22 23:30:49 | 00,618,664 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.01.22 23:30:49 | 00,124,754 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.01.22 23:30:49 | 00,108,240 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.01.22 23:25:14 | 00,000,386 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010.01.22 23:25:01 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.01.22 23:24:54 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.01.22 23:24:44 | 24,089,31328 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.22 23:23:09 | 03,748,231 | -H-- | M] () -- C:\Users\Mous\AppData\Local\IconCache.db
[2010.01.22 23:19:09 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Users\Mous\Desktop\OTL.exe
[2010.01.22 22:59:00 | 00,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-929804540-3650226206-110450735-1001UA.job
[2010.01.22 22:56:07 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.01.22 21:11:08 | 00,001,261 | ---- | M] () -- C:\Users\Mous\Desktop\Assassins Creed.lnk
[2010.01.22 20:35:47 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.01.22 17:59:00 | 00,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-929804540-3650226206-110450735-1001Core.job
[2010.01.22 15:57:32 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.01.21 20:16:04 | 00,003,720 | ---- | M] () -- C:\Windows\wininit.ini
[2010.01.09 14:05:49 | 00,013,121 | ---- | M] () -- C:\Users\Mous\Documents\LVVK 2010.docx

========== Files Created - No Company Name ==========

[2099.12.24 08:48:15 | 00,002,245 | ---- | C] () -- C:\Users\Mous\Desktop\Google Chrome.lnk
[2010.01.22 23:40:53 | 00,100,864 | ---- | C] () -- C:\Users\Mous\Desktop\T-Cleaner.exe
[2010.01.22 21:11:08 | 00,001,261 | ---- | C] () -- C:\Users\Mous\Desktop\Assassins Creed.lnk
[2009.12.31 23:35:23 | 00,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2009.12.30 21:47:51 | 00,001,041 | ---- | C] () -- C:\Users\Mous\AppData\Roaming\vso_ts_preview.xml
[2009.12.30 21:20:35 | 00,000,034 | ---- | C] () -- C:\Users\Mous\AppData\Roaming\pcouffin.log
[2009.12.30 21:20:11 | 00,007,887 | ---- | C] () -- C:\Users\Mous\AppData\Roaming\pcouffin.cat
[2009.12.30 21:20:11 | 00,001,144 | ---- | C] () -- C:\Users\Mous\AppData\Roaming\pcouffin.inf
[2009.12.18 14:30:52 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.12.05 16:20:47 | 00,003,720 | ---- | C] () -- C:\Windows\wininit.ini
[2009.11.23 13:10:18 | 00,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.11.21 22:31:21 | 01,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.08.03 00:21:54 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.07.14 17:15:00 | 00,178,432 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.07.14 00:51:43 | 00,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008.08.28 12:19:18 | 00,032,768 | ---- | C] () -- C:\Windows\System32\IsDRM.dll
[2008.08.28 12:16:00 | 00,544,768 | ---- | C] () -- C:\Windows\System32\AudioConverter.dll

========== LOP Check ==========

[2009.12.14 19:35:04 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\ArtOfPing
[2009.12.05 16:26:35 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Audacity
[2010.01.01 02:12:28 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\DAEMON Tools
[2010.01.01 02:09:03 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\DAEMON Tools Pro
[2009.12.28 13:14:55 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\GetRight
[2009.12.28 13:15:19 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Hide IP NG
[2009.12.10 21:38:07 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\IObit
[2009.12.09 19:55:26 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Leadertech
[2009.12.05 16:16:53 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Nokia
[2009.12.05 16:15:49 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\PC Suite
[2009.12.05 20:25:46 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Spore
[2010.01.22 21:14:22 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Ubisoft
[2010.01.05 00:09:58 | 00,000,000 | ---D | M] -- C:\Users\Mous\AppData\Roaming\Vso
[2010.01.22 23:25:14 | 00,000,386 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2009.07.14 05:53:46 | 00,021,138 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:6900017D
< End of report >

[Mous]

