VIRY.CZ

Ahoj, jednoho krásného dne sem si stáhl do PC Confickera měl sem si Trial verzi Eseta a ten mi našel toho zmetka, jen se chci ujistit, že je pryč. Děkuju moc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Daniel at 2010-07-14 12:44:01
Microsoft Windows 7 Home Premium
System drive C: has 70 GB (70%) free of 100 GB
Total RAM: 4094 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:44:04, on 14.7.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
D:\Program Files\Steam\Steam.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\trend micro\Daniel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: j??
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7323 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
atieclxx
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"D:\Program Files\Steam\Steam.exe" -silent
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1156.8f39860.1933800911 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 1156 plugin \\.\pipe\gecko-crash-server-pipe.1156
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --ipc-timeout 30
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Daniel\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-07-02 2903688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Steam"=D:\Program Files\Steam\Steam.exe [2010-07-05 1238352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\Program Files\ICQ7.2\ICQ.exe [2010-07-05 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registrace Need for Speed™ Undercover.lnk]
C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
D:\PROGRA~1\Xfire\Xfire.exe [2010-05-28 3493264]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-04-03 1234216]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-02 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-14 12:44:01 ----D---- C:\rsit
2010-07-14 12:44:01 ----D---- C:\Program Files\trend micro
2010-07-14 12:37:04 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2010-07-14 11:51:57 ----D---- C:\Program Files (x86)\ESET
2010-07-14 10:45:57 ----A---- C:\Windows\system32\cdd.dll
2010-07-09 20:52:05 ----A---- C:\win32.sys
2010-07-08 20:29:04 ----D---- C:\Program Files (x86)\PhotoFiltre
2010-07-08 20:22:03 ----D---- C:\Users\Daniel\AppData\Roaming\IrfanView
2010-07-08 20:22:03 ----D---- C:\Program Files (x86)\IrfanView
2010-07-08 20:00:21 ----D---- C:\cstrike
2010-07-08 19:46:54 ----D---- C:\Program Files (x86)\Wally
2010-07-08 18:25:40 ----D---- C:\Program Files (x86)\Decal Converter
2010-07-08 09:53:18 ----D---- C:\Program Files (x86)\Valve
2010-07-06 13:03:55 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2010-07-05 18:48:50 ----A---- C:\Windows\SYSWOW64\pbsvc.exe
2010-07-05 15:46:45 ----D---- C:\Windows\pss
2010-07-05 15:24:12 ----D---- C:\Users\Daniel\AppData\Roaming\Xfire
2010-07-05 15:14:23 ----D---- C:\Program Files (x86)\Conduit
2010-07-05 15:14:17 ----D---- C:\ProgramData\Xfire
2010-07-05 15:01:54 ----D---- C:\Users\Daniel\AppData\Roaming\skypePM
2010-07-05 15:00:55 ----D---- C:\Users\Daniel\AppData\Roaming\Skype
2010-07-05 15:00:37 ----RD---- C:\Program Files (x86)\Skype
2010-07-05 15:00:35 ----D---- C:\ProgramData\Skype
2010-07-05 14:54:37 ----D---- C:\ProgramData\ICQ
2010-07-05 14:18:39 ----D---- C:\Users\Daniel\AppData\Roaming\AutoTransfer
2010-07-04 20:04:24 ----D---- C:\Users\Daniel\AppData\Roaming\ICQ
2010-07-02 14:37:58 ----D---- C:\Users\Daniel\AppData\Roaming\Opera
2010-07-02 14:37:53 ----D---- C:\Program Files (x86)\Opera
2010-07-02 14:28:07 ----AH---- C:\Windows\system32\hamachi.sys
2010-07-01 18:03:09 ----D---- C:\Program Files (x86)\Electronic Arts
2010-07-01 18:03:07 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-07-01 18:03:07 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-07-01 18:03:06 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2010-07-01 18:03:06 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-07-01 18:03:05 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-07-01 18:02:56 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2010-07-01 18:02:56 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-07-01 18:02:54 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2010-07-01 18:02:54 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-07-01 18:02:53 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-07-01 18:02:53 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-07-01 18:02:52 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-07-01 18:02:51 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2010-07-01 18:02:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2010-07-01 18:02:51 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-01 18:02:51 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-01 18:02:49 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2010-07-01 18:02:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-01 18:02:48 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-07-01 18:02:48 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-07-01 18:02:48 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-01 18:02:48 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-01 18:02:46 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-07-01 18:02:46 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-01 18:02:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2010-07-01 18:02:44 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-01 18:02:43 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-07-01 18:02:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-07-01 18:02:43 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-01 18:02:43 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-01 18:02:40 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-01 18:02:39 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-07-01 18:02:39 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-07-01 18:02:39 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-01 18:02:39 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-01 18:02:37 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-07-01 18:02:37 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-01 18:02:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-07-01 18:02:36 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-01 18:02:34 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-07-01 18:02:34 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-07-01 18:02:34 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-01 18:02:34 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-01 18:02:32 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-07-01 18:02:32 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-01 18:02:30 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-07-01 18:02:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-07-01 18:02:30 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-01 18:02:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-07-01 18:02:28 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-07-01 18:02:28 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-01 18:02:26 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-07-01 18:02:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-07-01 18:02:26 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-07-01 18:02:26 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-07-01 18:02:26 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-07-01 18:02:26 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-07-01 18:02:24 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-07-01 18:02:24 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-07-01 18:02:23 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-07-01 18:02:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-07-01 18:02:23 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-07-01 18:02:23 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-07-01 18:02:22 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-07-01 18:02:22 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-07-01 14:24:21 ----D---- C:\Program Files (x86)\Hamachi
2010-07-01 12:45:00 ----A---- C:\Windows\SYSWOW64\WPRO_40_1340woem.tmp
2010-07-01 12:44:44 ----D---- C:\Users\Daniel\AppData\Roaming\Raptr
2010-07-01 12:13:59 ----D---- C:\ProgramData\eMule
2010-07-01 12:10:40 ----D---- C:\Program Files (x86)\eMule
2010-06-30 22:46:56 ----D---- C:\Program Files\Alwil Software
2010-06-30 21:53:40 ----D---- C:\Program Files (x86)\Creative
2010-06-30 21:53:40 ----A---- C:\Windows\SYSWOW64\eax.dll
2010-06-30 21:53:36 ----A---- C:\Windows\IsUninst.exe
2010-06-30 21:51:14 ----D---- C:\Program Files (x86)\Eidos Interactive
2010-06-30 19:29:39 ----HD---- C:\VritualRoot
