Dobrý den, začal se mi místy "zasekávat systém" a to klidně i na necelou minutu. Po "odhryznuti" se pozmění systémový čas. Projel jsem notas nekolika free programy ale nic neukazaly.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5416
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
29.12.2010 16:17:45
mbam-log-2010-12-29 (16-17-45).txt
Typ kontroly: Rychlý test
Testované objekty: 153942
Uplynulý čas: 5 minut, 32 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Log z ComboFixu
ComboFix 10-12-28.03 - Antrac1t 29.12.2010 16:39:12.1.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2046.586 [GMT 1:00]
Spuštěný z: C:\Users\Antrac1t\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Users\Antrac1t\AppData\Roaming\Local
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
C:\Windows\system32\arp.exe . . . . nemohl být smazán
C:\Windows\system32\slwga.dll . . . . nemohl být smazán
C:\Windows\system32\systemcpl.dll . . . . nemohl být smazán
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-29 )))))))))))))))))))))))))))))))
.
2010-12-29 15:49:50 . 2010-12-29 15:49:50 -------- d-----w- C:\Users\Default\AppData\Local\temp
2010-12-29 15:10:46 . 2010-12-20 17:09:00 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-29 15:10:45 . 2010-12-29 15:10:45 -------- d-----w- C:\ProgramData\Malwarebytes
2010-12-29 15:10:40 . 2010-12-29 15:10:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-29 15:01:40 . 2010-12-29 15:01:48 -------- d-----w- C:\Program Files\CCleaner
2010-12-29 12:50:15 . 2010-12-29 12:50:15 143360 ----a-w- C:\vrayspawner2010.exe
2010-12-29 12:50:15 . 2010-12-29 12:50:15 -------- d-----w- C:\defaults
2010-12-29 12:50:14 . 2010-12-29 12:50:14 1101312 ----a-w- C:\dte_wrapper.dll
2010-12-29 12:50:14 . 2010-12-29 12:50:14 1011712 ----a-w- C:\HairVrPrims2010.dll
2010-12-29 12:50:12 . 2010-12-29 12:50:12 7787520 ----a-w- C:\vray2010.dll
2010-12-29 12:50:12 . 2010-12-29 12:50:12 3381944 ----a-w- C:\libmmd.dll
2010-12-29 12:35:16 . 2010-12-29 12:50:00 -------- d-----w- C:\Program Files\Common Files\ChaosGroup
2010-12-29 12:35:09 . 2010-12-29 12:50:13 540672 ----a-w- C:\vrayraw2010.bmi
2010-12-29 12:35:09 . 2010-12-29 12:50:13 4173312 ----a-w- C:\vrender2010.dlr
2010-12-29 12:23:05 . 2009-12-03 05:00:00 344576 ----a-w- C:\Windows\SysWow64\wibuKJni.dll
2010-12-29 12:23:05 . 2009-12-03 05:00:00 333824 ----a-w- C:\Windows\SysWow64\WkExt32.dll
2010-12-29 12:23:05 . 2009-10-21 08:00:00 356352 ----a-w- C:\Windows\SysWow64\WibuXpm4J32.dll
2010-12-29 12:22:25 . 2009-12-03 05:00:00 150528 ----a-w- C:\Windows\SysWow64\WkWin32.dll
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files\WIBU-SYSTEMS
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files (x86)\WIBUKEY
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files (x86)\WIBU-SYSTEMS
2010-12-28 13:01:42 . 2010-12-28 13:01:43 -------- dc-h--w- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-28 13:01:18 . 2010-12-28 13:17:29 -------- d-----w- C:\ProgramData\Lavasoft
2010-12-28 13:01:18 . 2010-12-28 13:01:18 -------- d-----w- C:\Program Files (x86)\Lavasoft
2010-12-28 08:10:28 . 2010-11-16 11:01:20 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C361E793-2B27-4336-A057-97FC30F57866}\mpengine.dll
2010-12-26 15:30:41 . 2008-10-10 03:52:38 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2010-12-26 15:30:41 . 2008-10-10 03:52:38 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2010-12-26 15:30:41 . 2008-10-10 03:52:38 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2010-12-26 15:30:41 . 2007-04-04 17:53:42 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2010-12-26 11:15:13 . 2010-12-26 11:15:13 -------- d-----w- C:\Program Files (x86)\FreeTime
2010-12-25 16:40:32 . 2010-12-25 16:40:32 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio
2010-12-25 16:35:55 . 2010-12-25 16:39:01 -------- d-----w- C:\Program Files (x86)\MKVtoolnix
2010-12-25 08:49:32 . 2010-12-25 08:49:32 -------- d-----w- C:\Program Files (x86)\ICQ6Toolbar
2010-12-25 08:49:28 . 2010-12-25 08:49:31 -------- d-----w- C:\ProgramData\ICQ
2010-12-25 08:48:51 . 2010-12-25 08:50:37 -------- d-----w- C:\Program Files (x86)\ICQ7.2
2010-12-19 20:53:15 . 2010-12-19 20:53:15 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2010-12-18 21:14:27 . 2010-12-18 21:14:27 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2010-12-18 21:14:25 . 2010-12-18 21:14:52 -------- d-----r- C:\Program Files (x86)\Skype
2010-12-18 21:14:20 . 2010-12-18 21:14:23 -------- d-----w- C:\ProgramData\Skype
2010-12-18 21:11:47 . 2010-12-18 21:11:51 -------- d-----w- C:\Program Files\SlikSvn
2010-12-18 21:04:27 . 2010-12-18 21:04:28 -------- d-----w- C:\Program Files (x86)\Sparx Systems
2010-12-18 21:03:17 . 2010-12-18 21:03:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-12-17 11:40:52 . 2010-12-17 11:41:58 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2010-12-17 11:37:28 . 2010-12-17 11:37:28 -------- d-----w- C:\ProgramData\boost_interprocess
2010-12-17 09:11:53 . 2010-12-17 09:13:02 -------- d-----w- C:\Program Files (x86)\glassfish-3.0.1
2010-12-17 09:04:19 . 2010-12-17 09:11:51 -------- d-----w- C:\Program Files (x86)\NetBeans 6.9.1
2010-12-17 08:59:46 . 2010-12-17 09:01:20 -------- d-----w- C:\Program Files\Java
2010-12-15 21:12:45 . 2010-12-15 21:12:45 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-12-15 21:12:37 . 2010-12-15 21:12:39 -------- d-----w- C:\Program Files\DivX
2010-12-15 21:12:03 . 2010-12-15 21:12:27 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2010-12-15 21:10:15 . 2010-12-15 21:13:27 -------- d-----w- C:\Program Files (x86)\DivX
2010-12-15 21:08:21 . 2010-12-15 21:13:28 -------- d-----w- C:\ProgramData\DivX
2010-12-15 20:41:24 . 2010-12-15 20:41:24 -------- d-----w- C:\Program Files (x86)\IrfanView
2010-12-15 17:49:06 . 2010-12-16 07:22:46 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2010-12-15 17:49:04 . 2010-12-16 14:07:32 -------- d-----w- C:\Program Files (x86)\Steam
2010-12-15 07:45:20 . 2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-12-15 07:45:13 . 2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-12-15 07:45:13 . 2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-12-15 07:45:13 . 2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-12-15 07:45:13 . 2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-12-15 07:45:09 . 2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-12-15 07:45:09 . 2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-12-15 07:45:07 . 2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-12-15 07:45:06 . 2010-10-12 05:05:01 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2010-12-15 07:45:06 . 2010-10-12 05:00:30 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2010-12-15 07:45:06 . 2010-10-12 04:25:09 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2010-12-14 20:13:30 . 2010-12-14 20:13:30 -------- d-----w- C:\Program Files (x86)\Bonjour
2010-12-14 12:57:26 . 2010-12-14 13:14:54 -------- d-----w- C:\ProgramData\Creative
2010-12-14 12:56:46 . 2003-06-12 22:25:40 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
2010-12-14 12:56:13 . 2000-05-22 15:58:00 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx
2010-12-14 12:56:12 . 2006-10-06 13:17:34 53248 ------w- C:\Windows\Ctregrun.exe
2010-12-14 12:53:00 . 2010-12-14 12:53:00 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
2010-12-14 12:52:55 . 2010-12-14 13:12:15 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information
2010-12-14 12:52:32 . 2008-08-26 08:30:32 8704 ----a-w- C:\Windows\ResDefE.exe
2010-12-14 12:52:28 . 2010-12-14 17:01:57 -------- d-----w- C:\Program Files\Creative
2010-12-14 12:52:27 . 2008-09-10 02:54:34 497152 ----a-r- C:\Windows\SysWow64\CTAPO32.dll
2010-12-14 12:52:22 . 2010-12-14 12:52:22 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2010-12-14 12:52:22 . 2010-12-14 12:52:22 110592 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2010-12-14 12:52:22 . 2007-07-09 02:59:14 782336 ----a-r- C:\Windows\SysWow64\tmp6864.tmp
2010-12-14 12:51:59 . 2010-12-14 12:51:59 -------- d-----w- C:\ProgramData\Creative Labs
2010-12-14 12:50:30 . 2010-12-14 12:50:30 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2010-12-14 12:49:56 . 2010-12-14 13:13:59 -------- d-----w- C:\Program Files (x86)\Creative
2010-12-14 12:48:25 . 2010-12-25 08:49:29 -------- d--h--w- C:\Program Files (x86)\InstallShield Installation Information
2010-12-14 12:48:20 . 2010-12-14 12:48:20 -------- d-----w- C:\Program Files (x86)\Common Files\InstallShield
2010-12-14 07:28:06 . 2009-09-10 05:52:05 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2010-12-14 07:19:14 . 2010-12-14 07:19:14 -------- d-----w- C:\Windows\SysWow64\Wat
2010-12-13 23:07:17 . 2009-11-25 11:47:34 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-12-13 23:07:17 . 2009-11-25 11:47:34 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-12-13 20:54:00 . 2010-12-22 18:23:12 -------- d-----w- C:\ProgramData\FLEXnet
2010-12-13 15:47:38 . 2010-12-13 15:47:38 -------- d-----w- C:\ProgramData\NVIDIA
2010-12-13 14:42:22 . 2010-12-13 14:42:22 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2010-12-13 14:41:18 . 2010-12-13 14:41:18 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2010-12-13 14:40:27 . 2010-10-16 18:55:00 57960 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 5473896 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 4837480 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 319080 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 2912360 ----a-w- C:\Windows\SysWow64\nvcuvid.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 2666600 ----a-w- C:\Windows\SysWow64\nvcuvenc.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 1719912 ----a-w- C:\Windows\SysWow64\nvapi.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 14899816 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 13019752 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 10023528 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2010-12-13 14:39:38 . 2010-12-13 14:41:59 -------- d-----w- C:\Program Files\NVIDIA Corporation
2010-12-13 14:39:11 . 2010-12-13 14:39:11 -------- d-----w- C:\NVIDIA
2010-12-13 04:28:31 . 2010-03-05 07:42:42 67584 ----a-w- C:\Windows\SysWow64\asycfilt.dll
2010-12-13 04:28:27 . 2010-03-24 06:37:04 1289528 ----a-w- C:\Windows\SysWow64\ntdll.dll
2010-12-13 04:28:24 . 2010-03-08 21:33:56 427520 ----a-w- C:\Windows\SysWow64\vbscript.dll
2010-12-13 04:28:23 . 2010-10-19 08:47:59 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-12-13 04:28:23 . 2010-10-19 08:10:26 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-12-13 04:28:23 . 2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-12-13 04:28:21 . 2010-06-29 05:35:06 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2010-12-13 04:28:21 . 2010-06-29 05:02:02 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll
2010-12-13 04:28:21 . 2010-06-29 04:57:58 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2010-12-13 04:28:19 . 2010-05-05 06:46:55 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2010-12-13 04:28:14 . 2009-09-03 07:04:15 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll
2010-12-13 04:26:58 . 2009-12-22 08:24:35 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2010-12-13 04:25:45 . 2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-12-13 04:25:45 . 2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-12-13 04:25:44 . 2009-08-29 06:57:31 34816 ----a-w- C:\Windows\SysWow64\msasn1.dll
2010-12-13 04:25:43 . 2009-10-19 14:10:06 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2010-12-13 04:25:20 . 2010-09-01 05:14:31 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-12-13 04:25:20 . 2010-09-01 04:26:04 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-12 12:50:45 . 2010-12-12 12:50:45 50176 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2010-12-12 12:50:45 . 2010-12-12 12:50:45 27136 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2010-12-12 12:50:44 . 2010-12-12 12:50:44 2560 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2010-12-12 12:50:44 . 2010-12-12 12:50:44 2560 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2010-12-12 12:50:34 . 2010-12-12 12:50:34 15360 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2010-12-12 12:50:31 . 2010-12-12 12:50:31 5632 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2010-11-12 00:44:54 . 2010-11-12 00:44:54 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
2010-11-08 22:57:04 . 2010-11-08 22:57:04 353592 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2010-11-02 04:34:33 . 2010-12-15 07:45:13 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 14:23:06 1385864 ----a-w- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 14:23:06 1385864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 11:44:11 85160]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47:42 31016]
"Acrobat Assistant 7.0"="C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 10:12:02 483328]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 10:44:46 248552]
"VolPanel"="C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2009-07-07 12:13:38 241789]
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 19:28:24 1226608]
"DivX Download Manager"="C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 21:15:44 63360]
C:\Users\Antrac1t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2010-12-12 25214]
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe [2010-12-29 5724472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-14 13:14:09 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-14 12:50:30 79360]
R3 GGSAFERDriver;GGSAFER Driver;D:\Garena\safedrv.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-12-03 09:05:35 17440]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-13 23:05:09 1255736]
S0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 09:05:34 69152]
S2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 17:56:38 247096]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-03 09:05:32 1389400]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 16:36:24 86016]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 20:35:28 5434368]
S3 skfiltv;skfiltv;C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 06:48:34 24064]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 21:01:11 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 21:01:11 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 21:01:11 740864]
S3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 06:50:18 46592]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
FF - ProfilePath - C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Hezké odpoledne 
Poprosím ještě o log ze Rsitu, viz můj podpis
Poprosím ještě o log ze Rsitu, viz můj podpis
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
Log z Rsitu
Logfile of random's system information tool 1.08 (written by random/random)
Run by Antrac1t at 2010-12-31 13:58:08
Microsoft Windows 7 Professional
System drive C: has 31 GB (35%) free of 90 GB
Total RAM: 2046 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:19, on 31.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\PROGRA~2\FREEDO~1\fdm.exe
C:\Program Files\trend micro\Antrac1t.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Trillian Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - Startup: Dropbox.lnk = Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12611 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe" start
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
"C:\Program Files (x86)\Trillian\trillian.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3876.9928f60.281436886 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 3876 plugin \\.\pipe\gecko-crash-server-pipe.3876
"C:\Windows\system32\Wat\WatUX.exe" hrOffline=0x8004FE21
"C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe" "C:\Users\Antrac1t\Documents\škola FEL\zimni 10-11\dsa\Algorithms and Data Structures.pdf"
C:\PROGRA~2\FREEDO~1\fdm.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe33_ Global\UsGthrCtrlFltPipeMssGthrPipe33 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Antrac1t\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-17 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Trillian Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Trillian Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.2\ICQ.exe [2010-12-25 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-12-03 14944136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-12-15 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Acrobat Assistant 7.0"=C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"VolPanel"=C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2009-07-07 241789]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Antrac1t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
.inf - install - %SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.cpl - cplopen - %SystemRoot%\SysWow64\control.exe "%1",%*
======List of files/folders created in the last 1 months======
2010-12-31 13:58:10 ----D---- C:\Program Files\trend micro
2010-12-31 13:58:08 ----D---- C:\rsit
2010-12-29 17:12:46 ----D---- C:\Users\Antrac1t\AppData\Roaming\Free Download Manager
2010-12-29 17:11:33 ----D---- C:\ProgramData\FreeDownloadManager.ORG
2010-12-29 17:11:32 ----D---- C:\Program Files (x86)\Free Download Manager
2010-12-29 16:35:44 ----A---- C:\Windows\zip.exe
2010-12-29 16:35:44 ----A---- C:\Windows\SWSC.exe
