Prosím o kontrolu (problém-svchost.exe)

[guest]

Je to tu, ale když už někdo odpověděl nemáš to upravovat, ale dát na konec. Teď už to ale nechej.

[Reklama]

[Michalkalensky]

nojo já jsem to upravoval a ty jsi sem mezitím dal další příspěvěk Tak to sem pro jistotu hodím ještě jednou

logy.docx

(72.89 KiB) Staženo 11 x

[memphisto]

Ty logy nakopíruj sem do odpovědí a klidně to rozděl na více částí/odpovědí

[Michalkalensky]

vždyt už jsem to dal do office :)

[jaro3]

Ty logy nakopíruj sem do odpovědí a klidně to rozděl na více částí/odpovědí

Udělej to.

[Michalkalensky]

tady log z gmer.exe - 1.část

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-10-05 16:49:50
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 ST3120814A rev.2AAA 111,79GB
Running: tool.exe.exe; Driver: C:\DOCUME~1\Michal\LOCALS~1\Temp\axryypod.sys


---- System - GMER 2.1 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xB5A03610]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xB5AB75FA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0xB5A040E6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xB5A47B36]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xB5A0FF18]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xB5A0FF64]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xB5A100FE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xB5A474EA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xB5A0FE86]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xB5A0FFA8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xB5A0FECE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0xB5A045E4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xB5A100B8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0xB5A04E9C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xB5A03676]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xB5A481FC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xB5A484B2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xB5A08596]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB5A48067]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB5A47ED2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xB5AB76C2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xB5A0325E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xB5A036DC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xB5A0898C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xB5A0592C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xB5A0FF42]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xB5A0FF86]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xB5A10122]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xB5A47846]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xB5A0FEAC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xB5A07E78]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xB5A10036]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xB5A0FEF6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xB5A0826E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xB5A100DC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xB5AB7822]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xB5A47D4D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xB5A057F8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xB5A47B9F]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThread [0xB5A0534E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB5AC4744]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xB5A46B30]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xB5A03742]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xB5A037A8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0xB5A04D16]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xB5A032F8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xB5A034CE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xB5A48303]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xB5A0345C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0xB5A05066]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0xB5A051C8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xB5A03556]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateProcess [0xB5A04B54]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0xB5A04CF6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwUnloadDriver [0xB5AB5C42]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xB5A0380E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwWriteVirtualMemory [0xB5A04142]

INT 0x62 ? 898AABF8
INT 0x63 ? 896CAF00
INT 0x73 ? 898AABF8
INT 0x73 ? 898AABF8
INT 0x73 ? 896CAF00
INT 0x73 ? 898AABF8
INT 0x82 ? 898AABF8
INT 0xB4 ? 896CAF00

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB5AD0E00]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 2.1 ----

.text ntoskrnl.exe!_abnormal_termination + F0 804E274C 4 Bytes [EA, 74, A4, B5]
.text ntoskrnl.exe!_abnormal_termination + 398 804E29F4 12 Bytes [42, 37, A0, B5, A8, 37, A0, ...]
.text ntoskrnl.exe!_abnormal_termination + 440 804E2A9C 12 Bytes [66, 50, A0, B5, C8, 51, A0, ...]
PAGE ntoskrnl.exe!ObInsertObject 8056503A 5 Bytes JMP B5ACF7B4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwReplyWaitReceivePortEx + 3CC 8056B712 4 Bytes CALL B5A05FD9 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntoskrnl.exe!ZwCreateProcessEx 8057FC60 7 Bytes JMP B5AD0E04 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ObMakeTemporaryObject 8059F84D 5 Bytes JMP B5ACDC9A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? spug.sys Systém nemůže nalézt uvedený soubor. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xBA5FE360, 0x1DE5ED, 0xE8000020]
.text USBPORT.SYS!DllUnload BA5DE8AC 5 Bytes JMP 896CA4E0
.text win32k.sys!EngFreeUserMem + 674 BF809FDF 5 Bytes JMP B5A0A284 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFreeUserMem + 3625 BF80CF90 5 Bytes JMP B5A0A162 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSurface + 45 BF8138FE 5 Bytes JMP B5A0A116 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 320C BF81E743 5 Bytes JMP B5A08BF4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMulDiv + 199A BF820E6C 5 Bytes JMP B5A096EC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngSetLastError + 7657 BF82868B 5 Bytes JMP B5A08D54 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + 698 BF838560 5 Bytes JMP B5A0A3FA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + BB6 BF838A7E 5 Bytes JMP B5A0A00A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + 3605 BF83B4CD 5 Bytes JMP B5A0A614 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + D9AB BF845873 5 Bytes JMP B5A08DF4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + 113C6 BF84928E 5 Bytes JMP B5A096CE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMultiByteToWideChar + 2E60 BF852720 5 Bytes JMP B5A097C4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMultiByteToWideChar + 2F20 BF8527E0 5 Bytes JMP B5A08AD8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMultiByteToWideChar + 84B4 BF857D74 5 Bytes JMP B5A0A56C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 23AD BF873983 5 Bytes JMP B5A0A33C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBlt + 37BB BF87882D 5 Bytes JMP B5A0A1B2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 3617 BF88FFB6 5 Bytes JMP B5A092F2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 413A BF890AD9 5 Bytes JMP B5A094C2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetLastError + 1606 BF8ADD61 5 Bytes JMP B5A097E2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 4B52 BF8B3770 5 Bytes JMP B5A0922C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 4BDD BF8B37FB 5 Bytes JMP B5A09508 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngAlphaBlend + 9286 BF8C31E7 5 Bytes JMP B5A08F24 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + 19CE BF8ED991 5 Bytes JMP B5A089C2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + 9006 BF8F4FC9 5 Bytes JMP B5A0970A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + D4C6 BF8F9489 5 Bytes JMP B5A09008 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + D746 BF8F9709 5 Bytes JMP B5A09150 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 1994 BF912612 5 Bytes JMP B5A08CDC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 1C40 BF9128BE 5 Bytes JMP B5A0988C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 2568 BF9131E6 5 Bytes JMP B5A08EBC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4F29 BF915BA7 5 Bytes JMP B5A09628 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 1931 BF9438F8 5 Bytes JMP B5A0A4BE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)

---- User code sections - GMER 2.1 ----

.text C:\WINDOWS\system32\svchost.exe[228] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[228] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[316] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[316] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[556] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[556] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\SOUNDMAN.EXE[632] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003C01F8
.text C:\WINDOWS\SOUNDMAN.EXE[632] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\SOUNDMAN.EXE[632] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003C03FC
.text C:\WINDOWS\SOUNDMAN.EXE[632] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\SOUNDMAN.EXE[632] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\WINDOWS\SOUNDMAN.EXE[632] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\WINDOWS\SOUNDMAN.EXE[632] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\WINDOWS\SOUNDMAN.EXE[632] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\WINDOWS\SOUNDMAN.EXE[632] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\WINDOWS\SOUNDMAN.EXE[632] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\WINDOWS\system32\spoolsv.exe[652] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[652] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[816] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[816] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\acs.exe[924] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\acs.exe[924] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\System32\smss.exe[940] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[1000] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[1000] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\HPZipm12.exe[1016] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\HPZipm12.exe[1016] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[1044] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe[1044] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1056] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1056] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[1276] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[1276] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003D01F8
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003D03FC
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003F1014
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003F0804
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003F0A08
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003F0C0C
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003F0E10
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003F01F8
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003F03FC
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003F0600
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 004E0804
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 004E0A08
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 004E0600
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 004E01F8
.text C:\Documents and Settings\Michal\Plocha\tool.exe.exe[1300] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 004E03FC
.text C:\WINDOWS\system32\svchost.exe[1364] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\svchost.exe[1364] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1364] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\svchost.exe[1364] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00321014
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00320804
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00320A08
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00320C0C
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00320E10
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003201F8
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003203FC
.text C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00320600
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00470804
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00470A08
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00470600
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 004701F8
.text C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 004703FC
.text C:\WINDOWS\System32\svchost.exe[1372] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003101F8
.text C:\WINDOWS\System32\svchost.exe[1372] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1372] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003103FC
.text C:\WINDOWS\System32\svchost.exe[1372] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00321014
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00320804
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00320A08
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00320C0C
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00320E10
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003201F8
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003203FC
.text C:\WINDOWS\System32\svchost.exe[1372] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00320600
.text C:\WINDOWS\System32\svchost.exe[1372] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00470804
.text C:\WINDOWS\System32\svchost.exe[1372] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00470A08
.text C:\WINDOWS\System32\svchost.exe[1372] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00470600
.text C:\WINDOWS\System32\svchost.exe[1372] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 004701F8
.text C:\WINDOWS\System32\svchost.exe[1372] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 004703FC
.text C:\WINDOWS\system32\csrss.exe[1572] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[1572] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[1596] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[1596] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[1640] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[1640] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[1652] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[1652] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1824] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1824] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1872] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1872] kernel32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003C01F8
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003C03FC
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1992] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003101F8
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003103FC
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00321014
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00320804
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00320A08
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00320C0C
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00320E10
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003201F8
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003203FC
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00320600
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00330804
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!DefWindowProcA + 11A 7E37C298 7 Bytes JMP 10606007 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!SetWindowLongA + 19 7E37C2B6 7 Bytes JMP 10606078 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 10609DDF C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00330A08
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00330600
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003301F8
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003303FC
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2232] USER32.dll!GetMenuContextHelpId + 1A 7E3B5319 7 Bytes JMP 10603789 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\WINDOWS\system32\ctfmon.exe[2348] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003201F8
.text C:\WINDOWS\system32\ctfmon.exe[2348] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[2348] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003203FC
.text C:\WINDOWS\system32\ctfmon.exe[2348] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00331014
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00330804
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00330A08
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 3 Bytes JMP 00330C0C
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!ChangeServiceConfig2A + 4 77E270DD 1 Byte [88]
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00330E10
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003301F8
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003303FC
.text C:\WINDOWS\system32\ctfmon.exe[2348] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00330600
.text C:\WINDOWS\system32\ctfmon.exe[2348] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00340804
.text C:\WINDOWS\system32\ctfmon.exe[2348] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00340A08
.text C:\WINDOWS\system32\ctfmon.exe[2348] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00340600
.text C:\WINDOWS\system32\ctfmon.exe[2348] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003401F8
.text C:\WINDOWS\system32\ctfmon.exe[2348] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003403FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 016EDFF0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003103FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] KERNEL32.dll!lstrlenW + 43 7C809ADC 7 Bytes JMP 01E79796 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] KERNEL32.dll!MapViewOfFileEx + 6A 7C80B990 7 Bytes JMP 01E79773 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] KERNEL32.dll!ValidateLocale + B1E8 7C8449F8 7 Bytes JMP 016F5F1A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00320804
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00320A08
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00320600
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003201F8
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003203FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] GDI32.dll!SetDIBitsToDevice + 209 77F19E04 7 Bytes JMP 01E796F4 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00B51014
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00B50804
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00B50A08
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00B50C0C
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00B50E10
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 00B501F8
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 00B503FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[2400] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00B50600
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003D01F8
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003D03FC
.text C:\Program Files\Skype\Phone\Skype.exe[2464] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8