2010-06-30 19:26:45 ----D---- C:\ProgramData\Comodo Downloader
2010-06-30 18:06:34 ----A---- C:\Windows\jááá.txt
2010-06-30 15:24:04 ----D---- C:\ProgramData\Sun
2010-06-30 15:23:37 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-06-30 15:23:37 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-06-30 15:23:37 ----A---- C:\Windows\SYSWOW64\java.exe
2010-06-30 15:23:37 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-06-30 15:23:13 ----D---- C:\Program Files (x86)\Java
2010-06-30 15:19:14 ----D---- C:\Users\Daniel\AppData\Roaming\ESET
2010-06-30 15:18:13 ----D---- C:\ProgramData\ESET
2010-06-30 15:18:13 ----D---- C:\Program Files\ESET
2010-06-30 11:38:03 ----D---- C:\ProgramData\ATI
2010-06-30 11:21:03 ----D---- C:\Program Files (x86)\CCleaner
2010-06-29 17:12:50 ----D---- C:\Users\Daniel\AppData\Roaming\Malwarebytes
2010-06-29 17:12:47 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-06-29 17:12:46 ----D---- C:\ProgramData\Malwarebytes
2010-06-29 17:12:46 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-06-29 17:12:46 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-06-29 16:10:55 ----D---- C:\Program Files (x86)\trend micro
2010-06-29 14:36:08 ----D---- C:\ProgramData\Azureus
2010-06-29 14:36:07 ----D---- C:\Users\Daniel\AppData\Roaming\Azureus
2010-06-28 21:03:16 ----HD---- C:\ProgramData\CanonBJ
2010-06-27 21:21:59 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-06-27 21:21:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-06-27 21:21:39 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-06-27 21:21:30 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-06-27 14:18:49 ----D---- C:\Program Files (x86)\GNU
2010-06-26 09:17:22 ----D---- C:\Users\Daniel\AppData\Roaming\DivX
2010-06-26 09:17:14 ----D---- C:\Program Files\DivX
2010-06-26 09:16:50 ----D---- C:\Program Files (x86)\DivX
2010-06-26 09:16:31 ----D---- C:\ProgramData\DivX
2010-06-24 17:21:07 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-06-24 15:57:55 ----D---- C:\Users\Daniel\AppData\Roaming\GRETECH
2010-06-24 15:57:26 ----D---- C:\Program Files (x86)\GRETECH
2010-06-24 09:04:14 ----A---- C:\Windows\system32\drivers\eamonm.sys
2010-06-23 21:04:42 ----D---- C:\Users\Daniel\AppData\Roaming\Simple Star
2010-06-23 19:22:27 ----D---- C:\Users\Daniel\AppData\Roaming\Nero
2010-06-23 19:22:23 ----A---- C:\Windows\Irremote.ini
2010-06-23 19:19:47 ----D---- C:\ProgramData\Nero
2010-06-23 19:19:47 ----D---- C:\Program Files (x86)\Nero
2010-06-23 19:00:00 ----D---- C:\Windows\SYSWOW64\Wat
2010-06-23 19:00:00 ----D---- C:\Windows\system32\Wat
2010-06-23 16:51:41 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-06-23 16:51:41 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-06-23 16:51:41 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-06-23 16:51:41 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-06-23 16:51:41 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-06-23 16:51:41 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-23 16:51:41 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-23 16:51:41 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-23 16:51:41 ----A---- C:\Windows\system32\mscoree.dll
2010-06-23 16:51:41 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 16:42:18 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-06-23 16:42:18 ----A---- C:\Windows\system32\ntdll.dll
2010-06-23 16:42:13 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-23 16:42:12 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-06-23 16:42:12 ----A---- C:\Windows\system32\msdri.dll
2010-06-22 21:15:03 ----A---- C:\Windows\system32\MRT.exe
2010-06-22 14:22:30 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2010-06-22 14:22:13 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-06-22 14:17:15 ----D---- C:\Users\Daniel\AppData\Roaming\Leadertech
2010-06-22 14:14:09 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-06-22 14:14:09 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-06-22 14:14:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-06-22 14:14:09 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-06-22 14:14:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-06-22 14:14:09 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-06-22 14:14:09 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-06-22 14:14:09 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-06-22 14:14:09 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-06-22 14:14:09 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-06-22 14:14:08 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-06-22 14:14:08 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-06-22 14:14:08 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-06-22 14:14:08 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-06-22 14:14:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-06-22 14:14:08 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-06-22 14:14:08 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-06-22 14:14:08 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-06-22 14:14:08 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-06-22 14:14:08 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-06-22 14:14:07 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-06-22 14:14:07 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-06-22 14:14:07 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-06-22 14:14:07 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-06-22 14:14:07 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-06-22 14:14:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-06-22 14:14:07 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-06-22 14:14:07 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-06-22 14:14:07 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-06-22 14:14:07 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-06-22 14:14:07 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-06-22 14:14:07 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-06-22 14:14:06 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-06-22 14:14:06 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-06-22 14:14:06 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-06-22 14:14:06 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-06-22 14:14:06 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-06-22 14:14:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-06-22 14:14:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-06-22 14:14:06 ----A---- C:\Windows\system32\xinput1_3.dll
2010-06-22 14:14:06 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-06-22 14:14:06 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-06-22 14:14:06 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-06-22 14:14:06 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-06-22 14:14:06 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-06-22 14:14:06 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-06-22 14:14:05 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-06-22 14:14:05 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-06-22 14:14:05 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-06-22 14:14:05 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-06-22 14:14:04 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-06-22 14:14:04 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-06-22 14:14:04 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-06-22 14:14:04 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-06-22 14:14:04 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-06-22 14:14:04 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-06-22 14:14:04 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-06-22 14:14:04 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-06-22 14:14:04 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-06-22 14:14:04 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-06-22 14:14:04 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-06-22 14:14:04 ----A---- C:\Windows\system32\d3dx10.dll
2010-06-22 14:14:03 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-06-22 14:14:03 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-06-22 14:14:03 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-06-22 14:14:03 ----A---- C:\Windows\system32\xinput1_2.dll
2010-06-22 14:14:03 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-06-22 14:14:03 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-06-18 13:53:02 ----D---- C:\Users\Daniel\AppData\Roaming\Hamachi
2010-06-17 07:04:50 ----D---- C:\Users\Daniel\AppData\Roaming\WinRAR
2010-06-17 07:04:32 ----D---- C:\Program Files (x86)\WinRAR