2010-12-29 16:35:44 ----A---- C:\Windows\SWREG.exe
2010-12-29 16:35:44 ----A---- C:\Windows\sed.exe
2010-12-29 16:35:44 ----A---- C:\Windows\PEV.exe
2010-12-29 16:35:44 ----A---- C:\Windows\NIRCMD.exe
2010-12-29 16:35:44 ----A---- C:\Windows\MBR.exe
2010-12-29 16:35:44 ----A---- C:\Windows\grep.exe
2010-12-29 16:35:29 ----D---- C:\Windows\ERDNT
2010-12-29 16:35:26 ----D---- C:\ComboFix
2010-12-29 16:34:51 ----D---- C:\Qoobox
2010-12-29 16:34:27 ----A---- C:\Windows\SWXCACLS.exe
2010-12-29 16:29:53 ----D---- C:\Downloads
2010-12-29 16:11:05 ----D---- C:\Users\Antrac1t\AppData\Roaming\Malwarebytes
2010-12-29 16:10:46 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-12-29 16:10:45 ----D---- C:\ProgramData\Malwarebytes
2010-12-29 16:10:41 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-12-29 16:10:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-29 16:03:28 ----SHD---- C:\$RECYCLE.BIN
2010-12-29 16:01:40 ----D---- C:\Program Files\CCleaner
2010-12-29 13:50:12 ----A---- C:\libmmd.dll
2010-12-29 13:35:16 ----D---- C:\Program Files\Common Files\ChaosGroup
2010-12-29 13:27:57 ----A---- C:\startvrlservice_log.txt
2010-12-29 13:23:05 ----A---- C:\Windows\SYSWOW64\WkExt32.dll
2010-12-29 13:23:05 ----A---- C:\Windows\SYSWOW64\WibuXpm4J32.dll
2010-12-29 13:23:05 ----A---- C:\Windows\SYSWOW64\wibuKJni.dll
2010-12-29 13:23:05 ----A---- C:\Windows\system32\WkExt64.dll
2010-12-29 13:23:05 ----A---- C:\Windows\system32\WibuXpm4J64.dll
2010-12-29 13:23:05 ----A---- C:\Windows\system32\wibuKJni64.dll
2010-12-29 13:22:36 ----A---- C:\Windows\system32\drivers\Wibukey2_64.sys
2010-12-29 13:22:26 ----A---- C:\Windows\system32\drivers\WibuKey64.sys
2010-12-29 13:22:25 ----A---- C:\Windows\SYSWOW64\WkWin32.dll
2010-12-29 13:22:25 ----A---- C:\Windows\system32\WkWin64.dll
2010-12-29 13:22:15 ----D---- C:\Program Files\WIBU-SYSTEMS
2010-12-29 13:22:15 ----D---- C:\Program Files (x86)\WIBU-SYSTEMS
2010-12-29 13:22:15 ----D---- C:\Program Files (x86)\WIBUKEY
2010-12-29 10:19:23 ----A---- C:\Windows\system32\lsdelete.exe
2010-12-28 14:17:30 ----DC---- C:\Windows\system32\DRVSTORE
2010-12-28 14:17:30 ----A---- C:\Windows\system32\drivers\Lbd.sys
2010-12-28 14:17:26 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-12-28 14:01:42 ----HDC---- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-28 14:01:18 ----D---- C:\ProgramData\Lavasoft
2010-12-28 14:01:18 ----D---- C:\Program Files (x86)\Lavasoft
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-12-26 12:15:13 ----D---- C:\Program Files (x86)\FreeTime
2010-12-25 17:40:32 ----D---- C:\Program Files (x86)\Aiseesoft Studio
2010-12-25 17:35:55 ----D---- C:\Program Files (x86)\MKVtoolnix
2010-12-25 09:49:32 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2010-12-25 09:49:28 ----D---- C:\ProgramData\ICQ
2010-12-25 09:49:00 ----D---- C:\Users\Antrac1t\AppData\Roaming\ICQ
2010-12-25 09:48:51 ----D---- C:\Program Files (x86)\ICQ7.2
2010-12-19 21:53:15 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-12-18 22:16:04 ----D---- C:\Users\Antrac1t\AppData\Roaming\skypePM
2010-12-18 22:14:30 ----D---- C:\Users\Antrac1t\AppData\Roaming\Subversion
2010-12-18 22:14:25 ----RD---- C:\Program Files (x86)\Skype
2010-12-18 22:14:23 ----D---- C:\Users\Antrac1t\AppData\Roaming\Skype
2010-12-18 22:14:20 ----D---- C:\ProgramData\Skype
2010-12-18 22:11:47 ----D---- C:\Program Files\SlikSvn
2010-12-18 22:05:42 ----D---- C:\Users\Antrac1t\AppData\Roaming\Sparx Systems
2010-12-18 22:04:27 ----D---- C:\Program Files (x86)\Sparx Systems
2010-12-17 14:38:43 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-12-17 12:41:03 ----D---- C:\Users\Antrac1t\AppData\Roaming\TS3Client
2010-12-17 12:40:52 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2010-12-17 12:37:28 ----D---- C:\ProgramData\boost_interprocess
2010-12-17 10:28:40 ----D---- C:\Users\Antrac1t\AppData\Roaming\dvdcss
2010-12-17 10:11:53 ----D---- C:\Program Files (x86)\glassfish-3.0.1
2010-12-17 10:04:19 ----D---- C:\Program Files (x86)\NetBeans 6.9.1
2010-12-17 10:01:40 ----A---- C:\Windows\system32\javaws.exe
2010-12-17 10:01:40 ----A---- C:\Windows\system32\javaw.exe
2010-12-17 10:01:40 ----A---- C:\Windows\system32\java.exe
2010-12-17 10:01:40 ----A---- C:\Windows\system32\deployJava1.dll
2010-12-17 09:59:46 ----D---- C:\Program Files\Java
2010-12-15 22:13:02 ----D---- C:\Users\Antrac1t\AppData\Roaming\DivX
2010-12-15 22:12:37 ----D---- C:\Program Files\DivX
2010-12-15 22:10:15 ----D---- C:\Program Files (x86)\DivX
2010-12-15 22:08:21 ----D---- C:\ProgramData\DivX
2010-12-15 21:41:24 ----D---- C:\Users\Antrac1t\AppData\Roaming\IrfanView
2010-12-15 21:41:24 ----D---- C:\Program Files (x86)\IrfanView
2010-12-15 18:49:04 ----D---- C:\Program Files (x86)\Steam
2010-12-15 08:45:20 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-15 08:45:20 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 08:45:14 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 08:45:14 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-15 08:45:13 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 08:45:13 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 08:45:13 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 08:45:13 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 08:45:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-15 08:45:09 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-15 08:45:09 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 08:45:09 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 08:45:08 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 08:45:07 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-15 08:45:07 ----A---- C:\Windows\system32\webio.dll
2010-12-15 08:45:05 ----A---- C:\Windows\system32\consent.exe
2010-12-15 08:45:02 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 08:45:01 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 08:45:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-15 08:45:00 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 08:44:59 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 08:44:58 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-15 08:44:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-15 08:44:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-15 08:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-15 08:44:55 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 08:44:55 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 08:44:54 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-14 21:13:30 ----D---- C:\Program Files (x86)\Bonjour
2010-12-14 13:58:54 ----D---- C:\Users\Antrac1t\AppData\Roaming\Creative
2010-12-14 13:57:26 ----D---- C:\ProgramData\Creative
2010-12-14 13:56:12 ----N---- C:\Windows\Ctregrun.exe
2010-12-14 13:52:55 ----HD---- C:\Program Files (x86)\Creative Installation Information
2010-12-14 13:52:32 ----RA---- C:\Windows\system32\xfisk.ini
2010-12-14 13:52:32 ----RA---- C:\Windows\system32\ctzapxx.ini
2010-12-14 13:52:32 ----A---- C:\Windows\system32\drivers\skfiltv.sys
2010-12-14 13:52:32 ----A---- C:\Windows\system32\ctppld.dll
2010-12-14 13:52:32 ----A---- C:\Windows\system32\ctdvinst.dll
2010-12-14 13:52:32 ----A---- C:\Windows\system32\CTAPO64.dll
2010-12-14 13:52:32 ----A---- C:\Windows\ResDefE.exe
2010-12-14 13:52:28 ----D---- C:\Program Files\Creative
2010-12-14 13:52:27 ----RA---- C:\Windows\SYSWOW64\CTAPO32.dll
2010-12-14 13:52:27 ----RA---- C:\Windows\skMCcfg.ini
2010-12-14 13:52:22 ----RA---- C:\Windows\SYSWOW64\tmp6864.tmp
2010-12-14 13:52:22 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2010-12-14 13:52:22 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2010-12-14 13:52:22 ----A---- C:\Windows\system32\wrap_oal.dll
2010-12-14 13:52:22 ----A---- C:\Windows\system32\OpenAL32.dll
2010-12-14 13:51:59 ----D---- C:\ProgramData\Creative Labs
2010-12-14 13:49:56 ----D---- C:\Program Files (x86)\Creative
2010-12-14 13:48:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-14 08:28:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2010-12-14 08:28:06 ----A---- C:\Windows\system32\msv1_0.dll
2010-12-14 08:19:14 ----D---- C:\Windows\SYSWOW64\Wat
2010-12-14 08:19:14 ----D---- C:\Windows\system32\Wat
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-12-14 00:07:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-12-14 00:07:17 ----A---- C:\Windows\system32\PresentationHost.exe
2010-12-14 00:07:17 ----A---- C:\Windows\system32\netfxperf.dll
2010-12-14 00:07:17 ----A---- C:\Windows\system32\mscoree.dll
2010-12-14 00:07:16 ----A---- C:\Windows\system32\dfshim.dll
2010-12-14 00:06:58 ----A---- C:\Windows\system32\browserchoice.exe
2010-12-13 22:37:40 ----D---- C:\Windows\Minidump
2010-12-13 21:56:53 ----D---- C:\Users\Antrac1t\AppData\Roaming\Autodesk
2010-12-13 21:54:00 ----D---- C:\ProgramData\FLEXnet
2010-12-13 16:47:38 ----D---- C:\ProgramData\NVIDIA
2010-12-13 15:42:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-12-13 15:41:18 ----D---- C:\ProgramData\NVIDIA Corporation
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\OpenCL.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvoglv64.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvgenco642030.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvdispco642050.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvd3dumx.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcuvid.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcuda.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcompiler.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvapi64.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-12-13 15:39:38 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-13 15:39:11 ----D---- C:\NVIDIA
2010-12-13 05:34:54 ----A---- C:\Windows\system32\drivers\ks.sys
2010-12-13 05:28:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2010-12-13 05:28:31 ----A---- C:\Windows\system32\asycfilt.dll
2010-12-13 05:28:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-12-13 05:28:27 ----A---- C:\Windows\system32\ntdll.dll
2010-12-13 05:28:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2010-12-13 05:28:24 ----A---- C:\Windows\system32\vbscript.dll
2010-12-13 05:28:23 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-12-13 05:28:23 ----A---- C:\Windows\system32\t2embed.dll
2010-12-13 05:28:21 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-12-13 05:28:21 ----A---- C:\Windows\system32\ole32.dll
2010-12-13 05:28:19 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-12-13 05:28:19 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-12-13 05:28:14 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2010-12-13 05:28:14 ----A---- C:\Windows\system32\CertEnroll.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate.exe
2010-12-13 05:27:52 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2010-12-13 05:27:38 ----A---- C:\Windows\system32\shell32.dll
2010-12-13 05:27:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-12-13 05:27:34 ----A---- C:\Windows\system32\inetcomm.dll
2010-12-13 05:27:33 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-12-13 05:27:32 ----A---- C:\Windows\system32\CPFilters.dll
2010-12-13 05:27:31 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2010-12-13 05:27:31 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-12-13 05:27:31 ----A---- C:\Windows\system32\psisdecd.dll
2010-12-13 05:27:31 ----A---- C:\Windows\system32\msdri.dll
2010-12-13 05:27:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-12-13 05:27:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-12-13 05:27:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-12-13 05:27:13 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-12-13 05:27:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-12-13 05:27:09 ----A---- C:\Windows\system32\schannel.dll
2010-12-13 05:27:06 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-12-13 05:27:06 ----A---- C:\Windows\system32\comctl32.dll
2010-12-13 05:27:04 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-12-13 05:27:04 ----A---- C:\Windows\system32\oleaut32.dll
2010-12-13 05:27:03 ----A---- C:\Windows\SYSWOW64\explorer.exe
2010-12-13 05:27:03 ----A---- C:\Windows\system32\winlogon.exe
2010-12-13 05:27:03 ----A---- C:\Windows\explorer.exe
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\user.exe
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\setup16.exe
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2010-12-13 05:26:58 ----A---- C:\Windows\system32\wow64.dll
2010-12-13 05:26:57 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-12-13 05:26:57 ----A---- C:\Windows\system32\rtutils.dll
2010-12-13 05:26:44 ----A---- C:\Windows\system32\spoolsv.exe
2010-12-13 05:26:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-12-13 05:26:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-12-13 05:26:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-12-13 05:26:41 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-12-13 05:26:41 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-12-13 05:26:40 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-12-13 05:26:40 ----A---- C:\Windows\system32\cdd.dll
2010-12-13 05:26:25 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-12-13 05:26:25 ----A---- C:\Windows\system32\wmpmde.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\quartz.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\tsbyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\quartz.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\msyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\msvidc32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\msrle32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\iyuv_32.dll
2010-12-13 05:26:10 ----A---- C:\Windows\system32\msxml3.dll
2010-12-13 05:26:09 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-12-13 05:26:07 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-12-13 05:26:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-12-13 05:26:06 ----A---- C:\Windows\system32\jscript.dll
2010-12-13 05:26:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2010-12-13 05:26:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2010-12-13 05:26:00 ----A---- C:\Windows\system32\lsasrv.dll
2010-12-13 05:26:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-12-13 05:25:45 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-12-13 05:25:45 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-12-13 05:25:44 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2010-12-13 05:25:44 ----A---- C:\Windows\system32\msasn1.dll
2010-12-13 05:25:43 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-12-13 05:25:43 ----A---- C:\Windows\system32\fontsub.dll
2010-12-13 05:25:21 ----A---- C:\Windows\system32\wmp.dll
2010-12-13 05:25:20 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-12-13 05:25:20 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-12-13 05:25:19 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-13 05:25:12 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-12-13 05:25:12 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-13 05:25:12 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-13 05:25:12 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-13 05:25:12 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-12 22:01:28 ----D---- C:\Windows\Panther
2010-12-12 21:21:31 ----D---- C:\Users\Antrac1t\AppData\Roaming\vlc
2010-12-12 21:20:47 ----D---- C:\Users\Antrac1t\AppData\Roaming\WinRAR
2010-12-12 16:12:16 ----D---- C:\ProgramData\Autodesk
2010-12-12 16:11:46 ----D---- C:\Program Files (x86)\Autodesk
2010-12-12 16:11:38 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-12-12 16:11:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-12-12 16:11:38 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-12-12 16:11:38 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-12-12 16:11:37 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-12-12 16:11:37 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-12-12 16:11:34 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-12-12 16:11:34 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-12-12 16:11:34 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-12-12 16:11:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-12-12 16:11:34 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-12-12 16:11:34 ----A---- C:\Windows\system32\d3dx10.dll
2010-12-12 16:11:33 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-12-12 16:11:33 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-12-12 15:48:53 ----D---- C:\Users\Antrac1t\AppData\Roaming\AdobeUM
2010-12-12 14:46:41 ----D---- C:\Program Files\WinRAR
2010-12-12 14:28:18 ----D---- C:\Users\Antrac1t\AppData\Roaming\Dropbox
2010-12-12 14:20:15 ----D---- C:\Program Files (x86)\VideoLAN
2010-12-12 14:19:50 ----D---- C:\ProgramData\Sun
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\java.exe
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-12-12 14:19:14 ----D---- C:\Program Files (x86)\Java
2010-12-12 14:13:59 ----D---- C:\ProgramData\Adobe
2010-12-12 14:13:50 ----D---- C:\Windows\SYSWOW64\spool
2010-12-12 14:13:20 ----D---- C:\Program Files (x86)\Adobe
2010-12-12 14:08:00 ----D---- C:\Users\Antrac1t\AppData\Roaming\Mozilla
2010-12-12 14:07:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-12 14:07:18 ----D---- C:\Program Files (x86)\Microsoft Works
2010-12-12 14:06:50 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-12-12 14:06:30 ----D---- C:\Windows\PCHEALTH