[Michalkalensky]

tady log z gmer.exe - 2.část

.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\Skype\Phone\Skype.exe[2464] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Skype\Phone\Skype.exe[2464] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003F0804
.text C:\Program Files\Skype\Phone\Skype.exe[2464] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003F0A08
.text C:\Program Files\Skype\Phone\Skype.exe[2464] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003F0600
.text C:\Program Files\Skype\Phone\Skype.exe[2464] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003F01F8
.text C:\Program Files\Skype\Phone\Skype.exe[2464] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003F03FC
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003C01F8
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003C03FC
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[2484] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003C01F8
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003C03FC
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003D1014
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003D0804
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003D0A08
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003D0C0C
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003D0E10
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003D01F8
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003D03FC
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003D0600
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe[2748] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\Explorer.EXE[2888] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003101F8
.text C:\WINDOWS\Explorer.EXE[2888] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[2888] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003103FC
.text C:\WINDOWS\Explorer.EXE[2888] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00321014
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00320804
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00320A08
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00320C0C
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00320E10
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003201F8
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003203FC
.text C:\WINDOWS\Explorer.EXE[2888] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00320600
.text C:\WINDOWS\Explorer.EXE[2888] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00330804
.text C:\WINDOWS\Explorer.EXE[2888] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00330A08
.text C:\WINDOWS\Explorer.EXE[2888] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00330600
.text C:\WINDOWS\Explorer.EXE[2888] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003301F8
.text C:\WINDOWS\Explorer.EXE[2888] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003303FC
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003101F8
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003103FC
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00321014
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00320804
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00320A08
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00320C0C
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00320E10
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003201F8
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003203FC
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00320600
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00330804
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00330A08
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00330600
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003301F8
.text C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[3448] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003303FC
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003101F8
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003103FC
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 00320804
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 00320A08
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 00320600
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003201F8
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003203FC
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 00471014
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 00470804
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 00470A08
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 00470C0C
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 00470E10
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 004701F8
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 004703FC
.text C:\WINDOWS\system32\RUNDLL32.EXE[3832] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 00470600
.text C:\WINDOWS\mHotkey.exe[3972] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003C01F8
.text C:\WINDOWS\mHotkey.exe[3972] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\mHotkey.exe[3972] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003C03FC
.text C:\WINDOWS\mHotkey.exe[3972] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003D1014
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003D0804
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003D0A08
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003D0C0C
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003D0E10
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003D01F8
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003D03FC
.text C:\WINDOWS\mHotkey.exe[3972] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003D0600
.text C:\WINDOWS\mHotkey.exe[3972] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003E0804
.text C:\WINDOWS\mHotkey.exe[3972] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003E0A08
.text C:\WINDOWS\mHotkey.exe[3972] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003E0600
.text C:\WINDOWS\mHotkey.exe[3972] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003E01F8
.text C:\WINDOWS\mHotkey.exe[3972] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003E03FC
.text C:\WINDOWS\CNYHKey.exe[4040] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 003C01F8
.text C:\WINDOWS\CNYHKey.exe[4040] ntdll.dll!RtlDosSearchPath_U + 1D1 7C9171AA 1 Byte [62]
.text C:\WINDOWS\CNYHKey.exe[4040] ntdll.dll!LdrUnloadDll 7C91736B 5 Bytes JMP 003C03FC
.text C:\WINDOWS\CNYHKey.exe[4040] KERNEL32.dll!GetBinaryTypeW + 80 7C868C2C 1 Byte [62]
.text C:\WINDOWS\CNYHKey.exe[4040] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 003D0804
.text C:\WINDOWS\CNYHKey.exe[4040] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 003D0A08
.text C:\WINDOWS\CNYHKey.exe[4040] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 003D0600
.text C:\WINDOWS\CNYHKey.exe[4040] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 003D01F8
.text C:\WINDOWS\CNYHKey.exe[4040] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 003D03FC
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!SetServiceObjectSecurity 77E26D59 5 Bytes JMP 003E1014
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!ChangeServiceConfigA 77E26E41 5 Bytes JMP 003E0804
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!ChangeServiceConfigW 77E26FD9 5 Bytes JMP 003E0A08
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!ChangeServiceConfig2A 77E270D9 5 Bytes JMP 003E0C0C
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!ChangeServiceConfig2W 77E27161 5 Bytes JMP 003E0E10
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!CreateServiceA 77E271E9 5 Bytes JMP 003E01F8
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!CreateServiceW 77E27381 5 Bytes JMP 003E03FC
.text C:\WINDOWS\CNYHKey.exe[4040] ADVAPI32.dll!DeleteService 77E27489 5 Bytes JMP 003E0600

---- Kernel IAT/EAT - GMER 2.1 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 898AC2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F74FF6D0] spug.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7503708] spug.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74DA046] spug.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74DA142] spug.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74DA0C4] spug.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74DA7CE] spug.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74DA6A4] spug.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 896CA5E0
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F74E5D7A] spug.sys

---- User IAT/EAT - GMER 2.1 ----

IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[556] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C90790] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\Program Files\AVAST Software\Avast\avastUI.exe[1276] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C90790] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
IAT C:\WINDOWS\system32\services.exe[1640] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT C:\WINDOWS\system32\services.exe[1640] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000

---- Devices - GMER 2.1 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 898A91F8

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBPDO-0 896CD500
Device \Driver\usbuhci \Device\USBPDO-1 896CD500
Device \Driver\usbuhci \Device\USBPDO-2 896CD500
Device \Driver\usbuhci \Device\USBPDO-3 896CD500
Device \Driver\usbehci \Device\USBPDO-4 896E1500

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Ftdisk \Device\HarddiskVolume1 899181F8
Device \Driver\Cdrom \Device\CdRom0 896B5500
Device \Driver\Ftdisk \Device\HarddiskVolume2 899181F8
Device \Driver\USBSTOR \Device\00000072 892B2500
Device \Driver\atapi \Device\Ide\IdePort0 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\USBSTOR \Device\00000073 892B2500
Device \Driver\Cdrom \Device\CdRom1 896B5500
Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl 896AC500
Device \Driver\NetBT \Device\NetBt_Wins_Export 896FA500
Device \Driver\NetBT \Device\NetbiosSmb 896FA500
Device \Driver\NetBT \Device\NetBT_Tcpip_{8FAA6696-19A3-4AD8-BFCC-7863E232FAC9} 896FA500

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\dtsoftbus01 \Device\0000006c 896AC500
Device \Driver\usbuhci \Device\USBFDO-0 896CD500
Device \Driver\usbuhci \Device\USBFDO-1 896CD500
Device \Driver\NetBT \Device\NetBT_Tcpip_{1033E64E-7E5A-4EB6-9368-5F46B6DC4896} 896FA500
Device \Driver\NetBT \Device\NetBT_Tcpip_{0DDD5DAD-06CD-4965-B8CF-07296B935862} 896FA500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 896EE500
Device \Driver\usbuhci \Device\USBFDO-2 896CD500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 896EE500
Device \Driver\usbuhci \Device\USBFDO-3 896CD500
Device \Driver\usbehci \Device\USBFDO-4 896E1500
Device \Driver\Ftdisk \Device\FtControl 899181F8
Device \FileSystem\Cdfs \Cdfs 89690500

---- Trace I/O - GMER 2.1 ----

Trace ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spug.sys >>UNKNOWN [0x898ca944]<< 898ca944
Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8987cab8] 8987cab8
Trace 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000069[0x89872f18] 89872f18
Trace 5 ACPI.sys[f7498620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8986bd98] 8986bd98

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\

---- EOF - GMER 2.1 ----

[Michalkalensky]

tady log z OTL - 1.část

OTL logfile created on: 5.10.2013 18:23:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Michal\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,66% Memory free
3,35 Gb Paging File | 2,99 Gb Available in Paging File | 89,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,78 Gb Total Space | 87,22 Gb Free Space | 78,03% Space Free | Partition Type: NTFS
Drive F: | 465,74 Gb Total Space | 133,10 Gb Free Space | 28,58% Space Free | Partition Type: NTFS