2010-06-16 18:04:58 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2010-06-16 18:04:58 ----A---- C:\Windows\system32\msv1_0.dll
2010-06-16 18:03:28 ----A---- C:\Windows\system32\browserchoice.exe
2010-06-16 17:38:12 ----D---- C:\ProgramData\Firefly Studios
2010-06-16 17:33:09 ----D---- C:\Windows\Downloaded Installations
2010-06-16 17:32:56 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-06-16 17:32:56 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-06-16 17:32:56 ----A---- C:\Windows\system32\xinput1_1.dll
2010-06-16 17:32:56 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-06-16 17:32:54 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-06-16 17:32:54 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-06-16 17:32:53 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-06-16 17:32:53 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-06-16 17:32:53 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-06-16 17:32:53 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-06-16 17:32:53 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-06-16 17:32:53 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-06-16 17:32:53 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-06-16 17:32:53 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-06-16 17:32:52 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-06-16 17:32:52 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-06-16 17:32:52 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-06-16 17:32:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-06-16 17:32:52 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-06-16 17:32:52 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-06-16 17:32:51 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-06-16 17:32:51 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-06-16 17:29:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-06-16 17:29:42 ----D---- C:\Program Files (x86)\Firefly Studios
2010-06-16 17:22:39 ----D---- C:\Program Files (x86)\Google
2010-06-16 17:21:56 ----D---- C:\ProgramData\Alwil Software
2010-06-16 17:13:07 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-06-16 17:12:57 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2010-06-16 17:12:28 ----D---- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2010-06-16 17:12:26 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-06-16 16:51:36 ----D---- C:\Users\Daniel\AppData\Roaming\uTorrent
2010-06-16 16:51:04 ----D---- C:\Users\Daniel\AppData\Roaming\Mozilla
2010-06-16 16:49:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-06-16 16:35:42 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2010-06-16 16:35:42 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-16 16:35:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2010-06-16 16:35:41 ----A---- C:\Windows\system32\wmp.dll
2010-06-16 16:35:41 ----A---- C:\Windows\system32\vbscript.dll
2010-06-16 16:35:40 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-06-16 16:35:40 ----A---- C:\Windows\system32\CertEnroll.dll
2010-06-16 16:35:39 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-06-16 16:35:39 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2010-06-16 16:35:39 ----A---- C:\Windows\system32\wmploc.DLL
2010-06-16 16:35:39 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\secproc.dll
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2010-06-16 16:35:38 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2010-06-16 16:35:38 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-06-16 16:35:38 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-06-16 16:35:38 ----A---- C:\Windows\system32\secproc_isv.dll
2010-06-16 16:35:38 ----A---- C:\Windows\system32\secproc.dll
2010-06-16 16:35:38 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-06-16 16:35:38 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-06-16 16:35:38 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-06-16 16:35:38 ----A---- C:\Windows\system32\RMActivate.exe
2010-06-16 16:35:37 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-06-16 16:35:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-06-16 16:35:37 ----A---- C:\Windows\system32\t2embed.dll
2010-06-16 16:35:37 ----A---- C:\Windows\system32\inetcomm.dll
2010-06-16 16:35:35 ----A---- C:\Windows\explorer.exe
2010-06-16 16:35:34 ----A---- C:\Windows\SYSWOW64\explorer.exe
2010-06-16 16:35:34 ----A---- C:\Windows\system32\winlogon.exe
2010-06-16 16:35:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2010-06-16 16:35:33 ----A---- C:\Windows\SYSWOW64\user.exe
2010-06-16 16:35:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2010-06-16 16:35:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2010-06-16 16:35:33 ----A---- C:\Windows\SYSWOW64\instnm.exe
2010-06-16 16:35:33 ----A---- C:\Windows\system32\wow64.dll
2010-06-16 16:35:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2010-06-16 16:35:32 ----A---- C:\Windows\system32\quartz.dll
2010-06-16 16:35:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-06-16 16:35:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-06-16 16:35:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-06-16 16:35:32 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-06-16 16:35:31 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2010-06-16 16:35:31 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2010-06-16 16:35:31 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2010-06-16 16:35:31 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2010-06-16 16:35:31 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2010-06-16 16:35:31 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2010-06-16 16:35:31 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2010-06-16 16:35:31 ----A---- C:\Windows\system32\tsbyuv.dll
2010-06-16 16:35:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-06-16 16:35:31 ----A---- C:\Windows\system32\msyuv.dll
2010-06-16 16:35:31 ----A---- C:\Windows\system32\msvidc32.dll
2010-06-16 16:35:31 ----A---- C:\Windows\system32\msrle32.dll
2010-06-16 16:35:31 ----A---- C:\Windows\system32\iyuv_32.dll
2010-06-16 16:35:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-06-16 16:35:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-06-16 16:35:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-06-16 16:35:30 ----A---- C:\Windows\system32\jscript.dll
2010-06-16 16:35:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-06-16 16:35:29 ----A---- C:\Windows\system32\shell32.dll
2010-06-16 16:35:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2010-06-16 16:35:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2010-06-16 16:35:28 ----A---- C:\Windows\system32\lsasrv.dll
2010-06-16 16:35:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-06-16 16:35:27 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2010-06-16 16:35:27 ----A---- C:\Windows\system32\psisdecd.dll
2010-06-16 16:35:27 ----A---- C:\Windows\system32\msasn1.dll
2010-06-16 16:35:26 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2010-06-16 16:35:26 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-06-16 16:35:26 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-06-16 16:35:26 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-06-16 16:35:26 ----A---- C:\Windows\system32\fontsub.dll
2010-06-16 16:35:26 ----A---- C:\Windows\system32\atmlib.dll
2010-06-16 16:35:26 ----A---- C:\Windows\system32\atmfd.dll
2010-06-16 16:35:25 ----A---- C:\Windows\system32\win32k.sys
2010-06-16 16:35:24 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-06-16 16:35:24 ----A---- C:\Windows\system32\drivers\srv.sys
2010-06-16 16:35:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-06-16 16:35:22 ----A---- C:\Windows\system32\tzres.dll
2010-06-16 16:35:20 ----A---- C:\Windows\system32\mshtml.dll
2010-06-16 16:35:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-06-16 16:35:19 ----A---- C:\Windows\system32\ieframe.dll
2010-06-16 16:35:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-06-16 16:35:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-06-16 16:35:18 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-06-16 16:35:18 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-06-16 16:35:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-06-16 16:35:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-06-16 16:35:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-06-16 16:35:18 ----A---- C:\Windows\system32\wininet.dll
2010-06-16 16:35:18 ----A---- C:\Windows\system32\urlmon.dll
2010-06-16 16:35:18 ----A---- C:\Windows\system32\mstime.dll
2010-06-16 16:35:18 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-16 16:35:18 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-16 16:35:18 ----A---- C:\Windows\system32\iedkcs32.dll