2010-12-12 14:06:30 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-12-12 14:04:17 ----D---- C:\Program Files\Microsoft Office
2010-12-12 14:04:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-12-12 14:03:28 ----D---- C:\ProgramData\Microsoft Help
2010-12-12 14:03:28 ----D---- C:\Program Files (x86)\Microsoft Office
2010-12-12 14:02:16 ----RD---- C:\MSOCache
2010-12-12 13:50:46 ----D---- C:\Windows\SYSWOW64\cs
2010-12-12 13:50:45 ----D---- C:\Windows\SYSWOW64\XPSViewer
2010-12-12 13:50:44 ----D---- C:\Windows\BitLockerDiscoveryVolumeContents
2010-12-12 13:50:31 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2010-12-12 13:50:21 ----D---- C:\Windows\system32\cs
2010-12-12 13:50:15 ----D---- C:\Program Files\Microsoft Games
2010-12-12 13:50:05 ----D---- C:\Windows\system32\BestPractices
2010-12-12 13:50:04 ----D---- C:\Windows\system32\0405
2010-12-12 13:49:51 ----D---- C:\Windows\cs-CZ
2010-12-12 13:49:42 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-12-12 13:49:13 ----D---- C:\Windows\system32\Vistalizator
2010-12-12 13:46:58 ----D---- C:\Program Files (x86)\Elaborate Bytes
2010-12-12 13:34:11 ----D---- C:\Program Files (x86)\Ask.com
2010-12-12 13:33:21 ----SHD---- C:\Windows\Installer
2010-12-12 13:32:41 ----D---- C:\Users\Antrac1t\AppData\Roaming\Trillian
2010-12-12 13:32:07 ----D---- C:\Program Files (x86)\Trillian
2010-12-12 13:30:04 ----N---- C:\Windows\system32\MpSigStub.exe
2010-12-12 13:20:18 ----D---- C:\Users\Antrac1t\AppData\Roaming\Macromedia
2010-12-12 13:20:18 ----D---- C:\Users\Antrac1t\AppData\Roaming\Adobe
2010-12-12 13:20:16 ----D---- C:\Windows\SYSWOW64\Macromed
2010-12-12 13:13:10 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2010-12-12 13:13:10 ----A---- C:\Windows\system32\wintrust.dll
2010-12-12 13:13:09 ----A---- C:\Windows\SYSWOW64\cabview.dll
2010-12-12 13:13:09 ----A---- C:\Windows\system32\cabview.dll
2010-12-12 13:11:31 ----D---- C:\Users\Antrac1t\AppData\Roaming\Identities
2010-12-12 13:11:13 ----SD---- C:\Users\Antrac1t\AppData\Roaming\Microsoft
2010-12-12 13:11:13 ----D---- C:\Users\Antrac1t\AppData\Roaming\Media Center Programs
2010-12-12 13:10:51 ----D---- C:\Recovery
2010-12-12 13:05:57 ----D---- C:\Windows\SoftwareDistribution
2010-12-12 13:03:35 ----D---- C:\Windows\Prefetch
2010-12-12 13:02:40 ----ASH---- C:\pagefile.sys
2010-12-12 13:02:36 ----SHD---- C:\System Volume Information
2010-12-12 13:02:36 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 months======
2010-12-31 13:58:14 ----D---- C:\Windows\Temp
2010-12-31 13:58:10 ----RD---- C:\Program Files
2010-12-31 09:50:47 ----D---- C:\Windows\system32\Tasks
2010-12-31 00:50:25 ----D---- C:\Windows\system32\config
2010-12-29 17:11:33 ----D---- C:\ProgramData
2010-12-29 17:11:32 ----RD---- C:\Program Files (x86)
2010-12-29 16:45:35 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-29 16:45:35 ----D---- C:\Windows\SysWOW64
2010-12-29 16:45:35 ----D---- C:\Windows\system32\drivers
2010-12-29 16:45:35 ----D---- C:\Windows\System32
2010-12-29 16:45:35 ----D---- C:\Windows\AppPatch
2010-12-29 16:45:32 ----D---- C:\Program Files\Common Files
2010-12-29 16:45:32 ----D---- C:\Program Files (x86)\Common Files
2010-12-29 16:03:07 ----D---- C:\Windows\debug
2010-12-29 16:02:31 ----D---- C:\Windows\Tasks
2010-12-29 15:56:51 ----D---- C:\Windows
2010-12-29 15:56:51 ----A---- C:\Windows\system.ini
2010-12-29 13:22:58 ----D---- C:\Windows\system32\DriverStore
2010-12-29 13:22:58 ----D---- C:\Windows\system32\catroot
2010-12-29 13:22:58 ----D---- C:\Windows\inf
2010-12-29 04:39:27 ----D---- C:\Windows\system32\wdi
2010-12-28 14:01:08 ----D---- C:\Windows\winsxs
2010-12-28 14:00:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-22 20:16:13 ----D---- C:\Windows\system32\catroot2
2010-12-22 15:25:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-20 17:30:28 ----D---- C:\Windows\Logs
2010-12-20 16:40:25 ----D---- C:\Windows\Microsoft.NET
2010-12-20 16:40:24 ----RSD---- C:\Windows\assembly
2010-12-17 17:49:17 ----D---- C:\Windows\Registration
2010-12-17 14:47:11 ----D---- C:\Windows\SYSWOW64\en-US
2010-12-17 14:47:11 ----D---- C:\Windows\system32\en-US
2010-12-17 14:40:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-17 14:40:17 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 15:05:42 ----D---- C:\Program Files\Windows Mail
2010-12-15 15:05:42 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-15 15:05:39 ----D---- C:\Windows\SYSWOW64\migration
2010-12-15 15:05:39 ----D---- C:\Program Files\Internet Explorer
2010-12-15 15:05:39 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-15 15:05:38 ----D---- C:\Windows\system32\migration
2010-12-14 21:12:19 ----RSD---- C:\Windows\Fonts
2010-12-14 15:58:10 ----SD---- C:\ProgramData\Microsoft
2010-12-14 15:58:05 ----D---- C:\Windows\system32\drivers\UMDF
2010-12-14 14:04:15 ----D---- C:\Windows\Downloaded Program Files
2010-12-14 08:39:47 ----D---- C:\Windows\ehome
2010-12-13 15:41:59 ----D---- C:\Windows\Help
2010-12-13 11:06:10 ----D---- C:\Program Files (x86)\Windows Media Player
2010-12-13 11:06:08 ----D---- C:\Program Files\Windows Media Player
2010-12-12 17:26:41 ----D---- C:\Windows\system32\LogFiles
2010-12-12 14:07:06 ----D---- C:\Program Files (x86)\MSBuild
2010-12-12 14:06:47 ----D---- C:\Windows\ShellNew
2010-12-12 14:03:52 ----A---- C:\Windows\win.ini
2010-12-12 13:50:45 ----D---- C:\Windows\SYSWOW64\winrm
2010-12-12 13:50:45 ----D---- C:\Windows\SYSWOW64\WCN
2010-12-12 13:50:44 ----D---- C:\Windows\SYSWOW64\slmgr
2010-12-12 13:50:44 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2010-12-12 13:50:44 ----D---- C:\Windows\SYSWOW64\DriverStore
2010-12-12 13:50:44 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-12-12 13:50:42 ----D---- C:\Windows\SYSWOW64\migwiz
2010-12-12 13:50:41 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-12-12 13:50:38 ----D---- C:\Windows\SYSWOW64\Dism
2010-12-12 13:50:37 ----D---- C:\Windows\SYSWOW64\com
2010-12-12 13:50:35 ----D---- C:\Program Files (x86)\Windows Defender
2010-12-12 13:50:33 ----D---- C:\Windows\SYSWOW64\MUI
2010-12-12 13:50:31 ----D---- C:\Windows\SYSWOW64\wbem
2010-12-12 13:50:31 ----D---- C:\Windows\SYSWOW64\inetsrv
2010-12-12 13:50:27 ----D---- C:\Windows\en-US
2010-12-12 13:50:24 ----D---- C:\Program Files\Windows Defender
2010-12-12 13:50:17 ----D---- C:\Windows\system32\winrm
2010-12-12 13:50:17 ----D---- C:\Windows\system32\WCN
2010-12-12 13:50:17 ----D---- C:\Program Files\Common Files\System
2010-12-12 13:50:16 ----D---- C:\Windows\system32\sysprep
2010-12-12 13:50:16 ----D---- C:\Program Files\Windows Journal
2010-12-12 13:50:15 ----D---- C:\Windows\system32\slmgr
2010-12-12 13:50:15 ----D---- C:\Windows\servicing
2010-12-12 13:50:15 ----D---- C:\Windows\IME
2010-12-12 13:50:15 ----D---- C:\Program Files\Windows Sidebar
2010-12-12 13:50:13 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-12-12 13:50:11 ----D---- C:\Windows\system32\MUI
2010-12-12 13:50:05 ----D---- C:\Windows\system32\migwiz
2010-12-12 13:50:05 ----D---- C:\Program Files\Windows Photo Viewer
2010-12-12 13:50:04 ----D---- C:\Windows\system32\inetsrv
2010-12-12 13:50:00 ----D---- C:\Windows\system32\oobe
2010-12-12 13:49:55 ----D---- C:\Windows\system32\wbem
2010-12-12 13:49:55 ----D---- C:\Windows\system32\Dism
2010-12-12 13:49:53 ----D---- C:\Windows\system32\com
2010-12-12 13:49:53 ----D---- C:\Program Files\DVD Maker
2010-12-12 13:49:51 ----D---- C:\Windows\system32\Boot
2010-12-12 13:49:46 ----D---- C:\Windows\PolicyDefinitions
2010-12-12 13:16:46 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-12 13:13:12 ----D---- C:\Windows\system32\restore
2010-12-12 13:11:10 ----RD---- C:\Users
2010-12-12 13:10:51 ----D---- C:\Windows\system32\Recovery
2010-12-12 13:10:26 ----D---- C:\Windows\rescache
2010-12-12 13:03:30 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 69152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-17 34472]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2006-11-18 55296]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-12-03 17440]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 46592]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Garena\safedrv.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Antrac1t at 2010-12-31 13:58:08
Microsoft Windows 7 Professional
System drive C: has 31 GB (35%) free of 90 GB
Total RAM: 2046 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:19, on 31.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\PROGRA~2\FREEDO~1\fdm.exe
C:\Program Files\trend micro\Antrac1t.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Trillian Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - Startup: Dropbox.lnk = Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12611 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe" start
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
"C:\Program Files (x86)\Trillian\trillian.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3876.9928f60.281436886 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 3876 plugin \\.\pipe\gecko-crash-server-pipe.3876
"C:\Windows\system32\Wat\WatUX.exe" hrOffline=0x8004FE21
"C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe" "C:\Users\Antrac1t\Documents\škola FEL\zimni 10-11\dsa\Algorithms and Data Structures.pdf"
C:\PROGRA~2\FREEDO~1\fdm.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe33_ Global\UsGthrCtrlFltPipeMssGthrPipe33 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Antrac1t\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-17 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Trillian Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Trillian Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.2\ICQ.exe [2010-12-25 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-12-03 14944136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-12-15 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Acrobat Assistant 7.0"=C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"VolPanel"=C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2009-07-07 241789]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Antrac1t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.inf - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
.inf - install - %SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\WScript.exe "%1" %*
.cpl - cplopen - %SystemRoot%\SysWow64\control.exe "%1",%*
======List of files/folders created in the last 1 months======
2010-12-31 13:58:10 ----D---- C:\Program Files\trend micro
2010-12-31 13:58:08 ----D---- C:\rsit
2010-12-29 17:12:46 ----D---- C:\Users\Antrac1t\AppData\Roaming\Free Download Manager
2010-12-29 17:11:33 ----D---- C:\ProgramData\FreeDownloadManager.ORG
2010-12-29 17:11:32 ----D---- C:\Program Files (x86)\Free Download Manager
2010-12-29 16:35:44 ----A---- C:\Windows\zip.exe
2010-12-29 16:35:44 ----A---- C:\Windows\SWSC.exe
2010-12-29 16:35:44 ----A---- C:\Windows\SWREG.exe
2010-12-29 16:35:44 ----A---- C:\Windows\sed.exe
2010-12-29 16:35:44 ----A---- C:\Windows\PEV.exe
2010-12-29 16:35:44 ----A---- C:\Windows\NIRCMD.exe
2010-12-29 16:35:44 ----A---- C:\Windows\MBR.exe
2010-12-29 16:35:44 ----A---- C:\Windows\grep.exe
2010-12-29 16:35:29 ----D---- C:\Windows\ERDNT
2010-12-29 16:35:26 ----D---- C:\ComboFix
2010-12-29 16:34:51 ----D---- C:\Qoobox
2010-12-29 16:34:27 ----A---- C:\Windows\SWXCACLS.exe
2010-12-29 16:29:53 ----D---- C:\Downloads
2010-12-29 16:11:05 ----D---- C:\Users\Antrac1t\AppData\Roaming\Malwarebytes
2010-12-29 16:10:46 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-12-29 16:10:45 ----D---- C:\ProgramData\Malwarebytes
2010-12-29 16:10:41 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-12-29 16:10:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-29 16:03:28 ----SHD---- C:\$RECYCLE.BIN
2010-12-29 16:01:40 ----D---- C:\Program Files\CCleaner
2010-12-29 13:50:12 ----A---- C:\libmmd.dll
2010-12-29 13:35:16 ----D---- C:\Program Files\Common Files\ChaosGroup
2010-12-29 13:27:57 ----A---- C:\startvrlservice_log.txt
2010-12-29 13:23:05 ----A---- C:\Windows\SYSWOW64\WkExt32.dll
2010-12-29 13:23:05 ----A---- C:\Windows\SYSWOW64\WibuXpm4J32.dll
2010-12-29 13:23:05 ----A---- C:\Windows\SYSWOW64\wibuKJni.dll
2010-12-29 13:23:05 ----A---- C:\Windows\system32\WkExt64.dll
2010-12-29 13:23:05 ----A---- C:\Windows\system32\WibuXpm4J64.dll
2010-12-29 13:23:05 ----A---- C:\Windows\system32\wibuKJni64.dll
2010-12-29 13:22:36 ----A---- C:\Windows\system32\drivers\Wibukey2_64.sys
2010-12-29 13:22:26 ----A---- C:\Windows\system32\drivers\WibuKey64.sys
2010-12-29 13:22:25 ----A---- C:\Windows\SYSWOW64\WkWin32.dll
2010-12-29 13:22:25 ----A---- C:\Windows\system32\WkWin64.dll
2010-12-29 13:22:15 ----D---- C:\Program Files\WIBU-SYSTEMS
2010-12-29 13:22:15 ----D---- C:\Program Files (x86)\WIBU-SYSTEMS
2010-12-29 13:22:15 ----D---- C:\Program Files (x86)\WIBUKEY
2010-12-29 10:19:23 ----A---- C:\Windows\system32\lsdelete.exe
2010-12-28 14:17:30 ----DC---- C:\Windows\system32\DRVSTORE
2010-12-28 14:17:30 ----A---- C:\Windows\system32\drivers\Lbd.sys
2010-12-28 14:17:26 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-12-28 14:01:42 ----HDC---- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-28 14:01:18 ----D---- C:\ProgramData\Lavasoft
2010-12-28 14:01:18 ----D---- C:\Program Files (x86)\Lavasoft
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-12-26 16:30:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-12-26 12:15:13 ----D---- C:\Program Files (x86)\FreeTime
2010-12-25 17:40:32 ----D---- C:\Program Files (x86)\Aiseesoft Studio
2010-12-25 17:35:55 ----D---- C:\Program Files (x86)\MKVtoolnix
2010-12-25 09:49:32 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2010-12-25 09:49:28 ----D---- C:\ProgramData\ICQ
2010-12-25 09:49:00 ----D---- C:\Users\Antrac1t\AppData\Roaming\ICQ
2010-12-25 09:48:51 ----D---- C:\Program Files (x86)\ICQ7.2
2010-12-19 21:53:15 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-12-18 22:16:04 ----D---- C:\Users\Antrac1t\AppData\Roaming\skypePM
2010-12-18 22:14:30 ----D---- C:\Users\Antrac1t\AppData\Roaming\Subversion
2010-12-18 22:14:25 ----RD---- C:\Program Files (x86)\Skype
2010-12-18 22:14:23 ----D---- C:\Users\Antrac1t\AppData\Roaming\Skype
2010-12-18 22:14:20 ----D---- C:\ProgramData\Skype
2010-12-18 22:11:47 ----D---- C:\Program Files\SlikSvn
2010-12-18 22:05:42 ----D---- C:\Users\Antrac1t\AppData\Roaming\Sparx Systems
2010-12-18 22:04:27 ----D---- C:\Program Files (x86)\Sparx Systems
2010-12-17 14:38:43 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-12-17 12:41:03 ----D---- C:\Users\Antrac1t\AppData\Roaming\TS3Client
2010-12-17 12:40:52 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2010-12-17 12:37:28 ----D---- C:\ProgramData\boost_interprocess
2010-12-17 10:28:40 ----D---- C:\Users\Antrac1t\AppData\Roaming\dvdcss
2010-12-17 10:11:53 ----D---- C:\Program Files (x86)\glassfish-3.0.1
2010-12-17 10:04:19 ----D---- C:\Program Files (x86)\NetBeans 6.9.1
2010-12-17 10:01:40 ----A---- C:\Windows\system32\javaws.exe
2010-12-17 10:01:40 ----A---- C:\Windows\system32\javaw.exe
2010-12-17 10:01:40 ----A---- C:\Windows\system32\java.exe
2010-12-17 10:01:40 ----A---- C:\Windows\system32\deployJava1.dll
2010-12-17 09:59:46 ----D---- C:\Program Files\Java
2010-12-15 22:13:02 ----D---- C:\Users\Antrac1t\AppData\Roaming\DivX
2010-12-15 22:12:37 ----D---- C:\Program Files\DivX
2010-12-15 22:10:15 ----D---- C:\Program Files (x86)\DivX
2010-12-15 22:08:21 ----D---- C:\ProgramData\DivX
2010-12-15 21:41:24 ----D---- C:\Users\Antrac1t\AppData\Roaming\IrfanView
2010-12-15 21:41:24 ----D---- C:\Program Files (x86)\IrfanView
2010-12-15 18:49:04 ----D---- C:\Program Files (x86)\Steam
2010-12-15 08:45:20 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-15 08:45:20 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 08:45:14 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 08:45:14 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-15 08:45:13 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-15 08:45:13 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 08:45:13 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 08:45:13 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 08:45:13 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 08:45:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-15 08:45:09 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-15 08:45:09 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 08:45:09 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 08:45:08 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 08:45:07 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-15 08:45:07 ----A---- C:\Windows\system32\webio.dll
2010-12-15 08:45:05 ----A---- C:\Windows\system32\consent.exe
2010-12-15 08:45:02 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 08:45:01 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 08:45:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-15 08:45:00 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 08:44:59 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 08:44:58 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-15 08:44:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-15 08:44:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-15 08:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-15 08:44:55 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 08:44:55 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-15 08:44:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 08:44:54 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 08:44:54 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-14 21:13:30 ----D---- C:\Program Files (x86)\Bonjour
