RSIT LOG
Logfile of random's system information tool 1.08 (written by random/random)
Run by chrudim at 2011-02-18 21:03:12
Microsoft Windows 7 Home Premium
System drive C: has 44 GB (44%) free of 100 GB
Total RAM: 3839 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:03:17, on 18.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Replay Media Catcher\FLVSrvc.exe
C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\trend micro\chrudim.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://go.microsoft.com/fwlink/?linkid=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://fr.msn.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://fr.msn.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Movier-media Toolbar - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files (x86)\Movier-media\tbMovi.dll
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe,
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Movier-media Toolbar - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files (x86)\Movier-media\tbMovi.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Movier-media Toolbar - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files (x86)\Movier-media\tbMovi.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files (x86)\Replay Media Catcher\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O15 - Trusted Zone:
http://software.kuaiche.comO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11384 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {3FB35B49-C35C-49AA-9D08-1E1228881949}
C:\Windows\system32\dgdersvc.exe
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" -tray
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"C:\Program Files (x86)\Replay Media Catcher\FLVSrvc.exe" /run
"C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-61f43de2-d8a0-4aa2-a115-37047a85209a -SystemEventPortName:HostProcess-f6dcaef7-c4ee-45d3-80aa-65755e8d8690 -IoCancelEventPortName:HostProcess-4ee156fe-c18c-4549-bd22-a281ac931f2d -NonStateChangingEventPortName:HostProcess-91db9af0-6a0f-4290-81c5-ea5c25629bab -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e2d97ca3-2ffe-48eb-bb9b-d61bb7214d65
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{2D3AB049-69C5-4B14-999D-30DE4AD842C5}
{CB5FE859-F63D-4A46-AE5E-D979B88B8A95}
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
{C1A9B3F2-A561-4789-892D-8C6DB4CE4CBE}
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\chrudim\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce10bf86-da68-441e-91fa-38336363e3cd}]
Movier-media Toolbar - C:\Program Files (x86)\Movier-media\tbMovi.dll [2010-03-09 2355224]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-10-11 1244040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18 163840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 444752]
{E0E899AB-F487-11D5-8D29-0050BA6940E3}
{ce10bf86-da68-441e-91fa-38336363e3cd} - Movier-media Toolbar - C:\Program Files (x86)\Movier-media\tbMovi.dll [2010-03-09 2355224]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-10-11 1244040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-20 7981088]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\/\KiesTrayAgent.exe [2010-01-28 3404600]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
""= []
"NokiaOviSuite2"=C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-04 102400]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"RemoteControl9"=C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
"PDVD9LanguageShortcut"=C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Ask and Record FLV Service"=C:\Program Files (x86)\Replay Media Catcher\FLVSrvc.exe [2009-09-22 156672]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"NBAgent"=C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-14 1086760]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-02-18 19:59:57 ----D---- C:\Users\chrudim\AppData\Roaming\Malwarebytes
2011-02-18 19:59:53 ----D---- C:\ProgramData\Malwarebytes
2011-02-18 19:59:53 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-02-18 19:59:50 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-02-18 19:59:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-02-18 19:41:51 ----D---- C:\Program Files (x86)\VS Revo Group
2011-02-18 19:31:42 ----SHD---- C:\Config.Msi
2011-02-18 19:07:09 ----RASHD---- C:\Autorun.inf
2011-02-18 19:04:15 ----A---- C:\UsbFix.txt
2011-02-18 18:22:57 ----D---- C:\UsbFix
2011-02-18 18:19:01 ----D---- C:\rsit
2011-02-18 18:19:01 ----D---- C:\Program Files\trend micro