======List of files/folders modified in the last 1 months======

2010-07-14 12:44:03 ----D---- C:\Windows\Temp
2010-07-14 12:44:01 ----RD---- C:\Program Files
2010-07-14 12:37:15 ----SHD---- C:\Windows\Installer
2010-07-14 12:37:05 ----D---- C:\Windows\system32\drivers
2010-07-14 12:37:04 ----RD---- C:\Program Files (x86)
2010-07-14 12:37:01 ----SHD---- C:\System Volume Information
2010-07-14 11:49:02 ----D---- C:\Windows\system32\NDF
2010-07-14 11:02:34 ----D---- C:\Windows\system32\config
2010-07-14 10:54:48 ----D---- C:\Windows\System32
2010-07-14 10:54:47 ----D---- C:\Windows\inf
2010-07-14 10:54:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-14 10:52:48 ----D---- C:\Windows\debug
2010-07-14 10:52:48 ----D---- C:\Windows
2010-07-14 10:48:15 ----D---- C:\Windows\winsxs
2010-07-14 10:45:31 ----D---- C:\Windows\system32\catroot
2010-07-14 10:44:30 ----D---- C:\Windows\system32\DriverStore
2010-07-14 10:38:11 ----D---- C:\Windows\system32\catroot2
2010-07-14 10:37:36 ----D---- C:\Windows\SysWOW64
2010-07-13 19:17:17 ----D---- C:\Windows\system32\Tasks
2010-07-05 18:48:39 ----RSD---- C:\Windows\assembly
2010-07-05 17:32:31 ----D---- C:\Program Files (x86)\Common Files
2010-07-05 15:14:17 ----HD---- C:\ProgramData
2010-07-04 19:39:39 ----D---- C:\Windows\Prefetch
2010-07-02 22:09:08 ----D---- C:\Windows\system32\wbem
2010-07-02 22:07:06 ----D---- C:\Windows\Tasks
2010-07-02 22:07:06 ----D---- C:\Windows\system32\wfp
2010-06-30 21:57:32 ----D---- C:\Windows\LiveKernelReports
2010-06-30 18:49:24 ----SD---- C:\ProgramData\Microsoft
2010-06-30 18:49:22 ----SD---- C:\Users\Daniel\AppData\Roaming\Microsoft
2010-06-30 15:59:56 ----SHD---- C:\$Recycle.Bin
2010-06-30 15:59:49 ----RD---- C:\Users
2010-06-30 11:37:40 ----D---- C:\Program Files\ATI Technologies
2010-06-30 11:34:31 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-06-29 17:24:44 ----RSD---- C:\Windows\Fonts
2010-06-29 17:12:47 ----D---- C:\Windows\SYSWOW64\drivers
2010-06-28 18:00:02 ----D---- C:\Windows\system32\wdi
2010-06-27 21:21:22 ----D---- C:\Windows\Logs
2010-06-26 09:23:06 ----D---- C:\Windows\system32\drivers\UMDF
2010-06-23 21:35:54 ----D---- C:\Windows\Microsoft.NET
2010-06-23 18:22:58 ----D---- C:\Windows\AppPatch
2010-06-23 16:51:34 ----D---- C:\Windows\ehome
2010-06-22 22:01:55 ----D---- C:\Windows\rescache
2010-06-22 14:17:05 ----D---- C:\Windows\system32\LogFiles
2010-06-16 18:08:05 ----D---- C:\Program Files\Windows Media Player
2010-06-16 18:08:05 ----D---- C:\Program Files (x86)\Windows Media Player
2010-06-16 18:08:04 ----D---- C:\Program Files\Windows Mail
2010-06-16 18:08:04 ----D---- C:\Program Files (x86)\Windows Mail
2010-06-16 18:08:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-06-16 18:08:03 ----D---- C:\Windows\system32\cs-CZ
2010-06-16 18:07:59 ----D---- C:\Program Files\Internet Explorer
2010-06-16 18:07:59 ----D---- C:\Program Files (x86)\Internet Explorer
2010-06-16 18:07:57 ----D---- C:\Windows\SYSWOW64\migration
2010-06-16 18:07:57 ----D---- C:\Windows\system32\migration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-16 834544]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 139704]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 166984]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-28 169592]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 50600]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-11 6108672]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-28 33608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 aec8c515;aec8c515; C:\Windows\system32\drivers\aec8c515.sys []
S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340); C:\Windows\system32\drivers\WPRO_40_1340.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-11 202752]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-07-02 810144]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1823112]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-07-05 75064]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-07-05 395048]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-16 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-07-02 42360]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1255736]

-----------------EOF-----------------

Hezké odpoledne


Otestujte na www.virustotal.com

C:\win32.sys


-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.



Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Výsledek ZDE

Prosím vás, naisntaloval sem si ještě Comodo Firewall a hodil mi tuto hlášku když sem si chtěl zahrát hru. děkuju

http://2i.cz/d1317a5083

Uf, já nemám Comodo. Udělejte ten AVPtool a pak to vyřešíme

Nic nenašlo, co mám udělat s tím confickerem? smazat?

A Vy jste ho ještě nesmazal? V Nodu?
Ale v logu ze Rsitu se mi stejně ještě něco nelíbí.


Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript: - zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde


-----
Dnes tu budu pravděpodobně až večer

Moc vám děkuju, že se mi věnujete


Log OTL
OTL logfile created on: 15.7.2010 9:22:09 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\Daniel\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 66,80 Gb Free Space | 68,40% Space Free | Partition Type: NTFS
Drive D: | 368,01 Gb Total Space | 308,87 Gb Free Space | 83,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 100,00 Mb Total Space | 70,25 Mb Free Space | 70,25% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANIEL-PC
Current User Name: Daniel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.15 08:58:56 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
PRC - [2010.07.05 18:48:50 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.07.05 17:33:00 | 000,395,048 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010.07.05 17:32:43 | 001,238,352 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2010.07.05 14:54:28 | 000,133,368 | ---- | M] (ICQ, LLC.) -- D:\Program Files\ICQ7.2\ICQ.exe
PRC - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010.06.27 21:25:16 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.06.27 21:25:15 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.04.03 01:27:32 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.04.01 11:16:12 | 000,275,776 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2010.03.30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (SafeList) ==========

MOD - [2010.07.15 08:58:56 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
MOD - [2010.06.01 19:00:52 | 000,278,288 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll
MOD - [2009.07.14 03:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.07.02 12:44:10 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.06.01 19:00:54 | 002,348,600 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2009.11.11 06:58:54 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.07.05 18:48:50 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.07.05 17:33:00 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_40_1340.sys -- (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340)
DRV:64bit: - [2010.06.24 09:04:14 | 000,166,984 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.06.16 17:13:07 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.28 08:17:46 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010.04.28 08:17:46 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.04.28 08:17:46 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010.04.28 08:17:46 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.11.11 07:34:52 | 006,108,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.09.30 16:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4518198-3009120168-3986394858-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-4518198-3009120168-3986394858-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-4518198-3009120168-3986394858-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-4518198-3009120168-3986394858-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E1 B7 0F F1 E5 0B CB 01 [binary data]
IE - HKU\S-1-5-21-4518198-3009120168-3986394858-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4518198-3009120168-3986394858-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.1.3
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2304157&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.13 19:08:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.14 21:27:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.07.14 10:44:13 | 000,000,000 | ---D | M]