2010-12-14 13:58:54 ----D---- C:\Users\Antrac1t\AppData\Roaming\Creative
2010-12-14 13:57:26 ----D---- C:\ProgramData\Creative
2010-12-14 13:56:12 ----N---- C:\Windows\Ctregrun.exe
2010-12-14 13:52:55 ----HD---- C:\Program Files (x86)\Creative Installation Information
2010-12-14 13:52:32 ----RA---- C:\Windows\system32\xfisk.ini
2010-12-14 13:52:32 ----RA---- C:\Windows\system32\ctzapxx.ini
2010-12-14 13:52:32 ----A---- C:\Windows\system32\drivers\skfiltv.sys
2010-12-14 13:52:32 ----A---- C:\Windows\system32\ctppld.dll
2010-12-14 13:52:32 ----A---- C:\Windows\system32\ctdvinst.dll
2010-12-14 13:52:32 ----A---- C:\Windows\system32\CTAPO64.dll
2010-12-14 13:52:32 ----A---- C:\Windows\ResDefE.exe
2010-12-14 13:52:28 ----D---- C:\Program Files\Creative
2010-12-14 13:52:27 ----RA---- C:\Windows\SYSWOW64\CTAPO32.dll
2010-12-14 13:52:27 ----RA---- C:\Windows\skMCcfg.ini
2010-12-14 13:52:22 ----RA---- C:\Windows\SYSWOW64\tmp6864.tmp
2010-12-14 13:52:22 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2010-12-14 13:52:22 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2010-12-14 13:52:22 ----A---- C:\Windows\system32\wrap_oal.dll
2010-12-14 13:52:22 ----A---- C:\Windows\system32\OpenAL32.dll
2010-12-14 13:51:59 ----D---- C:\ProgramData\Creative Labs
2010-12-14 13:49:56 ----D---- C:\Program Files (x86)\Creative
2010-12-14 13:48:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-14 08:28:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2010-12-14 08:28:06 ----A---- C:\Windows\system32\msv1_0.dll
2010-12-14 08:19:14 ----D---- C:\Windows\SYSWOW64\Wat
2010-12-14 08:19:14 ----D---- C:\Windows\system32\Wat
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-12-14 00:07:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-12-14 00:07:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-12-14 00:07:17 ----A---- C:\Windows\system32\PresentationHost.exe
2010-12-14 00:07:17 ----A---- C:\Windows\system32\netfxperf.dll
2010-12-14 00:07:17 ----A---- C:\Windows\system32\mscoree.dll
2010-12-14 00:07:16 ----A---- C:\Windows\system32\dfshim.dll
2010-12-14 00:06:58 ----A---- C:\Windows\system32\browserchoice.exe
2010-12-13 22:37:40 ----D---- C:\Windows\Minidump
2010-12-13 21:56:53 ----D---- C:\Users\Antrac1t\AppData\Roaming\Autodesk
2010-12-13 21:54:00 ----D---- C:\ProgramData\FLEXnet
2010-12-13 16:47:38 ----D---- C:\ProgramData\NVIDIA
2010-12-13 15:42:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-12-13 15:41:18 ----D---- C:\ProgramData\NVIDIA Corporation
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2010-12-13 15:40:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\OpenCL.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvoglv64.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvgenco642030.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvdispco642050.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvd3dumx.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcuvid.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcuda.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvcompiler.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\nvapi64.dll
2010-12-13 15:40:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-12-13 15:39:38 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-13 15:39:11 ----D---- C:\NVIDIA
2010-12-13 05:34:54 ----A---- C:\Windows\system32\drivers\ks.sys
2010-12-13 05:28:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2010-12-13 05:28:31 ----A---- C:\Windows\system32\asycfilt.dll
2010-12-13 05:28:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-12-13 05:28:27 ----A---- C:\Windows\system32\ntdll.dll
2010-12-13 05:28:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2010-12-13 05:28:24 ----A---- C:\Windows\system32\vbscript.dll
2010-12-13 05:28:23 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-12-13 05:28:23 ----A---- C:\Windows\system32\t2embed.dll
2010-12-13 05:28:21 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-12-13 05:28:21 ----A---- C:\Windows\system32\ole32.dll
2010-12-13 05:28:19 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-12-13 05:28:19 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-12-13 05:28:14 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2010-12-13 05:28:14 ----A---- C:\Windows\system32\CertEnroll.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\secproc.dll
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc_isv.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\secproc.dll
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-12-13 05:27:53 ----A---- C:\Windows\system32\RMActivate.exe
2010-12-13 05:27:52 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2010-12-13 05:27:38 ----A---- C:\Windows\system32\shell32.dll
2010-12-13 05:27:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-12-13 05:27:34 ----A---- C:\Windows\system32\inetcomm.dll
2010-12-13 05:27:33 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-12-13 05:27:32 ----A---- C:\Windows\system32\CPFilters.dll
2010-12-13 05:27:31 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2010-12-13 05:27:31 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-12-13 05:27:31 ----A---- C:\Windows\system32\psisdecd.dll
2010-12-13 05:27:31 ----A---- C:\Windows\system32\msdri.dll
2010-12-13 05:27:18 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-12-13 05:27:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-12-13 05:27:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-12-13 05:27:13 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-12-13 05:27:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-12-13 05:27:09 ----A---- C:\Windows\system32\schannel.dll
2010-12-13 05:27:06 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-12-13 05:27:06 ----A---- C:\Windows\system32\comctl32.dll
2010-12-13 05:27:04 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-12-13 05:27:04 ----A---- C:\Windows\system32\oleaut32.dll
2010-12-13 05:27:03 ----A---- C:\Windows\SYSWOW64\explorer.exe
2010-12-13 05:27:03 ----A---- C:\Windows\system32\winlogon.exe
2010-12-13 05:27:03 ----A---- C:\Windows\explorer.exe
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\user.exe
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\setup16.exe
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2010-12-13 05:26:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2010-12-13 05:26:58 ----A---- C:\Windows\system32\wow64.dll
2010-12-13 05:26:57 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-12-13 05:26:57 ----A---- C:\Windows\system32\rtutils.dll
2010-12-13 05:26:44 ----A---- C:\Windows\system32\spoolsv.exe
2010-12-13 05:26:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-12-13 05:26:43 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-12-13 05:26:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-12-13 05:26:41 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-12-13 05:26:41 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-12-13 05:26:40 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-12-13 05:26:40 ----A---- C:\Windows\system32\cdd.dll
2010-12-13 05:26:25 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-12-13 05:26:25 ----A---- C:\Windows\system32\wmpmde.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\quartz.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\tsbyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\quartz.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\msyuv.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\msvidc32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\msrle32.dll
2010-12-13 05:26:23 ----A---- C:\Windows\system32\iyuv_32.dll
2010-12-13 05:26:10 ----A---- C:\Windows\system32\msxml3.dll
2010-12-13 05:26:09 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-12-13 05:26:07 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-12-13 05:26:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-12-13 05:26:06 ----A---- C:\Windows\system32\jscript.dll
2010-12-13 05:26:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2010-12-13 05:26:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2010-12-13 05:26:00 ----A---- C:\Windows\system32\lsasrv.dll
2010-12-13 05:26:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-12-13 05:25:45 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-12-13 05:25:45 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-12-13 05:25:44 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2010-12-13 05:25:44 ----A---- C:\Windows\system32\msasn1.dll
2010-12-13 05:25:43 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-12-13 05:25:43 ----A---- C:\Windows\system32\fontsub.dll
2010-12-13 05:25:21 ----A---- C:\Windows\system32\wmp.dll
2010-12-13 05:25:20 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-12-13 05:25:20 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-12-13 05:25:19 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-13 05:25:12 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-12-13 05:25:12 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-13 05:25:12 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-13 05:25:12 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-13 05:25:12 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-12 22:01:28 ----D---- C:\Windows\Panther
2010-12-12 21:21:31 ----D---- C:\Users\Antrac1t\AppData\Roaming\vlc
2010-12-12 21:20:47 ----D---- C:\Users\Antrac1t\AppData\Roaming\WinRAR
2010-12-12 16:12:16 ----D---- C:\ProgramData\Autodesk
2010-12-12 16:11:46 ----D---- C:\Program Files (x86)\Autodesk
2010-12-12 16:11:38 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-12-12 16:11:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-12-12 16:11:38 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-12-12 16:11:38 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-12-12 16:11:37 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-12-12 16:11:37 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-12-12 16:11:36 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-12-12 16:11:34 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-12-12 16:11:34 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-12-12 16:11:34 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-12-12 16:11:34 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-12-12 16:11:34 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-12-12 16:11:34 ----A---- C:\Windows\system32\d3dx10.dll
2010-12-12 16:11:33 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-12-12 16:11:33 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-12-12 15:48:53 ----D---- C:\Users\Antrac1t\AppData\Roaming\AdobeUM
2010-12-12 14:46:41 ----D---- C:\Program Files\WinRAR
2010-12-12 14:28:18 ----D---- C:\Users\Antrac1t\AppData\Roaming\Dropbox
2010-12-12 14:20:15 ----D---- C:\Program Files (x86)\VideoLAN
2010-12-12 14:19:50 ----D---- C:\ProgramData\Sun
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\java.exe
2010-12-12 14:19:31 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-12-12 14:19:14 ----D---- C:\Program Files (x86)\Java
2010-12-12 14:13:59 ----D---- C:\ProgramData\Adobe
2010-12-12 14:13:50 ----D---- C:\Windows\SYSWOW64\spool
2010-12-12 14:13:20 ----D---- C:\Program Files (x86)\Adobe
2010-12-12 14:08:00 ----D---- C:\Users\Antrac1t\AppData\Roaming\Mozilla
2010-12-12 14:07:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-12 14:07:18 ----D---- C:\Program Files (x86)\Microsoft Works
2010-12-12 14:06:50 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-12-12 14:06:30 ----D---- C:\Windows\PCHEALTH
2010-12-12 14:06:30 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-12-12 14:04:17 ----D---- C:\Program Files\Microsoft Office
2010-12-12 14:04:13 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-12-12 14:03:28 ----D---- C:\ProgramData\Microsoft Help
2010-12-12 14:03:28 ----D---- C:\Program Files (x86)\Microsoft Office
2010-12-12 14:02:16 ----RD---- C:\MSOCache
2010-12-12 13:50:46 ----D---- C:\Windows\SYSWOW64\cs
2010-12-12 13:50:45 ----D---- C:\Windows\SYSWOW64\XPSViewer
2010-12-12 13:50:44 ----D---- C:\Windows\BitLockerDiscoveryVolumeContents
2010-12-12 13:50:31 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2010-12-12 13:50:21 ----D---- C:\Windows\system32\cs
2010-12-12 13:50:15 ----D---- C:\Program Files\Microsoft Games
2010-12-12 13:50:05 ----D---- C:\Windows\system32\BestPractices
2010-12-12 13:50:04 ----D---- C:\Windows\system32\0405
2010-12-12 13:49:51 ----D---- C:\Windows\cs-CZ
2010-12-12 13:49:42 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-12-12 13:49:13 ----D---- C:\Windows\system32\Vistalizator
2010-12-12 13:46:58 ----D---- C:\Program Files (x86)\Elaborate Bytes
2010-12-12 13:34:11 ----D---- C:\Program Files (x86)\Ask.com
2010-12-12 13:33:21 ----SHD---- C:\Windows\Installer
2010-12-12 13:32:41 ----D---- C:\Users\Antrac1t\AppData\Roaming\Trillian
2010-12-12 13:32:07 ----D---- C:\Program Files (x86)\Trillian
2010-12-12 13:30:04 ----N---- C:\Windows\system32\MpSigStub.exe
2010-12-12 13:20:18 ----D---- C:\Users\Antrac1t\AppData\Roaming\Macromedia
2010-12-12 13:20:18 ----D---- C:\Users\Antrac1t\AppData\Roaming\Adobe
2010-12-12 13:20:16 ----D---- C:\Windows\SYSWOW64\Macromed
2010-12-12 13:13:10 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2010-12-12 13:13:10 ----A---- C:\Windows\system32\wintrust.dll
2010-12-12 13:13:09 ----A---- C:\Windows\SYSWOW64\cabview.dll
2010-12-12 13:13:09 ----A---- C:\Windows\system32\cabview.dll
2010-12-12 13:11:31 ----D---- C:\Users\Antrac1t\AppData\Roaming\Identities
2010-12-12 13:11:13 ----SD---- C:\Users\Antrac1t\AppData\Roaming\Microsoft
2010-12-12 13:11:13 ----D---- C:\Users\Antrac1t\AppData\Roaming\Media Center Programs
2010-12-12 13:10:51 ----D---- C:\Recovery
2010-12-12 13:05:57 ----D---- C:\Windows\SoftwareDistribution
2010-12-12 13:03:35 ----D---- C:\Windows\Prefetch
2010-12-12 13:02:40 ----ASH---- C:\pagefile.sys
2010-12-12 13:02:36 ----SHD---- C:\System Volume Information
2010-12-12 13:02:36 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 months======
2010-12-31 13:58:14 ----D---- C:\Windows\Temp
2010-12-31 13:58:10 ----RD---- C:\Program Files
2010-12-31 09:50:47 ----D---- C:\Windows\system32\Tasks
2010-12-31 00:50:25 ----D---- C:\Windows\system32\config
2010-12-29 17:11:33 ----D---- C:\ProgramData
2010-12-29 17:11:32 ----RD---- C:\Program Files (x86)
2010-12-29 16:45:35 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-29 16:45:35 ----D---- C:\Windows\SysWOW64
2010-12-29 16:45:35 ----D---- C:\Windows\system32\drivers
2010-12-29 16:45:35 ----D---- C:\Windows\System32
2010-12-29 16:45:35 ----D---- C:\Windows\AppPatch
2010-12-29 16:45:32 ----D---- C:\Program Files\Common Files
2010-12-29 16:45:32 ----D---- C:\Program Files (x86)\Common Files
2010-12-29 16:03:07 ----D---- C:\Windows\debug
2010-12-29 16:02:31 ----D---- C:\Windows\Tasks
2010-12-29 15:56:51 ----D---- C:\Windows
2010-12-29 15:56:51 ----A---- C:\Windows\system.ini
2010-12-29 13:22:58 ----D---- C:\Windows\system32\DriverStore
2010-12-29 13:22:58 ----D---- C:\Windows\system32\catroot
2010-12-29 13:22:58 ----D---- C:\Windows\inf
2010-12-29 04:39:27 ----D---- C:\Windows\system32\wdi
2010-12-28 14:01:08 ----D---- C:\Windows\winsxs
2010-12-28 14:00:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-22 20:16:13 ----D---- C:\Windows\system32\catroot2
2010-12-22 15:25:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-20 17:30:28 ----D---- C:\Windows\Logs
2010-12-20 16:40:25 ----D---- C:\Windows\Microsoft.NET
2010-12-20 16:40:24 ----RSD---- C:\Windows\assembly
2010-12-17 17:49:17 ----D---- C:\Windows\Registration
2010-12-17 14:47:11 ----D---- C:\Windows\SYSWOW64\en-US
2010-12-17 14:47:11 ----D---- C:\Windows\system32\en-US
2010-12-17 14:40:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-17 14:40:17 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 15:05:42 ----D---- C:\Program Files\Windows Mail
2010-12-15 15:05:42 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-15 15:05:39 ----D---- C:\Windows\SYSWOW64\migration
2010-12-15 15:05:39 ----D---- C:\Program Files\Internet Explorer
2010-12-15 15:05:39 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-15 15:05:38 ----D---- C:\Windows\system32\migration
2010-12-14 21:12:19 ----RSD---- C:\Windows\Fonts
2010-12-14 15:58:10 ----SD---- C:\ProgramData\Microsoft
2010-12-14 15:58:05 ----D---- C:\Windows\system32\drivers\UMDF
2010-12-14 14:04:15 ----D---- C:\Windows\Downloaded Program Files
2010-12-14 08:39:47 ----D---- C:\Windows\ehome
2010-12-13 15:41:59 ----D---- C:\Windows\Help
2010-12-13 11:06:10 ----D---- C:\Program Files (x86)\Windows Media Player
2010-12-13 11:06:08 ----D---- C:\Program Files\Windows Media Player
2010-12-12 17:26:41 ----D---- C:\Windows\system32\LogFiles
2010-12-12 14:07:06 ----D---- C:\Program Files (x86)\MSBuild
2010-12-12 14:06:47 ----D---- C:\Windows\ShellNew
2010-12-12 14:03:52 ----A---- C:\Windows\win.ini
2010-12-12 13:50:45 ----D---- C:\Windows\SYSWOW64\winrm
2010-12-12 13:50:45 ----D---- C:\Windows\SYSWOW64\WCN
2010-12-12 13:50:44 ----D---- C:\Windows\SYSWOW64\slmgr
2010-12-12 13:50:44 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2010-12-12 13:50:44 ----D---- C:\Windows\SYSWOW64\DriverStore
2010-12-12 13:50:44 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-12-12 13:50:42 ----D---- C:\Windows\SYSWOW64\migwiz