2011-02-18 13:21:37 ----AD---- C:\Kaspersky Rescue Disk 10.0
2011-02-17 20:02:18 ----D---- C:\Windows\Minidump
2011-02-14 21:27:28 ----D---- C:\Program Files (x86)\pdfforge Toolbar
2011-02-14 21:27:28 ----D---- C:\Program Files (x86)\Application Updater
2011-02-09 10:14:21 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-09 10:14:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-09 10:14:20 ----A---- C:\Windows\system32\cdd.dll
2011-02-09 10:14:18 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-02-09 10:14:18 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-02-09 10:14:18 ----A---- C:\Windows\system32\atmlib.dll
2011-02-09 10:14:18 ----A---- C:\Windows\system32\atmfd.dll
2011-02-09 10:14:13 ----A---- C:\Windows\system32\mshtml.dll
2011-02-09 10:14:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-02-09 10:14:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-02-09 10:14:09 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\mstime.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-09 10:14:09 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\iertutil.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\iepeers.dll
2011-02-09 10:14:09 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-09 10:13:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-02-09 10:13:15 ----A---- C:\Windows\system32\kerberos.dll
2011-02-09 10:13:12 ----A---- C:\Windows\system32\win32k.sys
2011-02-09 10:13:07 ----A---- C:\Windows\system32\upnp.dll
2011-02-09 10:13:07 ----A---- C:\Windows\system32\msxml6.dll
2011-02-09 10:13:07 ----A---- C:\Windows\system32\msxml3.dll
2011-02-09 10:13:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-02-09 10:13:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-02-09 10:13:06 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-02-09 10:13:06 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-02-09 10:13:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-02-09 10:13:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-02-09 10:13:06 ----A---- C:\Windows\system32\wininet.dll
2011-02-09 10:13:06 ----A---- C:\Windows\system32\winhttp.dll
2011-02-09 10:13:06 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-09 10:13:06 ----A---- C:\Windows\system32\urlmon.dll
2011-02-09 10:13:06 ----A---- C:\Windows\system32\davclnt.dll
2011-02-09 10:13:05 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-02-09 10:13:05 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-02-09 10:13:05 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-02-09 10:13:05 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-02-09 10:13:05 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-02-09 10:13:05 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-09 10:13:05 ----A---- C:\Windows\system32\wscapi.dll
2011-02-09 10:13:05 ----A---- C:\Windows\system32\slwga.dll
2011-02-09 10:13:05 ----A---- C:\Windows\system32\ieframe.dll
2011-02-09 10:13:03 ----A---- C:\Windows\system32\winsrv.dll
2011-02-09 10:12:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-02-09 10:12:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-02-09 10:12:44 ----A---- C:\Windows\system32\vbscript.dll
2011-02-09 10:12:44 ----A---- C:\Windows\system32\jscript.dll
2011-02-09 10:12:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-09 10:12:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-02-09 10:12:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-02-09 10:12:40 ----A---- C:\Windows\system32\ntdll.dll
2011-02-09 10:12:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-02-02 21:41:17 ----D---- C:\ProgramData\Nokia
2011-01-30 12:02:31 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-01-30 12:02:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-01-30 12:02:31 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-01-30 12:02:31 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-01-30 12:02:31 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-01-30 12:02:31 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-01-30 12:02:30 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-01-30 12:02:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-01-30 12:02:30 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-01-30 12:02:30 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-01-30 12:02:29 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-01-30 12:02:29 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-01-30 12:02:29 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-01-30 12:02:29 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-01-30 