[2010.06.16 16:51:24 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mozilla\Extensions
[2010.07.14 20:47:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\i873cafg.default\extensions
[2010.07.05 15:14:21 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\i873cafg.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.07.05 14:54:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\i873cafg.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.07.14 20:47:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\i873cafg.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.07.14 20:47:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\i873cafg.default\extensions\staged-xpis
[2010.07.05 15:29:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.06.30 15:23:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.30 15:23:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.26 15:51:47 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.06.26 15:51:47 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.06.26 15:51:47 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.06.26 15:51:47 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.06.26 15:51:47 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4518198-3009120168-3986394858-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4518198-3009120168-3986394858-1001..\Run: [ICQ] D:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-4518198-3009120168-3986394858-1001..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (j曏痽 C:\Windows\SysWOW64\guard32.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e1d4b566-7959-11df-8ca7-6cf04905c3e7}\Shell - "" = AutoRun
O33 - MountPoints2\{e1d4b566-7959-11df-8ca7-6cf04905c3e7}\Shell\AutoRun\command - "" = I:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - DivX.dll File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.07.15 08:58:21 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2010.07.14 21:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.07.14 20:49:43 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Adobe
[2010.07.14 20:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.07.14 20:49:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.07.14 20:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2010.07.14 19:16:14 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2010.07.14 19:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010.07.14 12:44:01 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.14 12:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.07.14 10:45:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.07.13 17:59:17 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Download
[2010.07.11 16:52:43 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\gegl-0.0
[2010.07.08 20:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre
[2010.07.08 20:22:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\IrfanView
[2010.07.08 20:22:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2010.07.08 18:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Decal Converter
[2010.07.06 13:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2010.07.06 13:03:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel\SystemRequirementsLab
[2010.07.05 17:32:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.07.05 15:46:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.07.05 15:24:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Xfire
[2010.07.05 15:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.07.05 15:01:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\skypePM
[2010.07.05 15:00:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Skype
[2010.07.05 15:00:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.07.05 15:00:37 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.07.05 15:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.07.05 14:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.07.05 14:18:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\AutoTransfer
[2010.07.05 09:10:22 | 000,000,000 | R--D | C] -- C:\Users\Daniel\Desktop\Písničky
[2010.07.04 20:04:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2010.07.04 20:04:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\AOL
[2010.07.04 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Daniel\Desktop\Registry
[2010.07.02 14:37:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Opera
[2010.07.02 14:37:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Opera
[2010.07.02 14:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010.07.02 14:33:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\LogMeIn Hamachi
[2010.07.02 14:28:07 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2010.07.01 18:03:07 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.07.01 18:03:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.07.01 18:03:06 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.07.01 18:03:06 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.07.01 18:03:05 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.07.01 18:02:56 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.07.01 18:02:56 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.07.01 18:02:54 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.07.01 18:02:54 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.07.01 18:02:53 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.07.01 18:02:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.07.01 18:02:52 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.07.01 18:02:51 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.07.01 18:02:51 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.07.01 18:02:51 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.07.01 18:02:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.07.01 18:02:49 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.07.01 18:02:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.07.01 18:02:48 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.07.01 18:02:48 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.07.01 18:02:48 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.07.01 18:02:48 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.07.01 18:02:46 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.07.01 18:02:46 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.07.01 18:02:44 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.07.01 18:02:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.07.01 18:02:43 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.07.01 18:02:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.07.01 18:02:43 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.07.01 18:02:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.07.01 18:02:40 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.07.01 18:02:39 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.07.01 18:02:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.07.01 18:02:39 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.07.01 18:02:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.07.01 18:02:37 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.07.01 18:02:37 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.07.01 18:02:36 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.07.01 18:02:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.07.01 18:02:34 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.07.01 18:02:34 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.07.01 18:02:34 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.07.01 18:02:34 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.07.01 18:02:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.07.01 18:02:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.07.01 18:02:30 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.07.01 18:02:30 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.07.01 18:02:30 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.07.01 18:02:30 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.07.01 18:02:28 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.07.01 18:02:28 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.07.01 18:02:26 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.07.01 18:02:26 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.07.01 18:02:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.07.01 18:02:26 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.07.01 18:02:26 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.07.01 18:02:26 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.07.01 18:02:24 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.07.01 18:02:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.07.01 18:02:23 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.07.01 18:02:23 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.07.01 18:02:23 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.07.01 18:02:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.07.01 18:02:22 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.07.01 18:02:22 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.07.01 14:24:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hamachi
[2010.07.01 12:44:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Raptr
[2010.07.01 12:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2010.06.30 22:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.06.30 21:53:40 | 000,139,264 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\eax.dll
[2010.06.30 21:53:36 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2010.06.30 21:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eidos Interactive
[2010.06.30 19:29:39 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2010.06.30 19:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2010.06.30 17:19:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\ESET
[2010.06.30 16:56:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\SecurDisc Key Data
[2010.06.30 15:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.06.30 15:24:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.06.30 15:23:37 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.06.30 15:23:37 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.06.30 15:23:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.06.30 15:23:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.06.30 15:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.06.30 15:19:14 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\ESET
[2010.06.30 15:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010.06.30 15:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.06.30 11:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.06.30 11:37:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\NFS Most Wanted
[2010.06.30 11:21:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.06.29 17:12:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes
[2010.06.29 17:12:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.06.29 17:12:46 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.06.29 17:12:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.06.29 17:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.29 14:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2010.06.29 14:36:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Azureus
[2010.06.29 14:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\i4j_jres
[2010.06.28 21:03:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2010.06.27 21:52:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Nero_AG
[2010.06.27 21:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.06.27 21:21:48 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.06.27 21:21:39 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.06.27 21:21:30 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.06.26 09:17:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\DivX
[2010.06.26 09:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.06.26 09:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.06.26 09:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.06.26 09:16:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.06.26 09:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.06.26 08:48:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\GomPlayer
[2010.06.24 17:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.06.24 15:57:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\GRETECH
[2010.06.24 15:57:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2010.06.24 09:04:14 | 000,166,984 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
[2010.06.23 21:04:42 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Simple Star
[2010.06.23 20:12:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Nero
[2010.06.23 19:26:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Ahead
[2010.06.23 19:22:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Nero
[2010.06.23 19:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.06.23 19:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010.06.23 19:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.06.23 19:00:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010.06.23 19:00:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010.06.23 18:28:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Diagnostics
[2010.06.23 16:51:41 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.06.23 16:51:41 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.06.23 16:51:41 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.06.23 16:51:41 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.06.23 16:51:41 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.06.23 16:51:41 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.06.23 16:51:41 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.06.23 16:51:41 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.06.23 16:42:18 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010.06.23 16:42:13 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.06.23 16:42:12 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.06.23 16:42:12 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.06.23 16:42:12 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.06.23 16:42:12 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010.06.23 16:42:12 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.06.23 16:42:12 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.06.22 14:22:19 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\NFS Undercover
[2010.06.22 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\PunkBuster
[2010.06.22 14:17:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Leadertech
[2010.06.22 14:14:09 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.06.22 14:14:09 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.06.22 14:14:09 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.06.22 14:14:09 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.06.22 14:14:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.06.22 14:14:09 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.06.22 14:14:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.06.22 14:14:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.06.22 14:14:09 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.06.22 14:14:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.06.22 14:14:08 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.06.22 14:14:08 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.06.22 14:14:08 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.06.22 14:14:08 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.06.22 14:14:08 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.06.22 14:14:08 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.06.22 14:14:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.06.22 14:14:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.06.22 14:14:08 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.06.22 14:14:08 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.06.22 14:14:07 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.06.22 14:14:07 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.06.22 14:14:07 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.06.22 14:14:07 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.06.22 14:14:07 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.06.22 14:14:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.06.22 14:14:07 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.06.22 14:14:07 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.06.22 14:14:07 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.06.22 14:14:07 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.06.22 14:14:07 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.06.22 14:14:07 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.06.22 14:14:06 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.06.22 14:14:06 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.06.22 14:14:06 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.06.22 14:14:06 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.06.22 14:14:06 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.06.22 14:14:06 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.06.22 14:14:06 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.06.22 14:14:06 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.06.22 14:14:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.06.22 14:14:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.06.22 14:14:06 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.06.22 14:14:06 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.06.22 14:14:06 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.06.22 14:14:06 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.06.22 14:14:05 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.06.22 14:14:05 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.06.22 14:14:05 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.06.22 14:14:05 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.06.22 14:14:04 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.06.22 14:14:04 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.06.22 14:14:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.06.22 14:14:04 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.06.22 14:14:04 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.06.22 14:14:04 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.06.22 14:14:04 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.06.22 14:14:04 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.06.22 14:14:04 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.06.22 14:14:04 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.06.22 14:14:04 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.06.22 14:14:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.06.22 14:14:03 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.06.22 14:14:03 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.06.22 14:14:03 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.06.22 14:14:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.06.22 14:14:03 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.06.22 14:14:03 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.06.20 21:36:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\ElevatedDiagnostics
[2010.06.18 13:53:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Hamachi
[2010.06.17 07:04:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\WinRAR
[2010.06.17 07:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010.06.16 18:03:28 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.06.16 17:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Firefly Studios
[2010.06.16 17:35:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Stronghold Legends
[2010.06.16 17:33:09 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010.06.16 17:32:56 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.06.16 17:32:56 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.06.16 17:32:56 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.06.16 17:32:56 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.06.16 17:32:54 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.06.16 17:32:54 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.06.16 17:32:53 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.06.16 17:32:53 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.06.16 17:32:53 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.06.16 17:32:53 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.06.16 17:32:53 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.06.16 17:32:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.06.16 17:32:53 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.06.16 17:32:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.06.16 17:32:52 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.06.16 17:32:52 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.06.16 17:32:52 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.06.16 17:32:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.06.16 17:32:52 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.06.16 17:32:52 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.06.16 17:32:51 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.06.16 17:32:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