Computer Name: ADMIN-71487C35A | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Michal\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\system32\acs.exe (Atheros)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\CNYHKey.exe (Chicony)
PRC - C:\WINDOWS\mHotkey.exe (Chicony)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\13100500\algo.dll ()
MOD - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\CNYUSB.dll ()
MOD - C:\WINDOWS\HKCYDLL.dll ()
MOD - C:\WINDOWS\HIDMNT.dll ()


========== Services (SafeList) ==========

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (acs) -- C:\WINDOWS\system32\acs.exe (Atheros)
SRV - (jswpsapi) -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe (wireless)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\Michal\LOCALS~1\Temp\catchme.sys File not found
DRV - (axryypod) -- C:\DOCUME~1\Michal\LOCALS~1\Temp\axryypod.sys File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (AR9271) -- C:\WINDOWS\system32\drivers\athuw.sys (Atheros Communications, Inc.)
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (JSWSCIMD) -- C:\WINDOWS\system32\drivers\jswscimd.sys (Atheros Communications, Inc.)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\R8139n51.sys (Realtek Semiconductor Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:8.0.1497
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.5
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.09.28 11:56:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013.09.28 16:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions
[2013.09.28 16:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.10.05 13:53:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\mo7rzp5h.default\extensions
[2013.09.28 11:50:52 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\mo7rzp5h.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.10.05 11:26:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.10.05 11:26:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHAL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\MO7RZP5H.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}

O1 HOSTS File: ([2013.10.01 19:33:08 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\mHotkey.exe (Chicony)
O4 - HKLM..\Run: [ledpointer] C:\WINDOWS\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe (Macrovision Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DDD5DAD-06CD-4965-B8CF-07296B935862}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.09.28 10:09:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[Michalkalensky]