12:02:28 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2011-01-30 12:02:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2011-01-30 12:02:28 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2011-01-30 12:02:28 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2011-01-30 12:02:28 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-01-30 12:02:28 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-01-30 12:02:28 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-01-30 12:02:28 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-01-30 12:02:28 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-01-30 12:02:28 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-01-30 12:02:27 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-01-30 12:02:27 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2011-01-30 12:02:27 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-01-30 12:02:27 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-01-30 12:02:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2011-01-30 12:02:26 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-01-30 12:02:25 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2011-01-30 12:02:25 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2011-01-30 12:02:25 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-01-30 12:02:25 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-01-30 12:02:24 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2011-01-30 12:02:24 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2011-01-30 12:02:24 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-01-30 12:02:24 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-01-30 12:02:21 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-01-30 12:02:21 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-01-30 12:02:19 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2011-01-30 12:02:19 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2011-01-30 12:02:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2011-01-30 12:02:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2011-01-30 12:02:19 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2011-01-30 12:02:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2011-01-30 12:02:19 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-01-30 12:02:19 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-01-30 12:02:19 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-01-30 12:02:19 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-01-30 12:02:19 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-01-30 12:02:19 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-01-30 12:02:18 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2011-01-30 12:02:18 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-01-30 11:57:45 ----D---- C:\Program Files (x86)\Activision
2011-01-29 22:58:26 ----D---- C:\Program Files (x86)\ImagingShop Viewer
2011-01-29 22:49:49 ----D---- C:\Users\chrudim\AppData\Roaming\FastStone
2011-01-29 22:49:46 ----D---- C:\Program Files (x86)\FastStone Image Viewer
2011-01-29 22:47:14 ----D---- C:\Users\chrudim\AppData\Roaming\IrfanView
2011-01-29 22:47:14 ----D---- C:\Program Files (x86)\IrfanView
2011-01-28 20:59:25 ----D---- C:\Program Files (x86)\LSoft Technologies
2011-01-28 20:29:50 ----A---- C:\Windows\system32\drivers\tdrpm273.sys
2011-01-28 20:29:47 ----A---- C:\Windows\system32\drivers\timntr.sys
2011-01-28 20:19:06 ----D---- C:\Users\chrudim\AppData\Roaming\Acronis
2011-01-28 18:58:14 ----D---- C:\Program Files (x86)\DIY DataRecovery MBRtool
2011-01-28 18:43:58 ----D---- C:\Program Files (x86)\PTDD Group
2011-01-27 20:23:15 ----D---- C:\Program Files\OO Software
2011-01-27 19:40:02 ----A---- C:\ooviewer.dll
2011-01-27 19:40:02 ----A---- C:\oosu.dll
2011-01-27 19:40:02 ----A---- C:\oorwiz.dll
2011-01-27 19:40:02 ----A---- C:\oodskrec.exe
2011-01-27 19:40:02 ----A---- C:\oodrsurs.dll
2011-01-27 19:40:02 ----A---- C:\oodrrwrs.dll
2011-01-27 19:40:02 ----A---- C:\oodrrs.dll
2011-01-27 19:40:02 ----A---- C:\oodrar.dll
2011-01-27 19:40:02 ----A---- C:\ooabout.dll
2011-01-27 19:38:05 ----D---- C:\Program Files (x86)\OO Software
2011-01-27 14:10:18 ----D---- C:\Program Files\Recuva
2011-01-27 13:26:13 ----D---- C:\Program Files (x86)\EASEUS
2011-01-27 12:47:28 ----N---- C:\Windows\system32\pwdrvio.sys
2011-01-27 12:47:28 ----A---- C:\Windows\system32\pwNative.exe
2011-01-27 12:47:27 ----N---- C:\Windows\system32\pwdspio.sys
2011-01-27 12:42:24 ----D---- C:\Program Files (x86)\Recover Data for FAT & NTFS (Trial Version)