2. část

[2010.06.16 17:29:42 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.06.16 17:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefly Studios
[2010.06.16 17:29:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.06.16 17:22:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Google
[2010.06.16 17:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.06.16 17:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.06.16 17:12:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.06.16 17:12:28 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
[2010.06.16 17:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.06.16 16:51:36 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\uTorrent
[2010.06.16 16:51:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Mozilla
[2010.06.16 16:51:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Mozilla
[2010.06.16 16:49:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.06.16 16:35:41 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.06.16 16:35:41 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.06.16 16:35:41 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.06.16 16:35:40 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.06.16 16:35:40 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.06.16 16:35:39 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.06.16 16:35:39 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.06.16 16:35:39 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.06.16 16:35:38 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.06.16 16:35:38 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.06.16 16:35:38 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.06.16 16:35:38 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.06.16 16:35:38 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.06.16 16:35:38 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.06.16 16:35:38 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.06.16 16:35:38 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.06.16 16:35:38 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.06.16 16:35:38 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.06.16 16:35:38 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.06.16 16:35:38 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.06.16 16:35:38 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.06.16 16:35:38 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.06.16 16:35:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.06.16 16:35:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.06.16 16:35:37 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.06.16 16:35:37 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.06.16 16:35:35 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.06.16 16:35:34 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.06.16 16:35:34 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.06.16 16:35:33 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.06.16 16:35:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.06.16 16:35:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.06.16 16:35:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.06.16 16:35:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.06.16 16:35:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.06.16 16:35:32 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.06.16 16:35:32 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.06.16 16:35:31 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.06.16 16:35:31 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.06.16 16:35:31 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.06.16 16:35:30 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.06.16 16:35:30 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.06.16 16:35:30 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.06.16 16:35:30 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.06.16 16:35:28 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.06.16 16:35:27 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.06.16 16:35:27 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.06.16 16:35:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.06.16 16:35:26 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.06.16 16:35:26 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.06.16 16:35:26 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.06.16 16:35:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.06.16 16:35:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.06.16 16:35:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.15 09:24:56 | 002,097,152 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat
[2010.07.15 08:58:56 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2010.07.15 08:57:27 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.15 08:57:27 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.15 08:56:38 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.15 08:56:38 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.07.15 08:56:38 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.15 08:56:38 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.07.15 08:56:38 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.15 08:50:22 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.15 08:50:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.15 08:50:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.15 08:50:04 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.15 00:25:42 | 006,359,277 | -H-- | M] () -- C:\Users\Daniel\AppData\Local\IconCache.db
[2010.07.14 23:32:01 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.14 21:27:40 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.14 20:24:40 | 000,001,003 | ---- | M] () -- C:\Users\Daniel\Desktop\SpeedFan.lnk
[2010.07.14 20:24:39 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.07.14 20:13:23 | 000,000,754 | ---- | M] () -- C:\Users\Daniel\Desktop\Counter Strike.lnk
[2010.07.14 19:27:20 | 000,071,053 | ---- | M] () -- C:\Users\Daniel\Desktop\Co to je.jpg
[2010.07.14 19:13:44 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2010.07.14 12:43:23 | 000,832,273 | ---- | M] () -- C:\Users\Daniel\Desktop\RSITx64.exe
[2010.07.14 10:48:55 | 000,001,997 | ---- | M] () -- C:\Users\Daniel\Desktop\ESET Smart Security.lnk
[2010.07.11 19:09:28 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.07.11 19:09:28 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.07.09 23:14:23 | 000,000,476 | ---- | M] () -- C:\win32.sys
[2010.07.08 20:29:04 | 000,001,039 | ---- | M] () -- C:\Users\Daniel\Desktop\PhotoFiltre.lnk
[2010.07.07 18:23:22 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_23_22_092.mdmp
[2010.07.07 18:20:03 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_20_03_643.mdmp
[2010.07.07 18:19:47 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_19_47_455.mdmp
[2010.07.07 18:19:01 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_19_00_990.mdmp
[2010.07.07 18:17:39 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_17_39_920.mdmp
[2010.07.07 18:03:44 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_03_44_817.mdmp
[2010.07.07 17:53:48 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__15_53_48_528.mdmp