2010-12-12 13:50:41 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-12-12 13:50:38 ----D---- C:\Windows\SYSWOW64\Dism
2010-12-12 13:50:37 ----D---- C:\Windows\SYSWOW64\com
2010-12-12 13:50:35 ----D---- C:\Program Files (x86)\Windows Defender
2010-12-12 13:50:33 ----D---- C:\Windows\SYSWOW64\MUI
2010-12-12 13:50:31 ----D---- C:\Windows\SYSWOW64\wbem
2010-12-12 13:50:31 ----D---- C:\Windows\SYSWOW64\inetsrv
2010-12-12 13:50:27 ----D---- C:\Windows\en-US
2010-12-12 13:50:24 ----D---- C:\Program Files\Windows Defender
2010-12-12 13:50:17 ----D---- C:\Windows\system32\winrm
2010-12-12 13:50:17 ----D---- C:\Windows\system32\WCN
2010-12-12 13:50:17 ----D---- C:\Program Files\Common Files\System
2010-12-12 13:50:16 ----D---- C:\Windows\system32\sysprep
2010-12-12 13:50:16 ----D---- C:\Program Files\Windows Journal
2010-12-12 13:50:15 ----D---- C:\Windows\system32\slmgr
2010-12-12 13:50:15 ----D---- C:\Windows\servicing
2010-12-12 13:50:15 ----D---- C:\Windows\IME
2010-12-12 13:50:15 ----D---- C:\Program Files\Windows Sidebar
2010-12-12 13:50:13 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-12-12 13:50:11 ----D---- C:\Windows\system32\MUI
2010-12-12 13:50:05 ----D---- C:\Windows\system32\migwiz
2010-12-12 13:50:05 ----D---- C:\Program Files\Windows Photo Viewer
2010-12-12 13:50:04 ----D---- C:\Windows\system32\inetsrv
2010-12-12 13:50:00 ----D---- C:\Windows\system32\oobe
2010-12-12 13:49:55 ----D---- C:\Windows\system32\wbem
2010-12-12 13:49:55 ----D---- C:\Windows\system32\Dism
2010-12-12 13:49:53 ----D---- C:\Windows\system32\com
2010-12-12 13:49:53 ----D---- C:\Program Files\DVD Maker
2010-12-12 13:49:51 ----D---- C:\Windows\system32\Boot
2010-12-12 13:49:46 ----D---- C:\Windows\PolicyDefinitions
2010-12-12 13:16:46 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-12 13:13:12 ----D---- C:\Windows\system32\restore
2010-12-12 13:11:10 ----RD---- C:\Users
2010-12-12 13:10:51 ----D---- C:\Windows\system32\Recovery
2010-12-12 13:10:26 ----D---- C:\Windows\rescache
2010-12-12 13:03:30 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 69152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-17 34472]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2006-11-18 55296]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2009-12-03 103224]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-12-03 17440]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 skfiltv;skfiltv; C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 24064]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 46592]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Garena\safedrv.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
Re: Kontrola logu
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-08-29 286720]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-03 1389400]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit; C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 989800]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-14 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-14 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-12 651720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-12-15 403240]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-08-29 286720]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-03 1389400]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit; C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 989800]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-14 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-14 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-12 651720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-12-15 403240]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: Kontrola logu
Jak to ted vypadá s počítačem?
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
hodiny jsou jiz v poradku, ale problem ohledne zatuhnuti notasu porad pretrvava a zacinam se bat at to nema pricinu zeleziteho razu 
...
Tady je log
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5416
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
31.12.2010 17:50:38
mbam-log-2010-12-31 (17-50-38).txt
Typ kontroly: Úplný test (C:\|)
Testované objekty: 333746
Uplynulý čas: 1 hodin, 0 minut, 25 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
...Tady je log
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5416
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
31.12.2010 17:50:38
mbam-log-2010-12-31 (17-50-38).txt
Typ kontroly: Úplný test (C:\|)
Testované objekty: 333746
Uplynulý čas: 1 hodin, 0 minut, 25 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Re: Kontrola logu
Aktualizujte combofix a spustte ho znovu, log vložte zde.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
ComboFix 10-12-31.01 - Antrac1t 31.12.2010 21:42:59.2.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2046.1405 [GMT 1:00]
Spuštěný z: C:\Users\Antrac1t\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\system32\arp.exe . . . . nemohl být smazán
C:\Windows\system32\slwga.dll . . . . nemohl být smazán
C:\Windows\system32\systemcpl.dll . . . . nemohl být smazán
.
---- Předchozí spuštění -------
.
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
C:\Windows\system32\arp.exe . . . . nemohl být smazán
C:\Windows\system32\slwga.dll . . . . nemohl být smazán
C:\Windows\system32\systemcpl.dll . . . . nemohl být smazán
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-31 )))))))))))))))))))))))))))))))
.
2010-12-31 20:50:38 . 2010-12-31 20:50:38 -------- d-----w- C:\Users\Default\AppData\Local\temp
2010-12-31 18:48:11 . 2010-11-16 11:01:20 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40EF2754-179A-477B-A2C5-C5691F0C6DCD}\mpengine.dll
2010-12-31 12:58:10 . 2010-12-31 12:58:19 -------- d-----w- C:\Program Files\trend micro
2010-12-31 12:58:08 . 2010-12-31 12:58:27 -------- d-----w- C:\rsit
2010-12-29 16:11:33 . 2010-12-29 16:11:33 -------- d-----w- C:\ProgramData\FreeDownloadManager.ORG
2010-12-29 16:11:32 . 2010-12-29 15:16:32 -------- d-----w- C:\Program Files (x86)\Free Download Manager
2010-12-29 15:29:53 . 2010-12-29 15:29:53 -------- d-----w- C:\Downloads
2010-12-29 15:10:46 . 2010-12-20 17:09:00 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-29 15:10:45 . 2010-12-29 15:10:45 -------- d-----w- C:\ProgramData\Malwarebytes
2010-12-29 15:10:40 . 2010-12-29 15:10:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-29 15:01:40 . 2010-12-29 15:01:48 -------- d-----w- C:\Program Files\CCleaner
2010-12-29 12:50:12 . 2010-12-29 12:50:12 3381944 ----a-w- C:\libmmd.dll
2010-12-29 12:35:16 . 2010-12-29 12:50:00 -------- d-----w- C:\Program Files\Common Files\ChaosGroup
2010-12-29 12:23:05 . 2009-12-03 05:00:00 344576 ----a-w- C:\Windows\SysWow64\wibuKJni.dll
2010-12-29 12:23:05 . 2009-12-03 05:00:00 333824 ----a-w- C:\Windows\SysWow64\WkExt32.dll
2010-12-29 12:23:05 . 2009-10-21 08:00:00 356352 ----a-w- C:\Windows\SysWow64\WibuXpm4J32.dll
2010-12-29 12:22:25 . 2009-12-03 05:00:00 150528 ----a-w- C:\Windows\SysWow64\WkWin32.dll
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files\WIBU-SYSTEMS
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files (x86)\WIBUKEY
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files (x86)\WIBU-SYSTEMS
2010-12-28 13:01:42 . 2010-12-28 13:01:43 -------- dc-h--w- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-28 13:01:18 . 2010-12-28 13:17:29 -------- d-----w- C:\ProgramData\Lavasoft
2010-12-28 13:01:18 . 2010-12-28 13:01:18 -------- d-----w- C:\Program Files (x86)\Lavasoft
2010-12-26 15:30:41 . 2008-10-10 03:52:38 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2010-12-26 15:30:41 . 2008-10-10 03:52:38 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2010-12-26 15:30:41 . 2008-10-10 03:52:38 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2010-12-26 15:30:41 . 2007-04-04 17:53:42 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2010-12-26 11:15:13 . 2010-12-26 11:15:13 -------- d-----w- C:\Program Files (x86)\FreeTime
2010-12-25 16:40:32 . 2010-12-25 16:40:32 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio
2010-12-25 16:35:55 . 2010-12-25 16:39:01 -------- d-----w- C:\Program Files (x86)\MKVtoolnix
2010-12-25 08:49:32 . 2010-12-25 08:49:32 -------- d-----w- C:\Program Files (x86)\ICQ6Toolbar
2010-12-25 08:49:28 . 2010-12-25 08:49:31 -------- d-----w- C:\ProgramData\ICQ
2010-12-25 08:48:51 . 2010-12-25 08:50:37 -------- d-----w- C:\Program Files (x86)\ICQ7.2
2010-12-19 20:53:15 . 2010-12-19 20:53:15 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2010-12-18 21:14:27 . 2010-12-18 21:14:27 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2010-12-18 21:14:25 . 2010-12-18 21:14:52 -------- d-----r- C:\Program Files (x86)\Skype
2010-12-18 21:14:20 . 2010-12-18 21:14:23 -------- d-----w- C:\ProgramData\Skype
2010-12-18 21:11:47 . 2010-12-18 21:11:51 -------- d-----w- C:\Program Files\SlikSvn
2010-12-18 21:04:27 . 2010-12-18 21:04:28 -------- d-----w- C:\Program Files (x86)\Sparx Systems
2010-12-18 21:03:17 . 2010-12-18 21:03:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-12-17 11:40:52 . 2010-12-17 11:41:58 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2010-12-17 11:37:28 . 2010-12-17 11:37:28 -------- d-----w- C:\ProgramData\boost_interprocess
2010-12-17 09:11:53 . 2010-12-17 09:13:02 -------- d-----w- C:\Program Files (x86)\glassfish-3.0.1
2010-12-17 09:04:19 . 2010-12-17 09:11:51 -------- d-----w- C:\Program Files (x86)\NetBeans 6.9.1
2010-12-17 08:59:46 . 2010-12-17 09:01:20 -------- d-----w- C:\Program Files\Java
2010-12-15 21:12:45 . 2010-12-15 21:12:45 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-12-15 21:12:37 . 2010-12-15 21:12:39 -------- d-----w- C:\Program Files\DivX
2010-12-15 21:12:03 . 2010-12-15 21:12:27 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2010-12-15 21:10:15 . 2010-12-15 21:13:27 -------- d-----w- C:\Program Files (x86)\DivX
2010-12-15 21:08:21 . 2010-12-15 21:13:28 -------- d-----w- C:\ProgramData\DivX
2010-12-15 20:41:24 . 2010-12-15 20:41:24 -------- d-----w- C:\Program Files (x86)\IrfanView
2010-12-15 17:49:06 . 2010-12-16 07:22:46 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2010-12-15 17:49:04 . 2010-12-16 14:07:32 -------- d-----w- C:\Program Files (x86)\Steam
2010-12-15 07:45:20 . 2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-12-15 07:45:13 . 2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-12-15 07:45:13 . 2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-12-15 07:45:13 . 2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-12-15 07:45:13 . 2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-12-15 07:45:09 . 2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-12-15 07:45:09 . 2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-12-15 07:45:07 . 2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-12-15 07:45:06 . 2010-10-12 05:05:01 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2010-12-15 07:45:06 . 2010-10-12 05:00:30 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2010-12-15 07:45:06 . 2010-10-12 04:25:09 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2010-12-14 20:13:30 . 2010-12-14 20:13:30 -------- d-----w- C:\Program Files (x86)\Bonjour
2010-12-14 12:57:26 . 2010-12-14 13:14:54 -------- d-----w- C:\ProgramData\Creative
2010-12-14 12:56:46 . 2003-06-12 22:25:40 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
2010-12-14 12:56:13 . 2000-05-22 15:58:00 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx
2010-12-14 12:56:12 . 2006-10-06 13:17:34 53248 ------w- C:\Windows\Ctregrun.exe
2010-12-14 12:53:00 . 2010-12-14 12:53:00 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
2010-12-14 12:52:55 . 2010-12-14 13:12:15 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information
2010-12-14 12:52:32 . 2008-08-26 08:30:32 8704 ----a-w- C:\Windows\ResDefE.exe
2010-12-14 12:52:28 . 2010-12-14 17:01:57 -------- d-----w- C:\Program Files\Creative
2010-12-14 12:52:27 . 2008-09-10 02:54:34 497152 ----a-r- C:\Windows\SysWow64\CTAPO32.dll
2010-12-14 12:52:22 . 2010-12-14 12:52:22 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2010-12-14 12:52:22 . 2010-12-14 12:52:22 110592 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2010-12-14 12:52:22 . 2007-07-09 02:59:14 782336 ----a-r- C:\Windows\SysWow64\tmp6864.tmp
2010-12-14 12:51:59 . 2010-12-14 12:51:59 -------- d-----w- C:\ProgramData\Creative Labs
2010-12-14 12:50:30 . 2010-12-14 12:50:30 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2010-12-14 12:49:56 . 2010-12-14 13:13:59 -------- d-----w- C:\Program Files (x86)\Creative
2010-12-14 12:48:25 . 2010-12-25 08:49:29 -------- d--h--w- C:\Program Files (x86)\InstallShield Installation Information
2010-12-14 12:48:20 . 2010-12-14 12:48:20 -------- d-----w- C:\Program Files (x86)\Common Files\InstallShield
2010-12-14 07:28:06 . 2009-09-10 05:52:05 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2010-12-14 07:19:14 . 2010-12-14 07:19:14 -------- d-----w- C:\Windows\SysWow64\Wat
2010-12-13 23:07:17 . 2009-11-25 11:47:34 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-12-13 23:07:17 . 2009-11-25 11:47:34 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-12-13 20:54:00 . 2010-12-22 18:23:12 -------- d-----w- C:\ProgramData\FLEXnet
2010-12-13 15:47:38 . 2010-12-13 15:47:38 -------- d-----w- C:\ProgramData\NVIDIA
2010-12-13 14:42:22 . 2010-12-13 14:42:22 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2010-12-13 14:41:18 . 2010-12-13 14:41:18 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2010-12-13 14:40:27 . 2010-10-16 18:55:00 57960 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 5473896 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 4837480 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 319080 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 2912360 ----a-w- C:\Windows\SysWow64\nvcuvid.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 2666600 ----a-w- C:\Windows\SysWow64\nvcuvenc.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 1719912 ----a-w- C:\Windows\SysWow64\nvapi.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 14899816 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 13019752 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 10023528 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2010-12-13 14:39:38 . 2010-12-13 14:41:59 -------- d-----w- C:\Program Files\NVIDIA Corporation
2010-12-13 14:39:11 . 2010-12-13 14:39:11 -------- d-----w- C:\NVIDIA
2010-12-13 04:28:31 . 2010-03-05 07:42:42 67584 ----a-w- C:\Windows\SysWow64\asycfilt.dll
2010-12-13 04:28:27 . 2010-03-24 06:37:04 1289528 ----a-w- C:\Windows\SysWow64\ntdll.dll
2010-12-13 04:28:24 . 2010-03-08 21:33:56 427520 ----a-w- C:\Windows\SysWow64\vbscript.dll
2010-12-13 04:28:23 . 2010-10-19 08:47:59 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-12-13 04:28:23 . 2010-10-19 08:10:26 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-12-13 04:28:23 . 2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-12-13 04:28:21 . 2010-06-29 05:35:06 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2010-12-13 04:28:21 . 2010-06-29 05:02:02 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll
2010-12-13 04:28:21 . 2010-06-29 04:57:58 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2010-12-13 04:28:19 . 2010-05-05 06:46:55 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2010-12-13 04:28:14 . 2009-09-03 07:04:15 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll
2010-12-13 04:26:58 . 2009-12-22 08:24:35 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2010-12-13 04:25:45 . 2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-12-13 04:25:45 . 2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-12-13 04:25:44 . 2009-08-29 06:57:31 34816 ----a-w- C:\Windows\SysWow64\msasn1.dll
2010-12-13 04:25:43 . 2009-10-19 14:10:06 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2010-12-13 04:25:20 . 2010-09-01 05:14:31 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-12-13 04:25:20 . 2010-09-01 04:26:04 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-12-13 04:25:20 . 2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-12-13 04:25:12 . 2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-12 12:50:45 . 2010-12-12 12:50:45 50176 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2010-12-12 12:50:45 . 2010-12-12 12:50:45 27136 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2010-12-12 12:50:44 . 2010-12-12 12:50:44 2560 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2010-12-12 12:50:44 . 2010-12-12 12:50:44 2560 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2010-12-12 12:50:34 . 2010-12-12 12:50:34 15360 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2010-12-12 12:50:31 . 2010-12-12 12:50:31 5632 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2010-11-12 00:44:54 . 2010-11-12 00:44:54 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