tady log z OTL - 2.část


========== Files/Folders - Created Within 30 Days ==========

[2013.10.05 18:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Plocha\tdsskiller
[2013.10.05 18:16:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michal\Plocha\OTL.exe
[2013.10.05 14:12:20 | 000,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soun2f9a.rra
[2013.10.05 14:09:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013.10.05 14:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2013.10.05 13:51:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\4shared Desktop
[2013.10.05 13:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\4shared Desktop
[2013.10.05 12:18:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Dokumenty\Soubory aplikace Outlook
[2013.10.05 11:53:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michal\Recent
[2013.10.05 11:19:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.10.05 09:50:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.10.04 22:56:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2013.10.04 22:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.10.04 22:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.10.04 22:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Plocha\Adobe Photoshop CS6 Extended
[2013.10.03 14:40:51 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2013.10.03 14:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Dokumenty\Stažené soubory
[2013.10.02 21:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.10.02 18:35:58 | 002,799,296 | ---- | C] (Sysinternals - http://www.sysinternals.com) -- C:\Documents and Settings\Michal\Plocha\procexp.exe
[2013.10.01 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013.10.01 19:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.10.01 15:42:08 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.09.30 20:11:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.09.30 20:11:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Nástroje pro správu
[2013.09.30 20:11:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.09.30 19:27:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.09.30 18:02:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Dokumenty\NFS Carbon
[2013.09.30 17:56:03 | 018,734,784 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Michal\Plocha\WDM_A406.exe
[2013.09.30 17:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Electronic Arts
[2013.09.30 16:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2013.09.30 16:59:43 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2013.09.30 16:59:43 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2013.09.30 16:59:42 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2013.09.30 16:59:40 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2013.09.30 16:59:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2013.09.30 16:59:40 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2013.09.30 16:59:38 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2013.09.30 16:59:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2013.09.30 16:59:36 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2013.09.30 16:59:35 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2013.09.30 16:59:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2013.09.28 17:47:48 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013.09.28 17:47:48 | 000,017,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013.09.28 17:38:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Microsoft Office
[2013.09.28 17:31:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Plocha\Pomůcky DK
[2013.09.28 17:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\SharePoint
[2013.09.28 17:31:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Plocha\Microsoft Office
[2013.09.28 17:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013.09.28 17:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.09.28 17:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2013.09.28 17:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2013.09.28 17:22:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2013.09.28 17:22:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013.09.28 17:21:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft Help
[2013.09.28 17:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.09.28 17:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
[2013.09.28 17:20:24 | 000,000,000 | R--D | C] -- C:\MSOCache
[2013.09.28 17:09:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013.09.28 17:08:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Skype
[2013.09.28 17:06:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.09.28 16:53:54 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2013.09.28 16:53:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2013.09.28 16:53:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2013.09.28 16:53:27 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013.09.28 16:53:27 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013.09.28 16:53:27 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.09.28 16:53:26 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013.09.28 16:53:25 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013.09.28 16:53:24 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013.09.28 16:53:24 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013.09.28 16:53:24 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013.09.28 16:53:24 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013.09.28 16:53:24 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013.09.28 16:53:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2013.09.28 16:53:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.09.28 16:53:22 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2013.09.28 16:53:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2013.09.28 16:53:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2013.09.28 16:53:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2013.09.28 16:53:21 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2013.09.28 16:53:21 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2013.09.28 16:53:21 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2013.09.28 16:53:21 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2013.09.28 16:53:20 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2013.09.28 16:53:20 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2013.09.28 16:53:19 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013.09.28 16:53:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2013.09.28 16:53:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2013.09.28 16:53:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2013.09.28 16:53:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2013.09.28 16:53:15 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2013.09.28 16:53:14 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2013.09.28 16:53:14 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2013.09.28 16:53:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2013.09.28 16:53:14 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013.09.28 16:53:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2013.09.28 16:53:13 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013.09.28 16:53:13 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2013.09.28 16:53:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2013.09.28 16:53:12 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2013.09.28 16:53:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2013.09.28 16:53:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2013.09.28 16:53:11 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2013.09.28 16:53:11 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2013.09.28 16:53:10 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013.09.28 16:53:10 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.09.28 16:53:10 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013.09.28 16:53:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2013.09.28 16:53:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2013.09.28 16:53:09 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013.09.28 16:53:09 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013.09.28 16:53:09 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013.09.28 16:53:09 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013.09.28 16:53:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.09.28 16:53:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013.09.28 16:53:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2013.09.28 16:53:07 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2013.09.28 16:53:07 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2013.09.28 16:53:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2013.09.28 16:53:04 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013.09.28 16:53:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2013.09.28 16:53:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013.09.28 16:52:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2013.09.28 16:52:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013.09.28 16:46:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013.09.28 16:44:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox
[2013.09.28 16:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.09.28 16:40:39 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013.09.28 16:40:38 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013.09.28 16:40:38 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013.09.28 16:40:38 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013.09.28 16:40:38 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013.09.28 16:40:37 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013.09.28 16:40:37 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013.09.28 16:40:35 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013.09.28 16:40:35 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013.09.28 16:40:35 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013.09.28 16:40:34 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013.09.28 16:40:34 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013.09.28 16:40:34 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013.09.28 16:40:34 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013.09.28 16:40:34 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013.09.28 16:40:34 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013.09.28 16:40:34 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013.09.28 16:40:34 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013.09.28 16:40:34 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013.09.28 16:40:33 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013.09.28 16:40:33 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013.09.28 16:40:33 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013.09.28 16:40:33 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013.09.28 16:40:33 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013.09.28 16:40:33 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013.09.28 16:40:33 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013.09.28 16:40:33 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013.09.28 16:40:33 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013.09.28 16:40:33 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013.09.28 16:40:33 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013.09.28 16:40:33 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013.09.28 16:40:32 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013.09.28 16:40:32 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013.09.28 16:40:32 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013.09.28 16:40:31 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2013.09.28 16:40:31 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013.09.28 16:40:29 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013.09.28 16:40:29 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013.09.28 16:40:29 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013.09.28 16:40:29 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013.09.28 16:40:28 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013.09.28 16:40:28 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013.09.28 16:40:28 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013.09.28 16:40:28 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013.09.28 16:40:27 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013.09.28 16:40:27 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013.09.28 16:40:26 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013.09.28 16:40:26 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013.09.28 16:40:26 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013.09.28 16:40:26 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2013.09.28 16:40:25 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013.09.28 16:40:24 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013.09.28 16:40:24 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013.09.28 16:40:24 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013.09.28 16:40:23 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013.09.28 16:40:23 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013.09.28 16:40:23 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013.09.28 16:24:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013.09.28 13:48:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2013.09.28 13:43:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2013.09.28 12:47:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader
[2013.09.28 12:45:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.09.28 12:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2013.09.28 12:41:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\CENZURA
[2013.09.28 12:41:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Adobe
[2013.09.28 12:38:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\Adobe
[2013.09.28 12:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Alcohol 120%
[2013.09.28 12:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2013.09.28 12:20:07 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.09.28 12:20:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Malwarebytes
[2013.09.28 12:19:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.09.28 12:13:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Dokumenty\Filmy
[2013.09.28 12:13:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Filmy
[2013.09.28 12:09:05 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013.09.28 12:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2013.09.28 12:03:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013.09.28 12:03:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013.09.28 12:02:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Macromedia
[2013.09.28 12:02:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Adobe
[2013.09.28 12:02:09 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.09.28 12:02:09 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.09.28 12:00:11 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2013.09.28 11:59:50 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013.09.28 11:58:50 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013.09.28 11:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2013.09.28 11:58:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2013.09.28 11:58:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2013.09.28 11:58:47 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2013.09.28 11:58:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2013.09.28 11:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2013.09.28 11:58:45 | 000,000,000 | R--D | C] -- C:\Program Files