2011-01-27 10:55:05 ----D---- C:\Program Files (x86)\Acronis
2011-01-27 10:27:41 ----A---- C:\Windows\system32\drivers\snapman.sys
2011-01-27 10:10:07 ----A---- C:\Windows\SYSWOW64\vxdblock.exe
2011-01-27 10:09:51 ----D---- C:\Program Files (x86)\Evolution Labs
2011-01-25 16:17:53 ----D---- C:\Program Files (x86)\Ask.com
======List of files/folders modified in the last 1 months======
2011-02-18 21:02:42 ----D---- C:\Windows
2011-02-18 21:02:40 ----D---- C:\Windows\Temp
2011-02-18 21:01:20 ----D---- C:\Windows\Prefetch
2011-02-18 20:58:54 ----D---- C:\Windows\SysWOW64
2011-02-18 20:10:58 ----D---- C:\Windows\system32\config
2011-02-18 19:59:53 ----HD---- C:\ProgramData
2011-02-18 19:59:53 ----D---- C:\Windows\SYSWOW64\drivers
2011-02-18 19:59:50 ----RD---- C:\Program Files (x86)
2011-02-18 19:59:50 ----D---- C:\Windows\system32\drivers
2011-02-18 19:58:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-02-18 19:56:41 ----D---- C:\Program Files\Google
2011-02-18 19:54:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-02-18 19:51:28 ----D---- C:\Program Files (x86)\Google
2011-02-18 19:46:46 ----D---- C:\Program Files (x86)\ArcSoft
2011-02-18 19:42:59 ----SHD---- C:\System Volume Information
2011-02-18 19:39:24 ----D---- C:\Windows\system32\catroot2
2011-02-18 19:36:23 ----SHD---- C:\Windows\Installer
2011-02-18 19:07:07 ----SHD---- C:\$Recycle.Bin
2011-02-18 18:19:01 ----RD---- C:\Program Files
2011-02-18 17:50:41 ----D---- C:\Windows\System32
2011-02-18 17:50:41 ----D---- C:\Windows\inf
2011-02-18 17:50:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-14 21:27:28 ----D---- C:\Program Files (x86)\Common Files
2011-02-11 12:32:44 ----D---- C:\Program Files (x86)\Replay Media Catcher
2011-02-11 09:24:17 ----A---- C:\Windows\SYSWOW64\rmc_rtspdl.dll
2011-02-11 09:24:17 ----A---- C:\Windows\SYSWOW64\rmc_fixasf.exe
2011-02-10 17:21:37 ----D---- C:\Windows\winsxs
2011-02-10 17:19:50 ----D---- C:\Program Files (x86)\Internet Explorer
2011-02-10 17:19:49 ----D---- C:\Program Files\Internet Explorer
2011-02-09 11:25:13 ----D---- C:\Windows\debug
2011-02-09 11:04:29 ----D---- C:\Windows\system32\Tasks
2011-02-09 10:13:00 ----D---- C:\Windows\system32\catroot
2011-02-02 21:41:09 ----D---- C:\Users\chrudim\AppData\Roaming\PC Suite
2011-02-02 21:35:06 ----DC---- C:\Windows\system32\DRVSTORE
2011-02-02 21:35:06 ----D---- C:\Windows\system32\DriverStore
2011-02-02 21:35:02 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2011-02-02 21:34:33 ----D---- C:\Program Files (x86)\Nokia
2011-02-02 21:28:20 ----D---- C:\Users\chrudim\AppData\Roaming\Nokia
2011-02-01 09:26:29 ----D---- C:\Users\chrudim\AppData\Roaming\uTorrent
2011-01-30 14:29:04 ----RSD---- C:\Windows\assembly
2011-01-28 20:17:29 ----D---- C:\Windows\system32\wdi
2011-01-28 20:14:59 ----D---- C:\Users\chrudim\AppData\Roaming\ICQ
2011-01-27 12:36:24 ----D---- C:\Program Files (x86)\ICQ7.2
2011-01-25 19:35:13 ----D---- C:\Program Files (x86)\CesarFTP
2011-01-25 16:21:05 ----D---- C:\Users\chrudim\AppData\Roaming\Nero
2011-01-25 16:18:37 ----D---- C:\Program Files (x86)\Nero
2011-01-21 11:05:49 ----SD---- C:\Users\chrudim\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-02-12 198944]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-07 503352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-05 6789632]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-05 221184]
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2009-12-22 20568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-20 1831968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 appliandMP;appliandMP; C:\Windows\system32\DRIVERS\appliand.sys []
S3 ar2tris9;ar2tris9; C:\Windows\system32\drivers\ar2tris9.sys []
S3 atxffouz;atxffouz; C:\Windows\system32\drivers\atxffouz.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-07-30 19456]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-07-30 26624]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 slicedisk.sys;slicedisk.sys; \??\C:\Windows\syswow64\slicedisk.sys []
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-12-22 16448]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-07-30 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-07-30 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-05 202752]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2009-12-22 117584]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-03-14 2233400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-03-19 1255736]
-----------------EOF-----------------