[2010.07.07 17:53:32 | 000,065,840 | ---- | M] () -- C:\Windows\SysWow64\Steam_2010_07_07__15_53_32_770.mdmp
[2010.07.06 23:56:17 | 000,000,761 | ---- | M] () -- C:\Users\Daniel\Desktop\EVEREST Home Edition.lnk
[2010.07.05 18:48:50 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.07.05 18:48:50 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.07.05 17:41:39 | 000,000,215 | ---- | M] () -- C:\Users\Daniel\Desktop\America's Army 3.url
[2010.07.05 15:24:11 | 000,000,660 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.07.05 15:01:55 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.07.05 15:00:41 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.05 14:54:57 | 000,000,723 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.07.05 14:35:05 | 000,000,894 | ---- | M] () -- C:\Users\Daniel\Desktop\Hidden & Dangerous 2.lnk
[2010.07.04 20:28:27 | 000,000,707 | ---- | M] () -- C:\Users\Daniel\Desktop\Commandos3.lnk
[2010.07.04 20:27:51 | 000,000,662 | ---- | M] () -- C:\Users\Daniel\Desktop\Hidden & Dangerous.lnk
[2010.07.04 20:24:08 | 000,001,487 | ---- | M] () -- C:\Users\Daniel\Desktop\Lara Croft - Tomb Rider.lnk
[2010.07.04 20:17:28 | 000,000,724 | ---- | M] () -- C:\Users\Daniel\Desktop\Need for Speed Most Wanted.lnk
[2010.07.04 20:12:28 | 000,000,767 | ---- | M] () -- C:\Users\Public\Desktop\Hidden & Dangerous Deluxe.lnk
[2010.07.04 19:44:16 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.07.04 19:27:17 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.07.04 19:24:41 | 000,000,039 | ---- | M] () -- C:\Windows\Irremote.ini
[2010.07.04 12:53:07 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.07.03 14:32:33 | 000,002,336 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.07.02 22:07:12 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{3cb57194-8614-11df-95e4-6cf04905c3e7}.TMContainer00000000000000000002.regtrans-ms
[2010.07.02 22:07:11 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{3cb57194-8614-11df-95e4-6cf04905c3e7}.TMContainer00000000000000000001.regtrans-ms
[2010.07.02 22:07:11 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{3cb57194-8614-11df-95e4-6cf04905c3e7}.TM.blf
[2010.07.02 14:33:47 | 000,000,944 | ---- | M] () -- C:\Users\Daniel\Desktop\LogMeIn Hamachi.lnk
[2010.07.01 18:21:14 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{e5c3266e-8525-11df-9633-6cf04905c3e7}.TMContainer00000000000000000002.regtrans-ms
[2010.07.01 18:21:14 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{e5c3266e-8525-11df-9633-6cf04905c3e7}.TMContainer00000000000000000001.regtrans-ms
[2010.07.01 18:21:14 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{e5c3266e-8525-11df-9633-6cf04905c3e7}.TM.blf
[2010.07.01 12:45:49 | 000,001,003 | ---- | M] () -- C:\Users\Daniel\Desktop\CCleaner.lnk
[2010.06.30 21:55:19 | 000,000,878 | ---- | M] () -- C:\Users\Daniel\Desktop\Lara Croft - Angel of Darkness.lnk
[2010.06.30 20:22:43 | 000,001,772 | ---- | M] () -- C:\Users\Daniel\Desktop\NeroExpress.lnk
[2010.06.30 15:23:20 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.06.30 15:23:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.06.30 15:23:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.06.30 15:23:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.06.29 18:25:12 | 000,057,560 | ---- | M] () -- C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.29 18:24:33 | 000,279,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.29 17:12:49 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.27 21:42:03 | 000,003,087 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2010.06.27 21:35:54 | 000,002,975 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2010.06.27 21:35:20 | 000,002,909 | ---- | M] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2010.06.27 21:34:40 | 000,002,961 | ---- | M] () -- C:\Users\Public\Desktop\Nero MediaHub 10.lnk
[2010.06.27 21:33:25 | 000,002,955 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2010.06.26 09:23:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_EhStorPwdDrv_01_09_00.Wdf
[2010.06.24 15:57:30 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010.06.24 09:04:14 | 000,166,984 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
[2010.06.21 20:51:51 | 000,002,246 | ---- | M] () -- C:\Users\Public\Desktop\Play Stronghold Legends.lnk
[2010.06.21 20:44:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.17 15:45:40 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold Crusader.lnk
[2010.06.16 17:13:25 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.06.16 17:13:07 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.07.14 20:49:18 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.14 20:24:40 | 000,001,003 | ---- | C] () -- C:\Users\Daniel\Desktop\SpeedFan.lnk
[2010.07.14 20:24:39 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.07.14 20:13:23 | 000,000,754 | ---- | C] () -- C:\Users\Daniel\Desktop\Counter Strike.lnk
[2010.07.14 19:27:20 | 000,071,053 | ---- | C] () -- C:\Users\Daniel\Desktop\Co to je.jpg
[2010.07.14 19:13:44 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2010.07.14 12:43:21 | 000,832,273 | ---- | C] () -- C:\Users\Daniel\Desktop\RSITx64.exe
[2010.07.14 10:48:55 | 000,001,997 | ---- | C] () -- C:\Users\Daniel\Desktop\ESET Smart Security.lnk
[2010.07.09 20:52:05 | 000,000,476 | ---- | C] () -- C:\win32.sys
[2010.07.08 20:29:04 | 000,001,039 | ---- | C] () -- C:\Users\Daniel\Desktop\PhotoFiltre.lnk
[2010.07.07 18:23:22 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_23_22_092.mdmp
[2010.07.07 18:20:03 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_20_03_643.mdmp
[2010.07.07 18:19:47 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_19_47_455.mdmp
[2010.07.07 18:19:00 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_19_00_990.mdmp
[2010.07.07 18:17:39 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_17_39_920.mdmp
[2010.07.07 18:03:44 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__16_03_44_817.mdmp
[2010.07.07 17:53:48 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__15_53_48_528.mdmp
[2010.07.07 17:53:32 | 000,065,840 | ---- | C] () -- C:\Windows\SysWow64\Steam_2010_07_07__15_53_32_770.mdmp
[2010.07.06 23:56:17 | 000,000,761 | ---- | C] () -- C:\Users\Daniel\Desktop\EVEREST Home Edition.lnk
[2010.07.05 19:25:49 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.07.05 18:48:50 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.07.05 17:41:38 | 000,000,215 | ---- | C] () -- C:\Users\Daniel\Desktop\America's Army 3.url
[2010.07.05 15:24:11 | 000,000,660 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.07.05 15:01:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.05 15:00:41 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.05 14:54:57 | 000,000,723 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.07.05 14:35:05 | 000,000,894 | ---- | C] () -- C:\Users\Daniel\Desktop\Hidden & Dangerous 2.lnk
[2010.07.04 20:28:27 | 000,000,707 | ---- | C] () -- C:\Users\Daniel\Desktop\Commandos3.lnk
[2010.07.04 20:26:12 | 000,000,662 | ---- | C] () -- C:\Users\Daniel\Desktop\Hidden & Dangerous.lnk
[2010.07.04 20:22:58 | 000,001,487 | ---- | C] () -- C:\Users\Daniel\Desktop\Lara Croft - Tomb Rider.lnk
[2010.07.04 20:15:48 | 000,000,724 | ---- | C] () -- C:\Users\Daniel\Desktop\Need for Speed Most Wanted.lnk