2010-11-08 22:57:04 . 2010-11-08 22:57:04 353592 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2010-11-02 04:34:33 . 2010-12-15 07:45:13 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-12-29_14.56.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54:17 . 2010-12-29 14:56:07 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54:17 . 2010-12-31 20:53:20 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54:17 . 2010-12-29 14:56:07 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:17 . 2010-12-31 20:53:20 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54:17 . 2010-12-29 14:56:07 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54:17 . 2010-12-31 20:53:20 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-12 19:31:24 . 2010-12-31 20:55:08 26296 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10:35 . 2010-12-31 20:55:09 32200 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-12-12 12:08:23 . 2010-12-29 15:01:57 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:08:23 . 2010-12-30 22:22:31 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:08:23 . 2010-12-30 22:22:31 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-12 12:08:23 . 2010-12-29 15:01:57 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:19 . 2010-12-30 22:22:31 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54:19 . 2010-12-29 15:01:57 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:40 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:54:55 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46:26 . 2010-12-29 15:45:42 91720 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:54:55 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:40 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:40 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:54:55 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:55:11 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:48 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:55:11 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:48 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-14 23:14:25 . 2010-12-29 14:55:21 4960 C:\Windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-12-14 23:14:25 . 2010-12-31 16:59:15 4960 C:\Windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-12-12 12:55:35 . 2010-12-31 20:55:09 7610 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-580707424-1396258333-2387156592-1001_UserData.bin
+ 2010-12-31 20:53:10 . 2010-12-31 20:53:10 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-12-29 14:55:49 . 2010-12-29 14:55:49 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-12-29 14:55:49 . 2010-12-29 14:55:49 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-12-31 20:53:10 . 2010-12-31 20:53:10 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-12-13 23:12:28 . 2010-12-30 23:50:47 823296 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 02:34:08 . 2010-12-29 08:08:13 10223616 C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34:08 . 2010-12-31 18:58:26 10223616 C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 14:23:06 1385864 ----a-w- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 14:23:06 1385864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 11:44:11 85160]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47:42 31016]
"Acrobat Assistant 7.0"="C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 10:12:02 483328]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 10:44:46 248552]
"VolPanel"="C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2009-07-07 12:13:38 241789]
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 19:28:24 1226608]
"DivX Download Manager"="C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 21:15:44 63360]
C:\Users\Antrac1t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2010-12-12 25214]
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe [2010-12-29 5724472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-14 13:14:09 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-14 12:50:30 79360]
R3 GGSAFERDriver;GGSAFER Driver;D:\Garena\safedrv.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-12-03 09:05:35 17440]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-13 23:05:09 1255736]
S0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 09:05:34 69152]
S2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 17:56:38 247096]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-03 09:05:32 1389400]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 16:36:24 86016]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 20:35:28 5434368]
S3 skfiltv;skfiltv;C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 06:48:34 24064]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 21:01:11 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 21:01:11 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 21:01:11 740864]
S3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 06:50:18 46592]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-31 C:\Windows\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 09:05:33 . 2010-12-03 09:05:33]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
FF - ProfilePath - C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2046.1405 [GMT 1:00]
Spuštěný z: C:\Users\Antrac1t\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\system32\arp.exe . . . . nemohl být smazán
C:\Windows\system32\slwga.dll . . . . nemohl být smazán
C:\Windows\system32\systemcpl.dll . . . . nemohl být smazán
.
---- Předchozí spuštění -------
.
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
C:\Users\Antrac1t\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
C:\Windows\system32\arp.exe . . . . nemohl být smazán
C:\Windows\system32\slwga.dll . . . . nemohl být smazán
C:\Windows\system32\systemcpl.dll . . . . nemohl být smazán
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-31 )))))))))))))))))))))))))))))))
.
2010-12-31 20:50:38 . 2010-12-31 20:50:38 -------- d-----w- C:\Users\Default\AppData\Local\temp
2010-12-31 18:48:11 . 2010-11-16 11:01:20 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40EF2754-179A-477B-A2C5-C5691F0C6DCD}\mpengine.dll
2010-12-31 12:58:10 . 2010-12-31 12:58:19 -------- d-----w- C:\Program Files\trend micro
2010-12-31 12:58:08 . 2010-12-31 12:58:27 -------- d-----w- C:\rsit
2010-12-29 16:11:33 . 2010-12-29 16:11:33 -------- d-----w- C:\ProgramData\FreeDownloadManager.ORG
2010-12-29 16:11:32 . 2010-12-29 15:16:32 -------- d-----w- C:\Program Files (x86)\Free Download Manager
2010-12-29 15:29:53 . 2010-12-29 15:29:53 -------- d-----w- C:\Downloads
2010-12-29 15:10:46 . 2010-12-20 17:09:00 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-29 15:10:45 . 2010-12-29 15:10:45 -------- d-----w- C:\ProgramData\Malwarebytes
2010-12-29 15:10:40 . 2010-12-29 15:10:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-29 15:01:40 . 2010-12-29 15:01:48 -------- d-----w- C:\Program Files\CCleaner
2010-12-29 12:50:12 . 2010-12-29 12:50:12 3381944 ----a-w- C:\libmmd.dll
2010-12-29 12:35:16 . 2010-12-29 12:50:00 -------- d-----w- C:\Program Files\Common Files\ChaosGroup
2010-12-29 12:23:05 . 2009-12-03 05:00:00 344576 ----a-w- C:\Windows\SysWow64\wibuKJni.dll
2010-12-29 12:23:05 . 2009-12-03 05:00:00 333824 ----a-w- C:\Windows\SysWow64\WkExt32.dll
2010-12-29 12:23:05 . 2009-10-21 08:00:00 356352 ----a-w- C:\Windows\SysWow64\WibuXpm4J32.dll
2010-12-29 12:22:25 . 2009-12-03 05:00:00 150528 ----a-w- C:\Windows\SysWow64\WkWin32.dll
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files\WIBU-SYSTEMS
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files (x86)\WIBUKEY
2010-12-29 12:22:15 . 2010-12-29 12:22:15 -------- d-----w- C:\Program Files (x86)\WIBU-SYSTEMS
2010-12-28 13:01:42 . 2010-12-28 13:01:43 -------- dc-h--w- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-28 13:01:18 . 2010-12-28 13:17:29 -------- d-----w- C:\ProgramData\Lavasoft
2010-12-28 13:01:18 . 2010-12-28 13:01:18 -------- d-----w- C:\Program Files (x86)\Lavasoft
2010-12-26 15:30:41 . 2008-10-10 03:52:38 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2010-12-26 15:30:41 . 2008-10-10 03:52:38 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2010-12-26 15:30:41 . 2008-10-10 03:52:38 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2010-12-26 15:30:41 . 2007-04-04 17:53:42 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2010-12-26 11:15:13 . 2010-12-26 11:15:13 -------- d-----w- C:\Program Files (x86)\FreeTime
2010-12-25 16:40:32 . 2010-12-25 16:40:32 -------- d-----w- C:\Program Files (x86)\Aiseesoft Studio
2010-12-25 16:35:55 . 2010-12-25 16:39:01 -------- d-----w- C:\Program Files (x86)\MKVtoolnix
2010-12-25 08:49:32 . 2010-12-25 08:49:32 -------- d-----w- C:\Program Files (x86)\ICQ6Toolbar
2010-12-25 08:49:28 . 2010-12-25 08:49:31 -------- d-----w- C:\ProgramData\ICQ
2010-12-25 08:48:51 . 2010-12-25 08:50:37 -------- d-----w- C:\Program Files (x86)\ICQ7.2
2010-12-19 20:53:15 . 2010-12-19 20:53:15 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2010-12-18 21:14:27 . 2010-12-18 21:14:27 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2010-12-18 21:14:25 . 2010-12-18 21:14:52 -------- d-----r- C:\Program Files (x86)\Skype
2010-12-18 21:14:20 . 2010-12-18 21:14:23 -------- d-----w- C:\ProgramData\Skype
2010-12-18 21:11:47 . 2010-12-18 21:11:51 -------- d-----w- C:\Program Files\SlikSvn
2010-12-18 21:04:27 . 2010-12-18 21:04:28 -------- d-----w- C:\Program Files (x86)\Sparx Systems
2010-12-18 21:03:17 . 2010-12-18 21:03:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-12-17 11:40:52 . 2010-12-17 11:41:58 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2010-12-17 11:37:28 . 2010-12-17 11:37:28 -------- d-----w- C:\ProgramData\boost_interprocess
2010-12-17 09:11:53 . 2010-12-17 09:13:02 -------- d-----w- C:\Program Files (x86)\glassfish-3.0.1
2010-12-17 09:04:19 . 2010-12-17 09:11:51 -------- d-----w- C:\Program Files (x86)\NetBeans 6.9.1
2010-12-17 08:59:46 . 2010-12-17 09:01:20 -------- d-----w- C:\Program Files\Java
2010-12-15 21:12:45 . 2010-12-15 21:12:45 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-12-15 21:12:37 . 2010-12-15 21:12:39 -------- d-----w- C:\Program Files\DivX
2010-12-15 21:12:03 . 2010-12-15 21:12:27 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2010-12-15 21:10:15 . 2010-12-15 21:13:27 -------- d-----w- C:\Program Files (x86)\DivX
2010-12-15 21:08:21 . 2010-12-15 21:13:28 -------- d-----w- C:\ProgramData\DivX
2010-12-15 20:41:24 . 2010-12-15 20:41:24 -------- d-----w- C:\Program Files (x86)\IrfanView
2010-12-15 17:49:06 . 2010-12-16 07:22:46 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2010-12-15 17:49:04 . 2010-12-16 14:07:32 -------- d-----w- C:\Program Files (x86)\Steam
2010-12-15 07:45:20 . 2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-12-15 07:45:13 . 2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-12-15 07:45:13 . 2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-12-15 07:45:13 . 2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-12-15 07:45:13 . 2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-12-15 07:45:09 . 2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-12-15 07:45:09 . 2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-12-15 07:45:07 . 2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-12-15 07:45:06 . 2010-10-12 05:05:01 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2010-12-15 07:45:06 . 2010-10-12 05:00:30 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2010-12-15 07:45:06 . 2010-10-12 04:25:09 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2010-12-14 20:13:30 . 2010-12-14 20:13:30 -------- d-----w- C:\Program Files (x86)\Bonjour
2010-12-14 12:57:26 . 2010-12-14 13:14:54 -------- d-----w- C:\ProgramData\Creative
2010-12-14 12:56:46 . 2003-06-12 22:25:40 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
2010-12-14 12:56:13 . 2000-05-22 15:58:00 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx
2010-12-14 12:56:12 . 2006-10-06 13:17:34 53248 ------w- C:\Windows\Ctregrun.exe
2010-12-14 12:53:00 . 2010-12-14 12:53:00 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
2010-12-14 12:52:55 . 2010-12-14 13:12:15 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information
2010-12-14 12:52:32 . 2008-08-26 08:30:32 8704 ----a-w- C:\Windows\ResDefE.exe
2010-12-14 12:52:28 . 2010-12-14 17:01:57 -------- d-----w- C:\Program Files\Creative
2010-12-14 12:52:27 . 2008-09-10 02:54:34 497152 ----a-r- C:\Windows\SysWow64\CTAPO32.dll
2010-12-14 12:52:22 . 2010-12-14 12:52:22 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2010-12-14 12:52:22 . 2010-12-14 12:52:22 110592 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2010-12-14 12:52:22 . 2007-07-09 02:59:14 782336 ----a-r- C:\Windows\SysWow64\tmp6864.tmp
2010-12-14 12:51:59 . 2010-12-14 12:51:59 -------- d-----w- C:\ProgramData\Creative Labs
2010-12-14 12:50:30 . 2010-12-14 12:50:30 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2010-12-14 12:49:56 . 2010-12-14 13:13:59 -------- d-----w- C:\Program Files (x86)\Creative
2010-12-14 12:48:25 . 2010-12-25 08:49:29 -------- d--h--w- C:\Program Files (x86)\InstallShield Installation Information
2010-12-14 12:48:20 . 2010-12-14 12:48:20 -------- d-----w- C:\Program Files (x86)\Common Files\InstallShield
2010-12-14 07:28:06 . 2009-09-10 05:52:05 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2010-12-14 07:19:14 . 2010-12-14 07:19:14 -------- d-----w- C:\Windows\SysWow64\Wat
2010-12-13 23:07:17 . 2009-11-25 11:47:34 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-12-13 23:07:17 . 2009-11-25 11:47:34 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-12-13 23:07:17 . 2009-11-25 11:47:34 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-12-13 20:54:00 . 2010-12-22 18:23:12 -------- d-----w- C:\ProgramData\FLEXnet
2010-12-13 15:47:38 . 2010-12-13 15:47:38 -------- d-----w- C:\ProgramData\NVIDIA
2010-12-13 14:42:22 . 2010-12-13 14:42:22 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2010-12-13 14:41:18 . 2010-12-13 14:41:18 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2010-12-13 14:40:27 . 2010-10-16 18:55:00 57960 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 5473896 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 4837480 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 319080 ----a-w- C:\Windows\SysWow64\nvdecodemft.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 2912360 ----a-w- C:\Windows\SysWow64\nvcuvid.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 2666600 ----a-w- C:\Windows\SysWow64\nvcuvenc.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 1719912 ----a-w- C:\Windows\SysWow64\nvapi.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 14899816 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 13019752 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2010-12-13 14:40:27 . 2010-10-16 18:55:00 10023528 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2010-12-13 14:39:38 . 2010-12-13 14:41:59 -------- d-----w- C:\Program Files\NVIDIA Corporation
2010-12-13 14:39:11 . 2010-12-13 14:39:11 -------- d-----w- C:\NVIDIA
2010-12-13 04:28:31 . 2010-03-05 07:42:42 67584 ----a-w- C:\Windows\SysWow64\asycfilt.dll
2010-12-13 04:28:27 . 2010-03-24 06:37:04 1289528 ----a-w- C:\Windows\SysWow64\ntdll.dll
2010-12-13 04:28:24 . 2010-03-08 21:33:56 427520 ----a-w- C:\Windows\SysWow64\vbscript.dll
2010-12-13 04:28:23 . 2010-10-19 08:47:59 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-12-13 04:28:23 . 2010-10-19 08:10:26 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-12-13 04:28:23 . 2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-12-13 04:28:21 . 2010-06-29 05:35:06 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2010-12-13 04:28:21 . 2010-06-29 05:02:02 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll
2010-12-13 04:28:21 . 2010-06-29 04:57:58 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2010-12-13 04:28:19 . 2010-05-05 06:46:55 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2010-12-13 04:28:14 . 2009-09-03 07:04:15 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll
2010-12-13 04:26:58 . 2009-12-22 08:24:35 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2010-12-13 04:25:45 . 2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-12-13 04:25:45 . 2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-12-13 04:25:44 . 2009-08-29 06:57:31 34816 ----a-w- C:\Windows\SysWow64\msasn1.dll
2010-12-13 04:25:43 . 2009-10-19 14:10:06 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2010-12-13 04:25:20 . 2010-09-01 05:14:31 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-12-13 04:25:20 . 2010-09-01 04:26:04 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-12-13 04:25:20 . 2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-12-13 04:25:12 . 2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-12 12:50:45 . 2010-12-12 12:50:45 50176 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2010-12-12 12:50:45 . 2010-12-12 12:50:45 27136 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2010-12-12 12:50:44 . 2010-12-12 12:50:44 2560 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2010-12-12 12:50:44 . 2010-12-12 12:50:44 2560 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2010-12-12 12:50:34 . 2010-12-12 12:50:34 15360 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2010-12-12 12:50:31 . 2010-12-12 12:50:31 5632 ----a-w- C:\Windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2010-11-12 00:44:54 . 2010-11-12 00:44:54 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