[2013.09.28 11:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2013.09.28 11:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2013.09.28 11:58:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2013.09.28 11:58:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2013.09.28 11:58:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2013.09.28 11:58:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2013.09.28 11:58:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2013.09.28 11:58:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2013.09.28 11:58:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2013.09.28 11:58:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2013.09.28 11:58:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2013.09.28 11:58:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2013.09.28 11:58:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2013.09.28 11:58:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2013.09.28 11:58:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2013.09.28 11:58:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2013.09.28 11:58:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2013.09.28 11:58:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2013.09.28 11:58:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2013.09.28 11:58:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2013.09.28 11:58:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2013.09.28 11:58:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2013.09.28 11:58:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2013.09.28 11:58:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2013.09.28 11:58:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2013.09.28 11:58:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2013.09.28 11:58:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2013.09.28 11:58:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2013.09.28 11:58:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2013.09.28 11:58:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2013.09.28 11:58:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2013.09.28 11:58:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2013.09.28 11:58:36 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2013.09.28 11:58:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2013.09.28 11:58:36 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2013.09.28 11:58:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2013.09.28 11:58:36 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2013.09.28 11:58:36 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2013.09.28 11:58:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2013.09.28 11:58:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2013.09.28 11:58:36 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2013.09.28 11:58:36 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2013.09.28 11:58:36 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2013.09.28 11:58:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2013.09.28 11:58:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2013.09.28 11:58:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2013.09.28 11:58:34 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2013.09.28 11:58:34 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2013.09.28 11:58:34 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2013.09.28 11:58:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2013.09.28 11:58:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2013.09.28 11:58:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2013.09.28 11:58:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2013.09.28 11:58:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2013.09.28 11:58:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2013.09.28 11:58:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2013.09.28 11:58:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2013.09.28 11:58:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2013.09.28 11:58:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2013.09.28 11:58:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2013.09.28 11:58:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2013.09.28 11:58:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2013.09.28 11:58:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2013.09.28 11:58:28 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013.09.28 11:58:28 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013.09.28 11:58:28 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013.09.28 11:58:28 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013.09.28 11:58:28 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013.09.28 11:58:28 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013.09.28 11:58:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013.09.28 11:58:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013.09.28 11:58:27 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013.09.28 11:58:27 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013.09.28 11:58:27 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013.09.28 11:58:27 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013.09.28 11:58:27 | 000,009,291 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013.09.28 11:58:27 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013.09.28 11:58:27 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013.09.28 11:58:27 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013.09.28 11:58:27 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013.09.28 11:58:26 | 000,127,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013.09.28 11:58:26 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013.09.28 11:58:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013.09.28 11:58:26 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013.09.28 11:58:26 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013.09.28 11:58:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013.09.28 11:58:26 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013.09.28 11:58:26 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013.09.28 11:58:25 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013.09.28 11:58:25 | 000,073,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013.09.28 11:58:25 | 000,070,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013.09.28 11:58:25 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013.09.28 11:58:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013.09.28 11:58:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013.09.28 11:58:25 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013.09.28 11:58:25 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013.09.28 11:58:24 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2013.09.28 11:58:24 | 000,069,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2013.09.28 11:58:24 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013.09.28 11:58:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013.09.28 11:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2013.09.28 11:58:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
[2013.09.28 11:58:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start
[2013.09.28 11:58:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty
[2013.09.28 11:58:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Šablony
[2013.09.28 11:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Plocha
[2013.09.28 11:58:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Oblíbené položky
[2013.09.28 11:58:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013.09.28 11:58:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013.09.28 11:57:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft
[2013.09.28 11:57:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Data aplikací
[2013.09.28 11:57:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.09.28 11:57:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013.09.28 11:56:33 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.09.28 11:53:45 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.sys
[2013.09.28 11:53:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Vso
[2013.09.28 11:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VSO
[2013.09.28 11:53:33 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\sipr3260.dll
[2013.09.28 11:53:32 | 000,273,408 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\Pncrt.dll
[2013.09.28 11:53:31 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv43260.dll
[2013.09.28 11:53:31 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv33260.dll
[2013.09.28 11:53:31 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv23260.dll
[2013.09.28 11:53:31 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\cook3260.dll
[2013.09.28 11:53:29 | 000,626,688 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll
[2013.09.28 11:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\VSO
[2013.09.28 11:49:49 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013.09.28 11:49:49 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013.09.28 11:49:49 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013.09.28 11:49:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1029
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013.09.28 11:49:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2013.09.28 11:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\Ahead
[2013.09.28 11:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2013.09.28 11:38:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013.09.28 11:33:30 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2013.09.28 11:33:10 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2013.09.28 11:33:10 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2013.09.28 11:33:09 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2013.09.28 11:33:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2013.09.28 11:33:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2013.09.28 11:33:09 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2013.09.28 11:33:09 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2013.09.28 11:33:08 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2013.09.28 11:33:08 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2013.09.28 11:33:08 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2013.09.28 11:33:08 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2013.09.28 11:33:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2013.09.28 11:33:08 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2013.09.28 11:33:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2013.09.28 11:33:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2013.09.28 11:33:06 | 001,845,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013.09.28 11:33:06 | 000,997,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2013.09.28 11:33:06 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2013.09.28 11:33:06 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2013.09.28 11:33:06 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2013.09.28 11:33:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2013.09.28 11:33:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2013.09.28 11:33:05 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2013.09.28 11:33:05 | 000,041,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys
[2013.09.28 11:33:04 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2013.09.28 11:33:04 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013.09.28 11:33:04 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2013.09.28 11:33:04 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2013.09.28 11:33:03 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2013.09.28 11:33:03 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ks.sys
[2013.09.28 11:33:03 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys
[2013.09.28 11:33:03 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2013.09.28 11:33:03 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2013.09.28 11:33:01 | 000,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2013.09.28 11:33:01 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2013.09.28 11:33:01 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2013.09.28 11:33:00 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013.09.28 11:33:00 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2013.09.28 11:32:59 | 000,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2013.09.28 11:32:59 | 000,096,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2013.09.28 11:32:59 | 000,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2013.09.28 11:32:59 | 000,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stream.sys
[2013.09.28 11:32:59 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2013.09.28 11:32:59 | 000,025,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2013.09.28 11:32:58 | 000,225,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2013.09.28 11:32:58 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2013.09.28 11:32:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2013.09.28 11:32:58 | 000,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2013.09.28 11:32:58 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2013.09.28 11:32:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2013.09.28 11:32:57 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2013.09.28 11:32:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys
[2013.09.28 11:32:56 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2013.09.28 11:32:56 | 000,131,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\HAL.DLL
[2013.09.28 11:32:56 | 000,081,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2013.09.28 11:32:55 | 002,191,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013.09.28 11:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013.09.28 11:24:20 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.09.28 11:24:20 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.09.28 11:24:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2013.09.28 11:24:18 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.09.28 11:24:18 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.09.28 11:24:17 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.09.28 11:23:30 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.09.28 11:23:29 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.09.28 11:22:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.09.28 11:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.09.28 11:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.09.28 11:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2013.09.28 11:17:59 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013.09.28 11:17:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2013.09.28 11:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DAEMON Tools Lite
[2013.09.28 11:08:05 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2013.09.28 11:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Lite
[2013.09.28 11:07:56 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2013.09.28 11:07:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.09.28 11:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Nero 7 Premium
[2013.09.28 11:02:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Ahead
[2013.09.28 11:02:33 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Michal\UserData
[2013.09.28 11:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2013.09.28 11:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2013.09.28 11:00:45 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2013.09.28 11:00:44 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2013.09.28 10:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Nabídka Start\Programy\WinRAR
[2013.09.28 10:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2013.09.28 10:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.09.28 10:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Picasa 3
[2013.09.28 10:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Nabídka Start\Programy\BitLord
[2013.09.28 10:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\BitLord
[2013.09.28 10:57:43 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013.09.28 10:57:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google
[2013.09.28 10:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.09.28 10:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\Mozilla
[2013.09.28 10:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Mozilla
[2013.09.28 10:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2013.09.28 10:43:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\TP-LINK
[2013.09.28 10:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TP-LINK
[2013.09.28 10:43:28 | 000,405,582 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscsup.dll
[2013.09.28 10:43:28 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\jswscimd.sys
[2013.09.28 10:43:28 | 000,057,440 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\jswscimd.sys
[2013.09.28 10:43:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Atheros
[2013.09.28 10:43:24 | 000,499,796 | ---- | C] (Atheros) -- C:\WINDOWS\System32\acs.exe
[2013.09.28 10:43:11 | 000,249,924 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.dll
[2013.09.28 10:43:11 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2013.09.28 10:43:11 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\wsimd.sys
[2013.09.28 10:43:10 | 001,269,854 | ---- | C] (Devicescape) -- C:\WINDOWS\System32\dsa.dll
[2013.09.28 10:43:10 | 000,254,022 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsfwDS.dll
[2013.09.28 10:43:10 | 000,082,017 | ---- | C] (Devicescape, Inc.) -- C:\WINDOWS\System32\dsaNac.dll
[2013.09.28 10:43:09 | 000,405,504 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapi.dll
[2013.09.28 10:43:09 | 000,360,539 | ---- | C] (Atheros) -- C:\WINDOWS\System32\wcapiU.dll
[2013.09.28 10:43:09 | 000,311,390 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20U.dll
[2013.09.28 10:43:09 | 000,237,568 | ---- | C] (Atheros) -- C:\WINDOWS\System32\athcfg20.dll
[2013.09.28 10:43:09 | 000,127,079 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20resU.dll
[2013.09.28 10:43:09 | 000,127,053 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athcfg20res.dll
[2013.09.28 10:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2013.09.28 10:42:50 | 001,763,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athuw.sys
[2013.09.28 10:42:50 | 001,763,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athuw.sys
[2013.09.28 10:42:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
[2013.09.28 10:40:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HP
[2013.09.28 10:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2013.09.28 10:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2013.09.28 10:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
[2013.09.28 10:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2013.09.28 10:35:49 | 000,278,584 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZidr12.dll
[2013.09.28 10:35:49 | 000,204,800 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipr12.dll
[2013.09.28 10:35:49 | 000,094,208 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipt12.dll
[2013.09.28 10:35:49 | 000,069,632 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZipm12.exe
[2013.09.28 10:35:49 | 000,061,440 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZinw12.exe
[2013.09.28 10:35:49 | 000,057,344 | ---- | C] (HP) -- C:\WINDOWS\System32\HPZisn12.dll
[2013.09.28 10:35:48 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2013.09.28 10:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013.09.28 10:33:14 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.09.28 10:31:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\HP
[2013.09.28 10:30:27 | 000,532,992 | ---- | C] (Chicony) -- C:\WINDOWS\CNYHKey.exe
[2013.09.28 10:30:27 | 000,473,088 | ---- | C] (Chicony) -- C:\WINDOWS\mHotkey.exe
[2013.09.28 10:30:27 | 000,233,472 | ---- | C] (PanMicro) -- C:\WINDOWS\InstIt.exe
[2013.09.28 10:28:52 | 000,045,568 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\R8139n51.sys
[2013.09.28 10:28:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2013.09.28 10:27:51 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013.09.28 10:27:51 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2013.09.28 10:27:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013.09.28 10:27:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2013.09.28 10:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2013.09.28 10:27:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Realtek Sound Manager
[2013.09.28 10:27:47 | 000,000,000 | ---D | C] -- C:\Program Files\AvRack
[2013.09.28 10:27:43 | 004,122,368 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2013.09.28 10:27:43 | 000,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2013.09.28 10:27:39 | 010,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe

[Michalkalensky]

tady log z OTL - 3.část

[2013.09.28 10:27:35 | 018,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2013.09.28 10:27:35 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2013.09.28 10:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013.09.28 10:25:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013.09.28 10:22:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2013.09.28 10:21:15 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013.09.28 10:21:15 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2013.09.28 10:21:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Futuremark
[2013.09.28 10:19:22 | 000,176,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2013.09.28 10:19:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2013.09.28 10:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013.09.28 10:15:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\Identities
[2013.09.28 10:15:56 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013.09.28 10:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Dokumenty\Obrázky
[2013.09.28 10:15:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Dokumenty\Hudba
[2013.09.28 10:15:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Michal\Data aplikací\Microsoft
[2013.09.28 10:15:48 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Michal\Cookies
[2013.09.28 10:15:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michal\SendTo
[2013.09.28 10:15:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michal\Data aplikací
[2013.09.28 10:15:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Příslušenství
[2013.09.28 10:15:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Po spuštění
[2013.09.28 10:15:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Oblíbené položky
[2013.09.28 10:15:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Nabídka Start
[2013.09.28 10:15:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Michal\Dokumenty
[2013.09.28 10:15:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michal\Šablony
[2013.09.28 10:15:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michal\Okolní tiskárny
[2013.09.28 10:15:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michal\Okolní síť
[2013.09.28 10:15:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Michal\Local Settings
[2013.09.28 10:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Plocha
[2013.09.28 10:15:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft
[2013.09.28 10:13:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013.09.28 10:13:11 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013.09.28 10:13:10 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2013.09.28 10:13:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2013.09.28 10:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2013.09.28 10:12:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2013.09.28 10:11:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013.09.28 10:11:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013.09.28 10:11:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013.09.28 10:11:41 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013.09.28 10:11:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013.09.28 10:11:40 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013.09.28 10:11:40 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013.09.28 10:11:40 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013.09.28 10:11:39 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013.09.28 10:11:39 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013.09.28 10:11:38 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013.09.28 10:11:37 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013.09.28 10:11:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013.09.28 10:11:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013.09.28 10:11:36 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013.09.28 10:11:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013.09.28 10:11:36 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013.09.28 10:11:35 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013.09.28 10:11:35 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013.09.28 10:11:35 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013.09.28 10:11:35 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013.09.28 10:11:34 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013.09.28 10:11:33 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013.09.28 10:11:32 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013.09.28 10:11:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013.09.28 10:11:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013.09.28 10:11:29 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013.09.28 10:11:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013.09.28 10:11:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013.09.28 10:11:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013.09.28 10:11:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013.09.28 10:11:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013.09.28 10:11:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013.09.28 10:11:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013.09.28 10:11:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013.09.28 10:11:28 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013.09.28 10:11:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013.09.28 10:11:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013.09.28 10:11:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013.09.28 10:11:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013.09.28 10:11:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013.09.28 10:11:28 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013.09.28 10:11:27 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013.09.28 10:11:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013.09.28 10:11:25 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013.09.28 10:11:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013.09.28 10:11:24 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013.09.28 10:11:24 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013.09.28 10:11:23 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013.09.28 10:11:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013.09.28 10:11:22 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013.09.28 10:11:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013.09.28 10:11:21 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013.09.28 10:11:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013.09.28 10:11:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013.09.28 10:11:19 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013.09.28 10:11:19 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013.09.28 10:11:19 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013.09.28 10:11:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013.09.28 10:11:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013.09.28 10:11:18 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013.09.28 10:11:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013.09.28 10:11:18 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013.09.28 10:11:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013.09.28 10:11:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013.09.28 10:11:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013.09.28 10:11:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013.09.28 10:11:14 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013.09.28 10:11:11 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013.09.28 10:11:11 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013.09.28 10:11:07 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013.09.28 10:11:07 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013.09.28 10:11:06 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013.09.28 10:11:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013.09.28 10:11:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013.09.28 10:11:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013.09.28 10:11:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013.09.28 10:11:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013.09.28 10:11:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013.09.28 10:11:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013.09.28 10:11:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013.09.28 10:11:02 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013.09.28 10:11:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013.09.28 10:11:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013.09.28 10:11:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013.09.28 10:11:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013.09.28 10:11:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013.09.28 10:11:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013.09.28 10:11:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013.09.28 10:11:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013.09.28 10:11:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013.09.28 10:11:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013.09.28 10:11:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013.09.28 10:11:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013.09.28 10:11:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013.09.28 10:11:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013.09.28 10:11:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013.09.28 10:11:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013.09.28 10:11:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013.09.28 10:11:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013.09.28 10:10:59 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013.09.28 10:10:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013.09.28 10:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013.09.28 10:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013.09.28 10:10:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013.09.28 10:10:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013.09.28 10:10:57 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013.09.28 10:10:57 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013.09.28 10:10:57 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013.09.28 10:10:57 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013.09.28 10:10:56 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013.09.28 10:10:56 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013.09.28 10:10:56 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013.09.28 10:10:56 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013.09.28 10:10:56 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013.09.28 10:10:55 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013.09.28 10:10:55 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013.09.28 10:10:55 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013.09.28 10:10:55 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013.09.28 10:10:55 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013.09.28 10:10:55 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013.09.28 10:10:54 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013.09.28 10:10:54 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013.09.28 10:10:54 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013.09.28 10:10:54 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013.09.28 10:10:54 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013.09.28 10:10:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013.09.28 10:10:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013.09.28 10:10:53 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013.09.28 10:10:49 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013.09.28 10:10:40 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013.09.28 10:10:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013.09.28 10:10:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013.09.28 10:10:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013.09.28 10:10:36 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013.09.28 10:10:36 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013.09.28 10:10:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013.09.28 10:10:34 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013.09.28 10:10:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013.09.28 10:10:33 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013.09.28 10:10:32 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013.09.28 10:10:32 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013.09.28 10:10:32 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013.09.28 10:10:31 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013.09.28 10:10:28 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2013.09.28 10:10:27 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013.09.28 10:10:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013.09.28 10:10:26 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013.09.28 10:10:25 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013.09.28 10:10:25 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013.09.28 10:10:25 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013.09.28 10:10:25 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013.09.28 10:10:24 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013.09.28 10:10:24 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013.09.28 10:10:23 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013.09.28 10:10:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013.09.28 10:10:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013.09.28 10:10:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013.09.28 10:10:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013.09.28 10:10:22 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013.09.28 10:10:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013.09.28 10:10:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013.09.28 10:10:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013.09.28 10:10:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013.09.28 10:10:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2013.09.28 10:10:04 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2013.09.28 10:09:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013.09.28 10:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2013.09.28 10:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2013.09.28 10:09:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013.09.28 10:09:20 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013.09.28 10:08:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013.09.28 10:08:33 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013.09.28 10:08:33 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013.09.28 10:08:21 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2013.09.28 10:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2013.09.28 10:07:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013.09.28 10:07:33 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013.09.28 10:07:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013.09.28 10:07:33 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013.09.28 10:07:32 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013.09.28 10:07:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013.09.28 10:07:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013.09.28 10:07:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013.09.28 10:07:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013.09.28 10:07:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013.09.28 10:07:21 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2013.09.28 10:07:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2013.09.28 10:07:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2013.09.28 10:07:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013.09.28 10:07:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013.09.28 10:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2013.09.28 10:07:16 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2013.09.28 10:07:16 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2013.09.28 10:07:16 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2013.09.28 10:07:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2013.09.28 10:07:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013.09.28 10:07:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013.09.28 10:07:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013.09.28 10:07:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013.09.28 10:07:15 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2013.09.28 10:07:15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2013.09.28 10:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013.09.28 10:07:14 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2013.09.28 10:07:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013.09.28 10:07:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013.09.28 10:07:09 | 001,674,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2013.09.28 10:07:09 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2013.09.28 10:07:08 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2013.09.28 10:07:08 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2013.09.28 10:07:08 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2013.09.28 10:07:08 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2013.09.28 10:07:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2013.09.28 10:07:07 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2013.09.28 10:07:07 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2013.09.28 10:07:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2013.09.28 10:07:07 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2013.09.28 10:07:06 | 001,933,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013.09.28 10:07:06 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013.09.28 10:07:06 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013.09.28 10:07:06 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013.09.28 10:07:06 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013.09.28 10:07:06 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013.09.28 10:07:06 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013.09.28 10:07:05 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013.09.28 10:07:05 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013.09.28 10:07:05 | 000,219,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013.09.28 10:07:05 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013.09.28 10:07:05 | 000,053,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013.09.28 10:07:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013.09.28 10:07:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013.09.28 10:07:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013.09.28 10:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2013.09.28 10:06:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013.09.28 10:06:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013.09.28 10:06:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013.09.28 10:06:55 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013.09.28 10:06:51 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013.09.28 10:06:51 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2013.09.28 10:06:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013.09.28 10:06:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013.09.28 10:06:50 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013.09.28 10:06:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013.09.28 10:06:49 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013.09.28 10:06:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013.09.28 10:06:46 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013.09.28 10:06:46 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013.09.28 10:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2013.09.28 10:06:44 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013.09.28 10:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2013.09.28 10:06:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013.09.28 10:06:41 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013.09.28 10:06:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013.09.28 10:06:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013.09.28 10:06:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013.09.28 10:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2013.09.28 10:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2013.09.28 10:06:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Obrázky
[2013.09.28 10:06:21 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013.09.28 10:06:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Nástroje pro správu
[2013.09.28 10:06:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013.09.28 10:05:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Hry
[2013.09.28 10:05:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Hudba
[2013.09.28 10:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2013.09.28 10:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013.09.28 10:05:35 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2013.09.28 10:05:35 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2013.09.28 10:05:35 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2013.09.28 10:05:34 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2013.09.28 10:05:34 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2013.09.28 10:05:34 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2013.09.28 10:05:34 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2013.09.28 10:05:34 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2013.09.28 10:05:34 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2013.09.28 10:05:34 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2013.09.28 10:05:34 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2013.09.28 10:05:34 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2013.09.28 10:05:33 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2013.09.28 10:05:33 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2013.09.28 10:05:33 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2013.09.28 10:05:33 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2013.09.28 10:05:33 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2013.09.28 10:05:33 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2013.09.28 10:05:33 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2013.09.28 10:05:32 | 001,040,467 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2013.09.28 10:05:32 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2013.09.28 10:05:32 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2013.09.28 10:05:32 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2013.09.28 10:05:31 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2013.09.28 10:05:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013.09.28 10:05:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013.09.28 10:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2013.09.28 10:05:20 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.09.28 10:05:20 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.09.28 10:05:19 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013.09.28 10:05:19 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013.09.28 10:05:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013.09.28 10:05:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013.09.28 10:05:19 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013.09.28 10:05:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013.09.28 10:05:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013.09.28 10:05:19 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2013.09.28 10:05:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013.09.28 10:05:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013.09.28 10:05:10 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013.09.28 10:05:10 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013.09.28 10:05:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013.09.28 10:05:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013.09.28 10:05:09 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013.09.28 10:05:09 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013.09.28 10:05:09 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013.09.28 10:05:09 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013.09.28 10:05:08 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013.09.28 10:05:08 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013.09.28 10:05:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013.09.28 10:05:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013.09.28 10:05:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013.09.28 10:05:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013.09.28 10:05:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013.09.28 10:05:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013.09.28 10:05:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013.09.28 10:05:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013.09.28 10:05:07 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013.09.28 10:05:07 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013.09.28 10:05:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013.09.28 10:05:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013.09.28 10:05:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013.09.28 10:05:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013.09.28 10:05:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013.09.28 10:05:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013.09.28 10:05:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013.09.28 10:05:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013.09.28 10:05:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013.09.28 10:05:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013.09.28 10:05:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013.09.28 10:05:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013.09.28 10:05:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013.09.28 10:05:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013.09.28 10:05:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013.09.28 10:05:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013.09.28 10:05:06 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013.09.28 10:05:06 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013.09.28 10:05:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013.09.28 10:05:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013.09.28 10:05:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013.09.28 10:05:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013.09.28 10:05:05 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.09.28 10:05:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.09.28 10:05:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013.09.28 10:05:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013.09.28 10:05:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013.09.28 10:05:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013.09.28 10:05:04 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013.09.28 10:05:04 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.09.28 10:05:04 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.09.28 10:05:04 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013.09.28 10:05:00 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013.09.28 10:05:00 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013.09.28 10:05:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013.09.28 10:05:00 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013.09.28 10:05:00 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013.09.28 10:05:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013.09.28 10:05:00 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013.09.28 10:05:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013.09.28 10:05:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013.09.28 10:04:59 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013.09.28 10:04:59 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013.09.28 10:04:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013.09.28 10:04:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013.09.28 10:04:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013.09.28 10:04:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013.09.28 10:04:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013.09.28 10:04:57 | 000,351,232 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013.09.28 10:04:57 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013.09.28 10:04:57 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013.09.28 10:04:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013.09.28 10:04:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013.09.28 10:04:57 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013.09.28 10:04:56 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013.09.28 10:04:56 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013.09.28 10:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2013.09.28 10:04:55 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013.09.28 10:04:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013.09.28 10:04:54 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2013.09.28 10:04:54 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2013.09.28 10:04:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013.09.28 10:04:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013.09.28 10:04:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.09.28 10:04:53 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.09.28 10:04:53 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.09.28 10:04:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2013.09.28 10:04:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2013.09.28 10:04:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.09.28 10:04:53 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.09.28 10:04:52 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.09.28 10:04:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.09.28 10:04:52 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.09.28 10:04:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013.09.28 10:04:51 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.09.28 10:04:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.09.28 10:04:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.09.28 10:04:50 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013.09.28 10:04:50 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013.09.28 10:04:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013.09.28 10:04:49 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013.09.28 10:04:43 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013.09.28 10:04:42 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013.09.28 10:04:42 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013.09.28 10:04:42 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013.09.28 10:03:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Příslušenství
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.10.05 18:16:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michal\Plocha\OTL.exe
[2013.10.05 17:57:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.10.05 16:01:15 | 000,044,795 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\smart forum.png
[2013.10.05 15:01:17 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.10.05 14:07:27 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.05 12:32:50 | 000,031,074 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\michal.jpg
[2013.10.05 12:28:06 | 000,437,760 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\QRGen.exe
[2013.10.05 12:09:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.10.05 12:01:01 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.10.05 12:00:41 | 003,618,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.05 11:59:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.10.05 11:26:25 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2013.10.04 20:13:43 | 000,314,644 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.10.04 20:13:43 | 000,313,244 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.10.04 20:13:43 | 000,047,386 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.10.04 20:13:43 | 000,040,972 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.10.02 18:36:51 | 002,799,296 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Michal\Plocha\procexp.exe
[2013.10.01 19:59:15 | 000,054,676 | ---- | M] () -- C:\Documents and Settings\Michal\Dokumenty\cc_20131001_195841.reg
[2013.10.01 19:55:58 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.10.01 19:33:08 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.10.01 15:42:13 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.09.30 17:44:08 | 018,734,784 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Michal\Plocha\WDM_A406.exe
[2013.09.30 17:10:24 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Need for Speed™ Carbon.lnk
[2013.09.28 18:35:49 | 000,000,113 | ---- | M] () -- C:\Documents and Settings\Michal\default.pls
[2013.09.28 18:34:08 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.09.28 18:34:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.09.28 17:06:56 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.09.28 16:39:06 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2013.09.28 12:47:12 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.09.28 12:34:51 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2013.09.28 12:20:35 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.09.28 12:17:49 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.09.28 12:17:49 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.09.28 12:09:08 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.09.28 12:05:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.09.28 12:03:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.09.28 11:54:47 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\vso_ts_preview.xml
[2013.09.28 11:53:45 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\inst.exe
[2013.09.28 11:53:45 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.sys
[2013.09.28 11:53:45 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.cat
[2013.09.28 11:53:45 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.inf
[2013.09.28 11:53:43 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\ConvertXtoDVD 4.lnk
[2013.09.28 11:24:20 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.09.28 11:18:00 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.09.28 11:08:39 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2013.09.28 11:08:05 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2013.09.28 11:03:19 | 000,002,369 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart.lnk
[2013.09.28 11:03:19 | 000,002,279 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero Home.lnk
[2013.09.28 10:58:16 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Picasa 3.lnk
[2013.09.28 10:57:48 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\BitLord.lnk
[2013.09.28 10:55:37 | 000,000,331 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\Zástupce - Dokumenty.lnk
[2013.09.28 10:53:43 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Michal\Plocha\Zástupce - Tento počítač.lnk
[2013.09.28 10:52:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013.09.28 10:43:43 | 000,001,908 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TP-LINK Wireless Configuration Utility.lnk
[2013.09.28 10:40:55 | 000,113,397 | ---- | M] () -- C:\WINDOWS\hpoins07.dat
[2013.09.28 10:40:04 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\HP Image Zone Express.lnk
[2013.09.28 10:38:53 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Centrum řešení HP.lnk
[2013.09.28 10:27:48 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AvRack.lnk
[2013.09.28 10:25:14 | 000,002,496 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini
[2013.09.28 10:12:48 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.09.28 10:11:53 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.09.28 10:09:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013.09.28 10:09:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013.09.28 10:09:40 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013.09.28 10:09:40 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013.09.28 10:09:20 | 000,004,249 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.09.28 10:06:30 | 000,021,812 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.09.28 10:03:27 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.10.05 16:01:14 | 000,044,795 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\smart forum.png