[2010.07.04 20:12:28 | 000,000,767 | ---- | C] () -- C:\Users\Public\Desktop\Hidden & Dangerous Deluxe.lnk
[2010.07.04 19:44:16 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2010.07.04 19:24:26 | 000,000,944 | ---- | C] () -- C:\Users\Daniel\Desktop\LogMeIn Hamachi.lnk
[2010.07.04 12:53:07 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.07.02 22:07:12 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{3cb57194-8614-11df-95e4-6cf04905c3e7}.TMContainer00000000000000000002.regtrans-ms
[2010.07.02 22:07:11 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{3cb57194-8614-11df-95e4-6cf04905c3e7}.TMContainer00000000000000000001.regtrans-ms
[2010.07.02 22:07:11 | 000,065,536 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{3cb57194-8614-11df-95e4-6cf04905c3e7}.TM.blf
[2010.07.01 17:55:32 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{e5c3266e-8525-11df-9633-6cf04905c3e7}.TMContainer00000000000000000002.regtrans-ms
[2010.07.01 17:55:32 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{e5c3266e-8525-11df-9633-6cf04905c3e7}.TMContainer00000000000000000001.regtrans-ms
[2010.07.01 17:55:32 | 000,065,536 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{e5c3266e-8525-11df-9633-6cf04905c3e7}.TM.blf
[2010.07.01 12:45:49 | 000,001,003 | ---- | C] () -- C:\Users\Daniel\Desktop\CCleaner.lnk
[2010.06.30 21:51:55 | 000,000,878 | ---- | C] () -- C:\Users\Daniel\Desktop\Lara Croft - Angel of Darkness.lnk
[2010.06.30 20:22:43 | 000,001,772 | ---- | C] () -- C:\Users\Daniel\Desktop\NeroExpress.lnk
[2010.06.29 17:12:49 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.27 21:35:54 | 000,002,975 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2010.06.27 21:35:20 | 000,002,909 | ---- | C] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2010.06.27 21:34:40 | 000,002,961 | ---- | C] () -- C:\Users\Public\Desktop\Nero MediaHub 10.lnk
[2010.06.27 21:33:46 | 000,003,087 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2010.06.27 21:33:25 | 000,002,955 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2010.06.26 09:23:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_EhStorPwdDrv_01_09_00.Wdf
[2010.06.24 15:57:30 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010.06.23 19:22:23 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.06.22 14:22:30 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.06.22 14:22:13 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.06.21 20:44:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.17 15:45:40 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\Stronghold Crusader.lnk
[2010.06.16 17:32:34 | 000,002,246 | ---- | C] () -- C:\Users\Public\Desktop\Play Stronghold Legends.lnk
[2010.06.16 17:23:10 | 000,002,336 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.06.16 17:22:43 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.16 17:22:42 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.16 17:22:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.06.16 17:13:25 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.06.16 17:13:07 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.05.28 02:04:46 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.07.05 14:18:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\AutoTransfer
[2010.07.01 17:54:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Azureus
[2010.06.16 17:34:27 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
[2010.06.30 15:19:14 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ESET
[2010.07.15 08:51:16 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2010.07.08 20:22:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\IrfanView
[2010.06.22 14:17:15 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Leadertech
[2010.07.02 14:37:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Opera
[2010.07.01 14:09:06 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Raptr
[2010.06.23 21:04:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Simple Star
[2010.07.01 17:54:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\uTorrent
[2009.07.14 07:08:49 | 000,028,760 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"Steam" = "D:\Program Files\Steam\Steam.exe" -silent -- [2010.07.05 17:32:43 | 001,238,352 | ---- | M] (Valve Corporation)
"ICQ" = "D:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 -- [2010.07.05 14:54:28 | 000,133,368 | ---- | M] (ICQ, LLC.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.14 20:49:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Adobe
[2010.06.14 19:24:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ATI
[2010.07.05 14:18:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\AutoTransfer
[2010.07.01 17:54:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Azureus
[2010.06.16 17:34:27 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
[2010.06.26 09:17:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DivX
[2010.06.30 15:19:14 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ESET
[2010.06.24 15:57:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\GRETECH
[2010.07.14 12:27:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Hamachi
[2010.07.15 08:51:16 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2010.06.14 19:15:05 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Identities
[2010.07.08 20:22:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\IrfanView
[2010.06.22 14:17:15 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Leadertech
[2010.06.14 19:22:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Macromedia
[2010.06.29 17:12:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Media Center Programs
[2010.06.30 18:49:22 | 000,000,000 | --SD | M] -- C:\Users\Daniel\AppData\Roaming\Microsoft
[2010.06.16 16:51:24 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mozilla
[2010.06.27 21:48:51 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nero
[2010.07.02 14:37:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Opera
[2010.07.01 14:09:06 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Raptr
[2010.06.23 21:04:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Simple Star
[2010.07.07 08:49:49 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Skype
[2010.07.07 08:49:06 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\skypePM
[2010.07.01 17:54:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\uTorrent
[2010.06.17 07:04:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\WinRAR
[2010.07.06 23:12:25 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Xfire

< %APPDATA%\*.exe /s >
[2010.06.30 11:35:05 | 000,010,134 | R--- | M] () -- C:\Users\Daniel\AppData\Roaming\Microsoft\Installer\{535C4DFA-1838-0587-23D4-1D2B4354BF50}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.07.14 20:24:39 | 000,000,045 | ---- | M] () -- C:\Windows\SysWOW64\initdebug.nfo
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >

Extras sem nenašel

Omlouvám se, dostala sjem se k počítači až ted večer. Už koukám na log

zrovnaa sem vám poslal SZ

A neomlovejte se

Tyto Ip adresy znáte?
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37



Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde


Já nikde v logu confickera nevidím, hlásí antivir ještě něco?

Tu IP teda neznám