2010-11-08 22:57:04 . 2010-11-08 22:57:04 353592 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2010-11-02 04:34:33 . 2010-12-15 07:45:13 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-12-29_14.56.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54:17 . 2010-12-29 14:56:07 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54:17 . 2010-12-31 20:53:20 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54:17 . 2010-12-29 14:56:07 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:17 . 2010-12-31 20:53:20 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54:17 . 2010-12-29 14:56:07 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54:17 . 2010-12-31 20:53:20 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-12 19:31:24 . 2010-12-31 20:55:08 26296 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10:35 . 2010-12-31 20:55:09 32200 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-12-12 12:08:23 . 2010-12-29 15:01:57 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:08:23 . 2010-12-30 22:22:31 16384 C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:08:23 . 2010-12-30 22:22:31 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-12 12:08:23 . 2010-12-29 15:01:57 32768 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54:19 . 2010-12-30 22:22:31 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54:19 . 2010-12-29 15:01:57 16384 C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:40 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:54:55 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46:26 . 2010-12-29 15:45:42 91720 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:54:55 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:40 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:40 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:54:55 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:55:11 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:48 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-12 12:55:12 . 2010-12-31 20:55:11 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-12 12:55:12 . 2010-12-29 14:57:48 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-14 23:14:25 . 2010-12-29 14:55:21 4960 C:\Windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-12-14 23:14:25 . 2010-12-31 16:59:15 4960 C:\Windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-12-12 12:55:35 . 2010-12-31 20:55:09 7610 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-580707424-1396258333-2387156592-1001_UserData.bin
+ 2010-12-31 20:53:10 . 2010-12-31 20:53:10 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-12-29 14:55:49 . 2010-12-29 14:55:49 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-12-29 14:55:49 . 2010-12-29 14:55:49 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-12-31 20:53:10 . 2010-12-31 20:53:10 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-12-13 23:12:28 . 2010-12-30 23:50:47 823296 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 02:34:08 . 2010-12-29 08:08:13 10223616 C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34:08 . 2010-12-31 18:58:26 10223616 C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 14:23:06 1385864 ----a-w- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 14:23:06 1385864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 94208 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 11:44:11 85160]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47:42 31016]
"Acrobat Assistant 7.0"="C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 10:12:02 483328]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 10:44:46 248552]
"VolPanel"="C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2009-07-07 12:13:38 241789]
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 19:28:24 1226608]
"DivX Download Manager"="C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 21:15:44 63360]
C:\Users\Antrac1t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2010-12-12 25214]
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe [2010-12-29 5724472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-14 13:14:09 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-14 12:50:30 79360]
R3 GGSAFERDriver;GGSAFER Driver;D:\Garena\safedrv.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-12-03 09:05:35 17440]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-13 23:05:09 1255736]
S0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 09:05:34 69152]
S2 ICQ Service;ICQ Service;C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 17:56:38 247096]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-03 09:05:32 1389400]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 16:36:24 86016]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 20:35:28 5434368]
S3 skfiltv;skfiltv;C:\Windows\system32\drivers\skfiltv.sys [2008-08-14 06:48:34 24064]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 21:01:11 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 21:01:11 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 21:01:11 740864]
S3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 06:50:18 46592]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-31 C:\Windows\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 09:05:33 . 2010-12-03 09:05:33]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19:44 97792 ----a-w- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\DropboxExt64.13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
FF - ProfilePath - C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Re: Kontrola logu
Zase není log celý 
.
Otestujte na www.virustotal.com
c:\Windows\system32\arp.exe
C:\Windows\system32\slwga.dll
C:\Windows\system32\systemcpl.dll
-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.
.Otestujte na www.virustotal.com
c:\Windows\system32\arp.exe
C:\Windows\system32\slwga.dll
C:\Windows\system32\systemcpl.dll
-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
Combofix má zas nějakej bug 
. Co ten log, opravdu ho nemáte celý?
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
. Co ten log, opravdu ho nemáte celý? Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
mno klidne to encham projet znova, ale co combofix vyflustnul tak to jsem postnul 
...
...Re: Kontrola logu
Neprojíždějte, u Vás má nějaký bug, raději udělejte ten OTL
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
OTL Extras logfile created on: 31.12.2010 22:30:27 - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Antrac1t\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 24,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,79 Gb Total Space | 32,06 Gb Free Space | 36,52% Space Free | Partition Type: NTFS
Drive D: | 98,42 Gb Total Space | 69,83 Gb Free Space | 70,95% Space Free | Partition Type: NTFS
Computer Name: ANTRAC1T-PC | User Name: Antrac1t | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WibuKey Setup (WibuKey Remove)
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23 (64-bit)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D773B0F5-5511-4812-B1A0-C6635F7AD6B8}" = Slik Subversion 1.6.15 (x64)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C78E7B2-AE8C-492E-8A97-BA6A641C616B}" = Enterprise Architect 8 - 30 Day Trial Edition
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5B3A354B-C059-4861-A85B-CA46F1089E15}" = Creative USB Headsets
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C67CBD7-631C-0409-B00B-98B5DEB67C27}" = Autodesk 3ds Max Design 2010 32-bit
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 7.0 Professional - Czech, Polish, Greek - V" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Aiseesoft MKV Converter_is1" = Aiseesoft MKV Converter
"ALchemy" = Creative ALchemy
"Autodesk FBX Plugin 2009.4 - 3ds Max Design 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max Design 2010
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Volume Panel" = Volume Panel
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.60
"Free Download Manager_is1" = Free Download Manager 3.0
"Garena" = Garena 2010
"hon" = Heroes of Newerth
"Hrady" = Hrady
"ICQToolbar" = ICQ Toolbar
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MKVtoolnix" = MKVtoolnix 2.9.8
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"nbi-glassfish-mod-3.0.1.22.0" = GlassFish Server Open Source Edition 3.0.1
"nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1
"SysInfo" = Creative System Information
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"WaveStudio 7" = Creative WaveStudio 7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.12.2010 18:16:16 | Computer Name = Antrac1t-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Sparx Systems\EA
Trial\SSInvoke.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program
Files (x86)\Sparx Systems\EA Trial\SSInvoke.exe na řádku 21. Neplatná syntaxe XML.
Error - 31.12.2010 7:01:28 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 1.1.5.0, časové razítko:
0x4cdec0ee Název chybujícího modulu: libavcodec_plugin.dll, verze: 0.0.0.0, časové
razítko: 0x4cdec0ef Kód výjimky: 0x40000015 Posun chyby: 0x000b5892 ID chybujícího
procesu: 0xfb0 Čas spuštění chybující aplikace: 0x01cba8da09d9710f Cesta k chybující
aplikaci: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll ID zprávy: 509cfdbb-14cd-11e0-a9c9-001b24868c55
Error - 31.12.2010 8:16:20 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 1.1.5.0, časové razítko:
0x4cdec0ee Název chybujícího modulu: libavcodec_plugin.dll, verze: 0.0.0.0, časové
razítko: 0x4cdec0ef Kód výjimky: 0x40000015 Posun chyby: 0x000b5892 ID chybujícího
procesu: 0xb98 Čas spuštění chybující aplikace: 0x01cba8e482b5fcbf Cesta k chybující
aplikaci: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll ID zprávy: c5fe5f5e-14d7-11e0-a9c9-001b24868c55
Error - 31.12.2010 16:17:52 | Computer Name = Antrac1t-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 31.12.2010 16:55:31 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0xf04 Čas spuštění chybující aplikace: 0x01cba92d0c17b8bd Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
4da9a430-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:55:55 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0xa20 Čas spuštění chybující aplikace: 0x01cba92d1e5141d6 Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
5c17fbd9-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:55:57 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0x984 Čas spuštění chybující aplikace: 0x01cba92d1f67c2d6 Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
5d2e7cd9-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:55:59 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0xe04 Čas spuštění chybující aplikace: 0x01cba92d209f971a Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
5e5f2cfc-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:56:28 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0x388 Čas spuštění chybující aplikace: 0x01cba92d3200aa0a Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
6fbb7d2c-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:56:31 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0x65c Čas spuštění chybující aplikace: 0x01cba92d33766215 Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
713abab8-1520-11e0-9334-001b24868c55
[ OSession Events ]
Error - 12.12.2010 13:31:41 | Computer Name = Antrac1t-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3911
seconds with 2760 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 31.12.2010 12:48:19 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).
Error - 31.12.2010 16:15:10 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 31.12.2010 16:19:01 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 31.12.2010 16:42:56 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7034
Description = Služba mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit
32-bit byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 31.12.2010 16:50:06 | Computer Name = Antrac1t-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.
Error - 31.12.2010 16:50:06 | Computer Name = Antrac1t-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.
Error - 31.12.2010 16:50:42 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 31.12.2010 16:59:02 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
Error - 31.12.2010 17:09:07 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).
Error - 31.12.2010 17:10:15 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%31
< End of report >
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Antrac1t\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 24,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,79 Gb Total Space | 32,06 Gb Free Space | 36,52% Space Free | Partition Type: NTFS
Drive D: | 98,42 Gb Total Space | 69,83 Gb Free Space | 70,95% Space Free | Partition Type: NTFS
Computer Name: ANTRAC1T-PC | User Name: Antrac1t | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WibuKey Setup (WibuKey Remove)
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23 (64-bit)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D773B0F5-5511-4812-B1A0-C6635F7AD6B8}" = Slik Subversion 1.6.15 (x64)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C78E7B2-AE8C-492E-8A97-BA6A641C616B}" = Enterprise Architect 8 - 30 Day Trial Edition
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5B3A354B-C059-4861-A85B-CA46F1089E15}" = Creative USB Headsets
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C67CBD7-631C-0409-B00B-98B5DEB67C27}" = Autodesk 3ds Max Design 2010 32-bit
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 7.0 Professional - Czech, Polish, Greek - V" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Aiseesoft MKV Converter_is1" = Aiseesoft MKV Converter
"ALchemy" = Creative ALchemy
"Autodesk FBX Plugin 2009.4 - 3ds Max Design 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max Design 2010
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Volume Panel" = Volume Panel
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.60
"Free Download Manager_is1" = Free Download Manager 3.0
"Garena" = Garena 2010
"hon" = Heroes of Newerth
"Hrady" = Hrady
"ICQToolbar" = ICQ Toolbar
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MKVtoolnix" = MKVtoolnix 2.9.8
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"nbi-glassfish-mod-3.0.1.22.0" = GlassFish Server Open Source Edition 3.0.1
"nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1
"SysInfo" = Creative System Information
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"WaveStudio 7" = Creative WaveStudio 7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.12.2010 18:16:16 | Computer Name = Antrac1t-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Sparx Systems\EA
Trial\SSInvoke.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program
Files (x86)\Sparx Systems\EA Trial\SSInvoke.exe na řádku 21. Neplatná syntaxe XML.
Error - 31.12.2010 7:01:28 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 1.1.5.0, časové razítko:
0x4cdec0ee Název chybujícího modulu: libavcodec_plugin.dll, verze: 0.0.0.0, časové
razítko: 0x4cdec0ef Kód výjimky: 0x40000015 Posun chyby: 0x000b5892 ID chybujícího
procesu: 0xfb0 Čas spuštění chybující aplikace: 0x01cba8da09d9710f Cesta k chybující
aplikaci: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll ID zprávy: 509cfdbb-14cd-11e0-a9c9-001b24868c55
Error - 31.12.2010 8:16:20 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 1.1.5.0, časové razítko:
0x4cdec0ee Název chybujícího modulu: libavcodec_plugin.dll, verze: 0.0.0.0, časové
razítko: 0x4cdec0ef Kód výjimky: 0x40000015 Posun chyby: 0x000b5892 ID chybujícího
procesu: 0xb98 Čas spuštění chybující aplikace: 0x01cba8e482b5fcbf Cesta k chybující
aplikaci: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll ID zprávy: c5fe5f5e-14d7-11e0-a9c9-001b24868c55
Error - 31.12.2010 16:17:52 | Computer Name = Antrac1t-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 31.12.2010 16:55:31 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0xf04 Čas spuštění chybující aplikace: 0x01cba92d0c17b8bd Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
4da9a430-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:55:55 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0xa20 Čas spuštění chybující aplikace: 0x01cba92d1e5141d6 Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
5c17fbd9-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:55:57 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0x984 Čas spuštění chybující aplikace: 0x01cba92d1f67c2d6 Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
5d2e7cd9-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:55:59 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0xe04 Čas spuštění chybující aplikace: 0x01cba92d209f971a Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
5e5f2cfc-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:56:28 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0x388 Čas spuštění chybující aplikace: 0x01cba92d3200aa0a Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
6fbb7d2c-1520-11e0-9334-001b24868c55
Error - 31.12.2010 16:56:31 | Computer Name = Antrac1t-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Název chybujícího modulu: PEV.cfxxe, verze: 0.0.0.0, časové razítko:
0x4bd0e994 Kód výjimky: 0xc0000417 Posun chyby: 0x00082899 ID chybujícího procesu:
0x65c Čas spuštění chybující aplikace: 0x01cba92d33766215 Cesta k chybující aplikaci:
C:\ComboFix\PEV.cfxxe Cesta k chybujícímu modulu: C:\ComboFix\PEV.cfxxe ID zprávy:
713abab8-1520-11e0-9334-001b24868c55
[ OSession Events ]
Error - 12.12.2010 13:31:41 | Computer Name = Antrac1t-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3911
seconds with 2760 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 31.12.2010 12:48:19 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).