[Michalkalensky]

tady log z OTL - 4.část

[2013.10.05 15:10:27 | 000,377,856 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\tool.exe.exe
[2013.10.05 12:32:49 | 000,031,074 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\michal.jpg
[2013.10.05 12:28:11 | 000,437,760 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\QRGen.exe
[2013.10.04 22:56:19 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Photoshop CS6.lnk
[2013.10.04 22:54:31 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Bridge CS6.lnk
[2013.10.04 22:52:24 | 000,001,000 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Extension Manager CS6.lnk
[2013.10.04 22:52:10 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe ExtendScript Toolkit CS6.lnk
[2013.10.03 18:43:21 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.02 21:59:38 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2013.10.01 19:58:48 | 000,054,676 | ---- | C] () -- C:\Documents and Settings\Michal\Dokumenty\cc_20131001_195841.reg
[2013.10.01 19:55:58 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.10.01 15:42:13 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.10.01 15:42:11 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.09.30 17:10:24 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Need for Speed™ Carbon.lnk
[2013.09.28 18:35:49 | 000,000,113 | ---- | C] () -- C:\Documents and Settings\Michal\default.pls
[2013.09.28 18:35:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2013.09.28 17:57:00 | 000,386,923 | ---- | C] () -- C:\WINDOWS\KMSAct.exe
[2013.09.28 16:44:30 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2013.09.28 16:40:33 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013.09.28 16:40:31 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013.09.28 16:40:28 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013.09.28 12:44:56 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.09.28 12:34:51 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2013.09.28 12:18:32 | 005,840,593 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\Krucipüsk---Druide!.mp3
[2013.09.28 12:03:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.09.28 12:02:12 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.09.28 11:58:49 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.09.28 11:58:47 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013.09.28 11:58:47 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013.09.28 11:58:47 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013.09.28 11:58:46 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013.09.28 11:58:24 | 000,001,592 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.09.28 11:58:12 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.09.28 11:58:12 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.09.28 11:58:12 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.09.28 11:58:12 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.09.28 11:58:12 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.09.28 11:58:12 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.09.28 11:58:12 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.09.28 11:58:11 | 001,014,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2013.09.28 11:57:28 | 003,618,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.09.28 11:56:42 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2013.09.28 11:56:39 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.09.28 11:56:34 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.09.28 11:56:34 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.09.28 11:54:08 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\vso_ts_preview.xml
[2013.09.28 11:53:45 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\inst.exe
[2013.09.28 11:53:45 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.cat
[2013.09.28 11:53:45 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\pcouffin.inf
[2013.09.28 11:53:43 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\ConvertXtoDVD 4.lnk
[2013.09.28 11:24:20 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.09.28 11:24:16 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.09.28 11:18:00 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.09.28 11:08:39 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2013.09.28 11:03:19 | 000,002,369 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart.lnk
[2013.09.28 11:03:19 | 000,002,279 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero Home.lnk
[2013.09.28 10:58:16 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Picasa 3.lnk
[2013.09.28 10:57:48 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\BitLord.lnk
[2013.09.28 10:55:37 | 000,000,331 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\Zástupce - Dokumenty.lnk
[2013.09.28 10:53:43 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Michal\Plocha\Zástupce - Tento počítač.lnk
[2013.09.28 10:52:58 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2013.09.28 10:43:43 | 000,001,908 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TP-LINK Wireless Configuration Utility.lnk
[2013.09.28 10:43:29 | 000,035,967 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.cat
[2013.09.28 10:43:29 | 000,005,529 | ---- | C] () -- C:\WINDOWS\System32\jswscimdp.inf
[2013.09.28 10:43:28 | 000,035,538 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.cat
[2013.09.28 10:43:28 | 000,002,231 | ---- | C] () -- C:\WINDOWS\System32\jswscimd.inf
[2013.09.28 10:43:24 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2013.09.28 10:43:11 | 000,042,067 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2013.09.28 10:43:11 | 000,042,052 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2013.09.28 10:43:11 | 000,005,363 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2013.09.28 10:43:11 | 000,002,179 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2013.09.28 10:43:10 | 000,422,000 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2013.09.28 10:42:51 | 000,045,171 | ---- | C] () -- C:\WINDOWS\System32\netathuw.inf
[2013.09.28 10:42:51 | 000,007,554 | ---- | C] () -- C:\WINDOWS\System32\netathuw.cat
[2013.09.28 10:40:04 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\HP Image Zone Express.lnk
[2013.09.28 10:39:38 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Registrace I.R.I.S. OCR.lnk
[2013.09.28 10:38:53 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Centrum řešení HP.lnk
[2013.09.28 10:31:21 | 000,113,397 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2013.09.28 10:31:21 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2013.09.28 10:30:27 | 000,201,076 | ---- | C] () -- C:\WINDOWS\comwarn.bmp
[2013.09.28 10:30:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\CNYUSB.dll
[2013.09.28 10:30:27 | 000,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2013.09.28 10:30:27 | 000,005,120 | ---- | C] () -- C:\WINDOWS\HKCYDLL.dll
[2013.09.28 10:30:27 | 000,004,092 | ---- | C] () -- C:\WINDOWS\Me.reg
[2013.09.28 10:30:27 | 000,004,088 | ---- | C] () -- C:\WINDOWS\98.reg
[2013.09.28 10:30:27 | 000,004,078 | ---- | C] () -- C:\WINDOWS\XP.reg
[2013.09.28 10:30:27 | 000,004,074 | ---- | C] () -- C:\WINDOWS\2k.reg
[2013.09.28 10:30:27 | 000,000,747 | ---- | C] () -- C:\WINDOWS\LedHKey.reg
[2013.09.28 10:30:27 | 000,000,452 | ---- | C] () -- C:\WINDOWS\Instit.ini
[2013.09.28 10:30:27 | 000,000,360 | ---- | C] () -- C:\WINDOWS\CNYHKey.ini
[2013.09.28 10:27:48 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AvRack.lnk
[2013.09.28 10:27:43 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.09.28 10:27:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.09.28 10:27:39 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2013.09.28 10:25:12 | 000,002,496 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013.09.28 10:25:10 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2013.09.28 10:22:08 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2013.09.28 10:19:41 | 000,029,204 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2013.09.28 10:19:22 | 000,014,757 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2013.09.28 10:15:58 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Outlook Express.lnk
[2013.09.28 10:15:56 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Internet Explorer.lnk
[2013.09.28 10:15:48 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2013.09.28 10:15:48 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Windows Media Player.lnk
[2013.09.28 10:12:48 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.09.28 10:11:53 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.09.28 10:11:18 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.09.28 10:11:04 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.09.28 10:10:57 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.09.28 10:10:56 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.09.28 10:10:53 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.09.28 10:10:44 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.09.28 10:10:39 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.09.28 10:10:25 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.09.28 10:09:40 | 000,002,504 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.09.28 10:09:40 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013.09.28 10:09:40 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.09.28 10:09:40 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013.09.28 10:09:40 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013.09.28 10:09:31 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.09.28 10:09:31 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.09.28 10:09:30 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.09.28 10:08:20 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Movie Maker.lnk
[2013.09.28 10:08:08 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.09.28 10:07:30 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.09.28 10:07:30 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.09.28 10:07:22 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.09.28 10:06:30 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.09.28 10:05:41 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Messenger.lnk
[2013.09.28 10:05:12 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Omítka Santa Fe.bmp
[2013.09.28 10:05:12 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Řeka Sumida.bmp
[2013.09.28 10:05:12 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2013.09.28 10:05:12 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013.09.28 10:05:11 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Mýdlové bubliny.bmp
[2013.09.28 10:05:11 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prérijní vítr.bmp
[2013.09.28 10:05:11 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Zelený kámen.bmp
[2013.09.28 10:05:11 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybách.bmp
[2013.09.28 10:05:11 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Zrnko kávy.bmp
[2013.09.28 10:05:11 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Textura peří.bmp
[2013.09.28 10:05:11 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Modrá krajka 16.bmp
[2013.09.28 10:05:07 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.09.28 10:05:07 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.09.28 10:05:06 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.09.28 10:04:58 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008.04.14 08:51:42 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.10.05 13:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\4shared Desktop
[2013.09.28 11:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.09.28 11:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.10.04 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2013.09.28 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
[2013.09.28 12:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2013.09.28 11:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Lite
[2013.09.28 10:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\TP-LINK
[2013.10.01 19:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Vso
[2013.09.28 12:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CENZURA

========== Purity Check ==========

< End of report >


tady druhý log z OTL

OTL Extras logfile created on: 5.10.2013 18:23:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Michal\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,66% Memory free
3,35 Gb Paging File | 2,99 Gb Available in Paging File | 89,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,78 Gb Total Space | 87,22 Gb Free Space | 78,03% Space Free | Partition Type: NTFS
Drive F: | 465,74 Gb Total Space | 133,10 Gb Free Space | 28,58% Space Free | Partition Type: NTFS