OTL Extras logfile created on: 22.1.2010 23:43:10 - Run 1
OTL by OldTimer - Version 3.1.25.4 Folder = C:\Users\Mous\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 31,25 Gb Total Space | 6,93 Gb Free Space | 22,18% Space Free | Partition Type: NTFS
Drive D: | 186,30 Gb Total Space | 18,30 Gb Free Space | 9,82% Space Free | Partition Type: NTFS
Drive E: | 465,75 Gb Total Space | 236,32 Gb Free Space | 50,74% Space Free | Partition Type: NTFS
Drive F: | 117,80 Gb Total Space | 7,03 Gb Free Space | 5,96% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 6,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
I: Drive not present or media not loaded

Computer Name: MOUS-PC
Current User Name: Mous
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 17
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{484886B5-B589-4133-A2EB-8FF147F68ABE}" = GOCR Frontend
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D015A2F-4D85-419E-8E1D-93B0C246D491}" = Diskeeper 2010 Pro Premier
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A0F43BC6-E685-49CB-BF91-851F62628343}" = AudioCommander
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE
"{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable
"{BB3DE5A2-54E3-4846-8C9C-6C373CE43712}" = Symantec Endpoint Protection Small Business Edition
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1583439-B034-4881-819C-D52A0587662B}" = Neverwinter Nights
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Algebrator_is1" = Algebrator 4.0
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"AudioCommander" = AudioCommander
"Auto Clicker Typer_is1" = Auto Clicker Typer 1.0
"AutoBoot_is1" = AutoBoot
"BSPlayerp" = BS.Player PRO
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"Combined Community Codec Pack BETA_is1" = Combined Community Codec Pack BETA 2009-06-18
"ControlCenter_is1" = ControlCenter
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.2
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 6_is1" = DVDFab 6.2.0.5 (11/11/2009)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"ffdshow" = ffdshow (remove only)
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.2.5
"HashTab" = HashTab 3.0.0
"HijackThis" = HijackThis 2.0.2
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Więzy Krwi
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Magic Audio Editor Pro_is1" = Magic Audio Editor Pro v7.4.0.11
"Magic Ball 3" = Magic Ball 3
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Nero8Lite_is1" = Nero 8 Lite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"OpenAL" = OpenAL
"Total Uninstall 5_is1" = Total Uninstall 5.4.2
"Trine v1.04 Steam Update" = Trine v1.04 Steam Update
"Warcraft III Version Switcher" = Warcraft III Version Switcher
"Windows Media Player 12 with Toolbar 12.00" = Windows Media Player 12 with Toolbar 12.00
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Zombie Driver" = Zombie Driver 1.0.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.1.2010 10:05:29 | Computer Name = Mous-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnetwk.exe, version: 11.0.6000.6324,
time stamp: 0x4549b540 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdaae Exception code: 0xc000001d Fault offset: 0x00009617 Faulting
process id: 0x3ec Faulting application start time: 0x01ca906b9d99b3ff Faulting application
path: C:\Program Files\Windows Media Player\wmpnetwk.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: dfdc1367-fc5e-11de-93e6-40618600a082

Error - 8.1.2010 10:05:29 | Computer Name = Mous-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Media Player Network Sharing Service because of this
error. Program: Windows Media Player Network Sharing Service File: The error value
is listed in the Additional Data section. User Action 1. Open the file again. This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0

Error - 8.1.2010 10:05:55 | Computer Name = Mous-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnetwk.exe, version: 11.0.6000.6324,
time stamp: 0x4549b540 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdaae Exception code: 0xc000001d Fault offset: 0x00009617 Faulting
process id: 0x16e0 Faulting application start time: 0x01ca906bb1ccc1ee Faulting application
path: C:\Program Files\Windows Media Player\wmpnetwk.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: ef8c57d1-fc5e-11de-93e6-40618600a082

Error - 8.1.2010 10:05:55 | Computer Name = Mous-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Media Player Network Sharing Service because of this
error. Program: Windows Media Player Network Sharing Service File: The error value
is listed in the Additional Data section. User Action 1. Open the file again. This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0