Error - 31.12.2010 16:15:10 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 31.12.2010 16:19:01 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 31.12.2010 16:42:56 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7034
Description = Služba mental ray 3.7 Satellite for Autodesk 3ds Max Design 2010 32-bit
32-bit byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 31.12.2010 16:50:06 | Computer Name = Antrac1t-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.
Error - 31.12.2010 16:50:06 | Computer Name = Antrac1t-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.
Error - 31.12.2010 16:50:42 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 31.12.2010 16:59:02 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.
Error - 31.12.2010 17:09:07 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).
Error - 31.12.2010 17:10:15 | Computer Name = Antrac1t-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%31
< End of report >
Re: Kontrola logu
OTL logfile created on: 31.12.2010 22:30:27 - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Antrac1t\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 24,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,79 Gb Total Space | 32,06 Gb Free Space | 36,52% Space Free | Partition Type: NTFS
Drive D: | 98,42 Gb Total Space | 69,83 Gb Free Space | 70,95% Space Free | Partition Type: NTFS
Computer Name: ANTRAC1T-PC | User Name: Antrac1t | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.31 22:29:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Antrac1t\Desktop\OTL.exe
PRC - [2010.12.12 16:13:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010.12.09 20:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010.12.03 20:39:33 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.12.03 20:39:33 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.03 10:05:32 | 001,389,400 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.11.02 00:00:00 | 002,068,832 | ---- | M] (Cerulean Studios) -- C:\Program Files (x86)\Trillian\trillian.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.28 23:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
PRC - [2010.02.26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2009.12.03 06:00:00 | 005,724,472 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
PRC - [2009.08.29 01:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.07.07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe
PRC - [2009.06.17 12:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009.03.12 19:41:08 | 009,883,648 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\3ds Max Design 2010\3dsmax.exe
PRC - [2009.03.12 17:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2004.12.14 11:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
========== Modules (SafeList) ==========
MOD - [2010.12.31 22:29:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Antrac1t\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.12.15 18:49:47 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.12.14 14:14:09 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.12.14 13:50:30 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.12.12 16:13:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.12.03 10:05:32 | 001,389,400 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.29 01:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.12 17:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010.12.03 10:05:34 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2009.12.17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.12.03 06:00:00 | 000,103,224 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WibuKey64.sys -- (WIBUKEY)
DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.08.14 07:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV:64bit: - [2007.03.28 07:50:18 | 000,046,592 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winbondcir.sys -- (winbondcir)
DRV:64bit: - [2006.11.18 13:07:48 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV - [2010.12.03 10:05:35 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.17s
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.7&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010.12.15 22:13:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010.12.15 22:13:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.12 14:07:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.12 14:19:31 | 000,000,000 | ---D | M]
[2010.12.12 14:08:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Extensions
[2010.12.31 17:42:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\extensions
[2010.12.25 09:49:29 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.15 22:43:01 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\extensions\SkipScreen@SkipScreen
[2010.12.15 22:43:02 | 000,001,749 | ---- | M] () -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\searchplugins\ask.uk.xml
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\searchplugins\icqplugin.xml
[2010.12.25 09:49:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.12.18 22:14:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.12.12 14:19:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.15 22:13:23 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2010.12.15 22:13:23 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010.12.29 17:11:36 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES (X86)\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
[2010.12.12 14:19:19 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.03 19:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.03 19:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 19:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - Startup: C:\Users\Antrac1t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.12.31 22:29:30 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Antrac1t\Desktop\OTL.exe
[2010.12.31 21:38:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.12.31 21:18:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.12.31 13:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.12.31 13:58:08 | 000,000,000 | ---D | C] -- C:\rsit
[2010.12.29 17:12:46 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Free Download Manager
[2010.12.29 17:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeDownloadManager.ORG
[2010.12.29 17:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2010.12.29 16:35:44 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.12.29 16:35:44 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.12.29 16:35:44 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.12.29 16:35:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.12.29 16:34:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.12.29 16:29:53 | 000,000,000 | ---D | C] -- C:\Downloads
[2010.12.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Malwarebytes
[2010.12.29 16:10:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.29 16:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.29 16:10:41 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.29 16:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.12.29 16:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.29 15:59:03 | 001,187,896 | ---- | C] (Piriform Ltd) -- C:\Users\Antrac1t\Desktop\ccleaner.exe.part
[2010.12.29 13:50:12 | 003,381,944 | ---- | C] (Intel Corporation) -- C:\libmmd.dll
[2010.12.29 13:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ChaosGroup
[2010.12.29 13:23:05 | 000,451,584 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WibuXpm4J64.dll
[2010.12.29 13:23:05 | 000,430,080 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\wibuKJni64.dll
[2010.12.29 13:23:05 | 000,418,304 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkExt64.dll
[2010.12.29 13:23:05 | 000,356,352 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WibuXpm4J32.dll
[2010.12.29 13:23:05 | 000,344,576 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\wibuKJni.dll
[2010.12.29 13:23:05 | 000,333,824 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkExt32.dll
[2010.12.29 13:22:36 | 000,016,896 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\Wibukey2_64.sys
[2010.12.29 13:22:26 | 000,103,224 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\WibuKey64.sys
[2010.12.29 13:22:25 | 000,169,984 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.dll
[2010.12.29 13:22:25 | 000,150,528 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.dll
[2010.12.29 13:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\WIBU-SYSTEMS
[2010.12.29 13:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBU-SYSTEMS
[2010.12.29 13:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBUKEY
[2010.12.28 19:45:24 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\IES_Lights
[2010.12.28 14:17:30 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010.12.28 14:17:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.12.28 14:17:26 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010.12.28 14:08:28 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Local\Sunbelt Software
[2010.12.28 14:01:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2010.12.28 14:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.12.28 14:01:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010.12.27 21:43:54 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\space
[2010.12.27 15:34:37 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\cinema
[2010.12.26 16:31:11 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\Heroes of Newerth
[2010.12.26 16:30:41 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.12.26 16:30:41 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.12.26 16:30:41 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.12.26 16:30:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.12.26 12:15:40 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\FFOutput
[2010.12.26 12:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2010.12.25 17:40:38 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\Aiseesoft Studio
[2010.12.25 17:40:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aiseesoft Studio
[2010.12.25 17:35:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix
[2010.12.25 09:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.12.25 09:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.12.25 09:49:00 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\ICQ
[2010.12.25 09:48:58 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Local\AOL
[2010.12.25 09:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.12.23 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\PSko
[2010.12.19 21:53:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.12.18 22:16:04 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\skypePM
[2010.12.18 22:14:30 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Subversion
[2010.12.18 22:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.12.18 22:14:25 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.12.18 22:14:23 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Skype
[2010.12.18 22:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.12.18 22:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\SlikSvn
[2010.12.18 22:05:42 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Sparx Systems
[2010.12.18 22:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sparx Systems
[2010.12.18 22:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.12.18 12:59:44 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\cylon plane
[2010.12.17 12:41:03 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\TS3Client
[2010.12.17 12:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2010.12.17 12:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2010.12.17 10:28:40 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\dvdcss
[2010.12.17 10:13:07 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\.netbeans
[2010.12.17 10:13:03 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\.netbeans-registration
[2010.12.17 10:11:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\glassfish-3.0.1
[2010.12.17 10:04:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 6.9.1
[2010.12.17 10:01:40 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2010.12.17 10:01:40 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010.12.17 10:01:40 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010.12.17 10:01:40 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010.12.17 09:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.12.17 09:48:04 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\.nbi
[2010.12.16 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\z_HSE
[2010.12.16 12:58:13 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Local\Diagnostics
[2010.12.15 22:13:02 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\DivX
[2010.12.15 22:12:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.12.15 22:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.12.15 22:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.12.15 22:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.12.15 22:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.12.15 21:41:24 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\IrfanView
[2010.12.15 21:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010.12.15 18:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.12.15 18:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Users\Antrac1t\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 24,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 54,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,79 Gb Total Space | 32,06 Gb Free Space | 36,52% Space Free | Partition Type: NTFS
Drive D: | 98,42 Gb Total Space | 69,83 Gb Free Space | 70,95% Space Free | Partition Type: NTFS
Computer Name: ANTRAC1T-PC | User Name: Antrac1t | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.31 22:29:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Antrac1t\Desktop\OTL.exe
PRC - [2010.12.12 16:13:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010.12.09 20:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010.12.03 20:39:33 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.12.03 20:39:33 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.03 10:05:32 | 001,389,400 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.11.02 00:00:00 | 002,068,832 | ---- | M] (Cerulean Studios) -- C:\Program Files (x86)\Trillian\trillian.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.28 23:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
PRC - [2010.02.26 06:10:20 | 021,979,992 | ---- | M] () -- C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2009.12.03 06:00:00 | 005,724,472 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
PRC - [2009.08.29 01:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.07.07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe
PRC - [2009.06.17 12:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009.03.12 19:41:08 | 009,883,648 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\3ds Max Design 2010\3dsmax.exe
PRC - [2009.03.12 17:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2004.12.14 11:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
========== Modules (SafeList) ==========
MOD - [2010.12.31 22:29:47 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Antrac1t\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.12.15 18:49:47 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.12.14 14:14:09 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.12.14 13:50:30 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.12.12 16:13:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.12.03 10:05:32 | 001,389,400 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.29 01:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.12 17:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010.12.03 10:05:34 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2009.12.17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.12.03 06:00:00 | 000,103,224 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WibuKey64.sys -- (WIBUKEY)
DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.08.14 07:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV:64bit: - [2007.03.28 07:50:18 | 000,046,592 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winbondcir.sys -- (winbondcir)
DRV:64bit: - [2006.11.18 13:07:48 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV - [2010.12.03 10:05:35 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.17s
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.7&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010.12.15 22:13:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010.12.15 22:13:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.12 14:07:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.12 14:19:31 | 000,000,000 | ---D | M]
[2010.12.12 14:08:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Extensions
[2010.12.31 17:42:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\extensions
[2010.12.25 09:49:29 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.15 22:43:01 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\extensions\SkipScreen@SkipScreen
[2010.12.15 22:43:02 | 000,001,749 | ---- | M] () -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\searchplugins\ask.uk.xml
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Antrac1t\AppData\Roaming\Mozilla\Firefox\Profiles\i18d16ka.default\searchplugins\icqplugin.xml
[2010.12.25 09:49:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.12.18 22:14:52 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.12.12 14:19:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.15 22:13:23 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2010.12.15 22:13:23 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010.12.29 17:11:36 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES (X86)\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
[2010.12.12 14:19:19 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.03 19:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.03 19:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 19:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Trillian Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - Startup: C:\Users\Antrac1t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Antrac1t\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010.12.31 22:29:30 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Antrac1t\Desktop\OTL.exe
[2010.12.31 21:38:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.12.31 21:18:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.12.31 13:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.12.31 13:58:08 | 000,000,000 | ---D | C] -- C:\rsit
[2010.12.29 17:12:46 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Free Download Manager
[2010.12.29 17:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeDownloadManager.ORG
[2010.12.29 17:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2010.12.29 16:35:44 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.12.29 16:35:44 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.12.29 16:35:44 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.12.29 16:35:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.12.29 16:34:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.12.29 16:29:53 | 000,000,000 | ---D | C] -- C:\Downloads
[2010.12.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Malwarebytes
[2010.12.29 16:10:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.29 16:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.29 16:10:41 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.29 16:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.12.29 16:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.29 15:59:03 | 001,187,896 | ---- | C] (Piriform Ltd) -- C:\Users\Antrac1t\Desktop\ccleaner.exe.part
[2010.12.29 13:50:12 | 003,381,944 | ---- | C] (Intel Corporation) -- C:\libmmd.dll
[2010.12.29 13:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ChaosGroup
[2010.12.29 13:23:05 | 000,451,584 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WibuXpm4J64.dll
[2010.12.29 13:23:05 | 000,430,080 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\wibuKJni64.dll
[2010.12.29 13:23:05 | 000,418,304 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkExt64.dll
[2010.12.29 13:23:05 | 000,356,352 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WibuXpm4J32.dll
[2010.12.29 13:23:05 | 000,344,576 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\wibuKJni.dll
[2010.12.29 13:23:05 | 000,333,824 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkExt32.dll
[2010.12.29 13:22:36 | 000,016,896 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\Wibukey2_64.sys
[2010.12.29 13:22:26 | 000,103,224 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\WibuKey64.sys
[2010.12.29 13:22:25 | 000,169,984 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.dll
[2010.12.29 13:22:25 | 000,150,528 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.dll
[2010.12.29 13:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\WIBU-SYSTEMS
[2010.12.29 13:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBU-SYSTEMS
[2010.12.29 13:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBUKEY
[2010.12.28 19:45:24 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\IES_Lights
[2010.12.28 14:17:30 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2010.12.28 14:17:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.12.28 14:17:26 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010.12.28 14:08:28 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Local\Sunbelt Software
[2010.12.28 14:01:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2010.12.28 14:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.12.28 14:01:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010.12.27 21:43:54 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\space
[2010.12.27 15:34:37 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\cinema
[2010.12.26 16:31:11 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\Heroes of Newerth
[2010.12.26 16:30:41 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.12.26 16:30:41 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.12.26 16:30:41 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.12.26 16:30:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.12.26 12:15:40 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\FFOutput
[2010.12.26 12:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2010.12.25 17:40:38 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\Aiseesoft Studio
[2010.12.25 17:40:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aiseesoft Studio
[2010.12.25 17:35:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix
[2010.12.25 09:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.12.25 09:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.12.25 09:49:00 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\ICQ
[2010.12.25 09:48:58 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Local\AOL
[2010.12.25 09:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.12.23 13:37:13 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Documents\PSko
[2010.12.19 21:53:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.12.18 22:16:04 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\skypePM
[2010.12.18 22:14:30 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Subversion
[2010.12.18 22:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.12.18 22:14:25 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.12.18 22:14:23 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Skype
[2010.12.18 22:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.12.18 22:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\SlikSvn
[2010.12.18 22:05:42 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\Sparx Systems
[2010.12.18 22:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sparx Systems
[2010.12.18 22:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.12.18 12:59:44 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\cylon plane
[2010.12.17 12:41:03 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\TS3Client
[2010.12.17 12:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2010.12.17 12:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2010.12.17 10:28:40 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\dvdcss
[2010.12.17 10:13:07 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\.netbeans
[2010.12.17 10:13:03 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\.netbeans-registration
[2010.12.17 10:11:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\glassfish-3.0.1
[2010.12.17 10:04:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 6.9.1
[2010.12.17 10:01:40 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2010.12.17 10:01:40 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010.12.17 10:01:40 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010.12.17 10:01:40 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010.12.17 09:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.12.17 09:48:04 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\.nbi
[2010.12.16 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\Desktop\z_HSE
[2010.12.16 12:58:13 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Local\Diagnostics
[2010.12.15 22:13:02 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\DivX
[2010.12.15 22:12:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.12.15 22:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.12.15 22:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.12.15 22:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.12.15 22:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.12.15 21:41:24 | 000,000,000 | ---D | C] -- C:\Users\Antrac1t\AppData\Roaming\IrfanView
[2010.12.15 21:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010.12.15 18:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.12.15 18:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
Přispějete na provoz fóra?