Error - 8.1.2010 10:05:59 | Computer Name = Mous-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnetwk.exe, version: 11.0.6000.6324,
time stamp: 0x4549b540 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdaae Exception code: 0xc000001d Fault offset: 0x00009617 Faulting
process id: 0x17c4 Faulting application start time: 0x01ca906bb43a0916 Faulting application
path: C:\Program Files\Windows Media Player\wmpnetwk.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: f1edb817-fc5e-11de-93e6-40618600a082

Error - 8.1.2010 10:05:59 | Computer Name = Mous-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Media Player Network Sharing Service because of this
error. Program: Windows Media Player Network Sharing Service File: The error value
is listed in the Additional Data section. User Action 1. Open the file again. This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0

Error - 8.1.2010 10:06:25 | Computer Name = Mous-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnetwk.exe, version: 11.0.6000.6324,
time stamp: 0x4549b540 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdaae Exception code: 0xc000001d Fault offset: 0x00009617 Faulting
process id: 0x1084 Faulting application start time: 0x01ca906bc3d1ecc1 Faulting application
path: C:\Program Files\Windows Media Player\wmpnetwk.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: 018a5e83-fc5f-11de-93e6-40618600a082

Error - 8.1.2010 10:06:25 | Computer Name = Mous-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Media Player Network Sharing Service because of this
error. Program: Windows Media Player Network Sharing Service File: The error value
is listed in the Additional Data section. User Action 1. Open the file again. This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0

Error - 8.1.2010 10:07:15 | Computer Name = Mous-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnetwk.exe, version: 11.0.6000.6324,
time stamp: 0x4549b540 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdaae Exception code: 0xc000001d Fault offset: 0x00009617 Faulting
process id: 0x150c Faulting application start time: 0x01ca906be15079a6 Faulting application
path: C:\Program Files\Windows Media Player\wmpnetwk.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: 1f08eb68-fc5f-11de-93e6-40618600a082

Error - 8.1.2010 10:07:15 | Computer Name = Mous-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Media Player Network Sharing Service because of this
error. Program: Windows Media Player Network Sharing Service File: The error value
is listed in the Additional Data section. User Action 1. Open the file again. This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0

[ System Events ]
Error - 20.1.2010 10:13:20 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 11:13:14 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 12:13:14 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 13:13:14 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 14:13:13 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 15:13:40 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 16:13:13 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 16:19:37 | Computer Name = Mous-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 20.1.2010 17:13:13 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275

Error - 20.1.2010 18:13:13 | Computer Name = Mous-PC | Source = Service Control Manager | ID = 7000
Description = The COH_Mon service failed to start due to the following error: %%1275


< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:6900017D

:Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\Windows\SysNative\*.tmp
C:\$RECYCLE.BIN
C:\Windows\System32\drivers\etc\hosts.20091213-185926.backup
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah a vlož mi sem pak nový log z HJT

[Mous]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\TEMP:6900017D deleted successfully.
========== FILES ==========
File\Folder C:\Windows\*.tmp not found.
File\Folder C:\Windows\System32\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\$RECYCLE.BIN\S-1-5-21-929804540-3650226206-110450735-1001\$RFX46O0 folder moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-929804540-3650226206-110450735-1001\$RF5YHSF folder moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-929804540-3650226206-110450735-1001 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
C:\Windows\System32\drivers\etc\hosts.20091213-185926.backup moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mous
->Temp folder emptied: 4 bytes
->Temporary Internet Files folder emptied: 565031 bytes
->Java cache emptied: 27766589 bytes
->Google Chrome cache emptied: 257000855 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 272,00 mb


OTL by OldTimer - Version 3.1.25.4 log created on 01232010_001644

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Mous]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:19:49, on 23.1.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Users\Mous\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mous\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [FileUploader] E:\Share-Rapid Manager\SRDownloader.exe /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe

--
End of file - 6623 bytes

[Damned]

Smaž složku C:\_OTL .

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
*****************************************************************************************************************************************
Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.

Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.

Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.