Computer Name: ADMIN-71487C35A | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.5.1
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TP-LINK 150Mbps Wireless N USB Adapter Driver
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = RTLSetup for Realtek RTL8139/810x Family NIC 3.00
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.11.326
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F14B8ECC-BDA0-4987-9201-D7B7DBE11029}" = Nero 7 Premium
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = USB Wireless Keyboard Driver Ver1.1
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"BitLord" = BitLord 1.1
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Mozilla Firefox 24.0 (x86 cs)" = Mozilla Firefox 24.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28.9.2013 11:55:05 | Computer Name = ADMIN-71487C35A | Source = Office Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0xC004C032 Sku Id=8c5fa740-5dca-43f9-be1b-d0281bcf9779

Error - 28.9.2013 11:55:14 | Computer Name = ADMIN-71487C35A | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0xC004C032

Error - 28.9.2013 11:55:14 | Computer Name = ADMIN-71487C35A | Source = Office Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0xC004C032 Sku Id=8c5fa740-5dca-43f9-be1b-d0281bcf9779

Error - 28.9.2013 11:55:21 | Computer Name = ADMIN-71487C35A | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0xC004C032

Error - 28.9.2013 11:55:21 | Computer Name = ADMIN-71487C35A | Source = Office Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0xC004C032 Sku Id=8c5fa740-5dca-43f9-be1b-d0281bcf9779

Error - 28.9.2013 11:55:27 | Computer Name = ADMIN-71487C35A | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0xC004C032

Error - 28.9.2013 11:55:27 | Computer Name = ADMIN-71487C35A | Source = Office Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0xC004C032 Sku Id=8c5fa740-5dca-43f9-be1b-d0281bcf9779

Error - 3.10.2013 9:22:59 | Computer Name = ADMIN-71487C35A | Source = Application Error | ID = 1000
Description = Chybující aplikace nfsc.exe, verze 0.0.0.0, chybující modul nfsc.exe,
verze 0.0.0.0, adresa chyby 0x0029d0fd.

Error - 4.10.2013 14:19:10 | Computer Name = ADMIN-71487C35A | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 4.10.2013 14:19:10 | Computer Name = ADMIN-71487C35A | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

[ System Events ]
Error - 5.10.2013 9:45:32 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 9:46:52 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 9:50:06 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 9:50:30 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 9:52:41 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 9:57:47 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 10:00:35 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 10:01:45 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 10:19:44 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 5.10.2013 10:30:23 | Computer Name = ADMIN-71487C35A | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.


< End of report >

[Michalkalensky]

tady log z tdsskiller

18:35:22.0281 2720 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:35:22.0671 2720 ============================================================
18:35:22.0671 2720 Current date / time: 2013/10/05 18:35:22.0671
18:35:22.0687 2720 SystemInfo:
18:35:22.0687 2720
18:35:22.0687 2720 OS Version: 5.1.2600 ServicePack: 3.0
18:35:22.0687 2720 Product type: Workstation
18:35:22.0687 2720 ComputerName: ADMIN-71487C35A
18:35:22.0687 2720 UserName: Michal
18:35:22.0687 2720 Windows directory: C:\WINDOWS
18:35:22.0687 2720 System windows directory: C:\WINDOWS
18:35:22.0687 2720 Processor architecture: Intel x86
18:35:22.0687 2720 Number of processors: 1
18:35:22.0687 2720 Page size: 0x1000
18:35:22.0687 2720 Boot type: Normal boot
18:35:22.0687 2720 ============================================================
18:35:24.0656 2720 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:35:24.0687 2720 Drive \Device\Harddisk1\DR2 - Size: 0x7470206000 (465.75 Gb), SectorSize: 0x200, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:35:26.0343 2720 ============================================================
18:35:26.0343 2720 \Device\Harddisk0\DR0:
18:35:26.0343 2720 MBR partitions:
18:35:26.0343 2720 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
18:35:26.0343 2720 \Device\Harddisk1\DR2:
18:35:26.0343 2720 MBR partitions:
18:35:26.0343 2720 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A37CE80
18:35:26.0343 2720 ============================================================
18:35:26.0375 2720 C: <-> \Device\Harddisk0\DR0\Partition1
18:35:26.0406 2720 F: <-> \Device\Harddisk1\DR2\Partition1
18:35:26.0406 2720 ============================================================
18:35:26.0406 2720 Initialize success
18:35:26.0406 2720 ============================================================
18:35:47.0250 3060 ============================================================
18:35:47.0250 3060 Scan started
18:35:47.0250 3060 Mode: Manual;
18:35:47.0250 3060 ============================================================
18:35:47.0562 3060 ================ Scan system memory ========================
18:35:47.0562 3060 System memory - ok
18:35:47.0562 3060 ================ Scan services =============================
18:35:47.0906 3060 Abiosdsk - ok
18:35:47.0921 3060 abp480n5 - ok
18:35:48.0031 3060 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:35:48.0093 3060 ACPI - ok
18:35:48.0125 3060 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:35:48.0125 3060 ACPIEC - ok
18:35:48.0406 3060 [ 5AC144F03B31AFAB6717AD3622D1680D ] acs C:\WINDOWS\system32\acs.exe
18:35:48.0609 3060 acs - ok
18:35:48.0828 3060 [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:35:48.0937 3060 AdobeFlashPlayerUpdateSvc - ok
18:35:48.0953 3060 adpu160m - ok
18:35:49.0031 3060 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:35:49.0078 3060 aec - ok
18:35:49.0187 3060 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:35:49.0218 3060 AFD - ok
18:35:49.0234 3060 Aha154x - ok
18:35:49.0234 3060 aic78u2 - ok
18:35:49.0250 3060 aic78xx - ok
18:35:51.0328 3060 [ DD8520280304B6145A6BE31008748C7C ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
18:35:53.0484 3060 ALCXWDM - ok
18:35:53.0546 3060 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:35:53.0546 3060 Alerter - ok
18:35:53.0625 3060 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
18:35:53.0625 3060 ALG - ok
18:35:53.0640 3060 AliIde - ok
18:35:53.0640 3060 amsint - ok
18:35:53.0656 3060 AppMgmt - ok
18:35:54.0515 3060 [ 7141E281D840699D9D79B18F4062DD58 ] AR9271 C:\WINDOWS\system32\DRIVERS\athuw.sys
18:35:55.0296 3060 AR9271 - ok
18:35:55.0312 3060 asc - ok
18:35:55.0328 3060 asc3350p - ok
18:35:55.0343 3060 asc3550 - ok
18:35:55.0390 3060 [ B9FE438B3CAD82B2014710349A2022F7 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:35:55.0390 3060 aswFsBlk - ok
18:35:55.0453 3060 [ AE5549DD21F6DE06406031EF1D51ACC3 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
18:35:55.0468 3060 aswMonFlt - ok
18:35:55.0546 3060 [ D084D0A7A66619FC29776CBBB9D5FA55 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
18:35:55.0546 3060 AswRdr - ok
18:35:55.0578 3060 [ FA72FA503F580C3C628DD8C7D7622E37 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
18:35:55.0578 3060 aswRvrt - ok
18:35:55.0968 3060 [ 4D53349D848C6BADB3D4ACBE98C27676 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:35:56.0312 3060 aswSnx - ok
18:35:56.0500 3060 [ 813024DFD54A41B3AFAE2B1E2796CB80 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:35:56.0656 3060 aswSP - ok
18:35:56.0703 3060 [ 5E18413310134130D7772F0668698CB7 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:35:56.0703 3060 aswTdi - ok
18:35:56.0796 3060 [ A5F637D61719D37A5B4868C385E363C0 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
18:35:56.0859 3060 aswVmm - ok
18:35:56.0906 3060 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:35:56.0906 3060 AsyncMac - ok
18:35:56.0968 3060 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:35:56.0968 3060 atapi - ok
18:35:56.0984 3060 Atdisk - ok
18:35:57.0046 3060 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:35:57.0046 3060 Atmarpc - ok
18:35:57.0093 3060 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:35:57.0093 3060 AudioSrv - ok
18:35:57.0140 3060 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:35:57.0140 3060 audstub - ok
18:35:57.0281 3060 [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:35:57.0281 3060 avast! Antivirus - ok
18:35:57.0343 3060 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:35:57.0343 3060 Beep - ok
18:35:57.0578 3060 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
18:35:57.0765 3060 BITS - ok
18:35:57.0843 3060 [ 249276D3EF1E74B992299CB96099E4D7 ] Browser C:\WINDOWS\System32\browser.dll
18:35:57.0843 3060 Browser - ok
18:35:57.0968 3060 catchme - ok
18:35:58.0000 3060 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:35:58.0000 3060 cbidf2k - ok
18:35:58.0015 3060 cd20xrnt - ok
18:35:58.0062 3060 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:35:58.0062 3060 Cdaudio - ok
18:35:58.0140 3060 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:35:58.0156 3060 Cdfs - ok
18:35:58.0218 3060 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:35:58.0218 3060 Cdrom - ok
18:35:58.0234 3060 Changer - ok
18:35:58.0281 3060 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:35:58.0281 3060 CiSvc - ok
18:35:58.0343 3060 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:35:58.0343 3060 ClipSrv - ok
18:35:58.0359 3060 CmdIde - ok
18:35:58.0375 3060 COMSysApp - ok
18:35:58.0390 3060 Cpqarray - ok
18:35:58.0609 3060 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:35:58.0625 3060 CryptSvc - ok
18:35:58.0625 3060 dac2w2k - ok
18:35:58.0640 3060 dac960nt - ok
18:35:58.0875 3060 [ C868F3AE15CF71A93F2AA3A32856D839 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:35:59.0062 3060 DcomLaunch - ok
18:35:59.0140 3060 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:35:59.0187 3060 Dhcp - ok
18:35:59.0234 3060 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:35:59.0234 3060 Disk - ok
18:35:59.0250 3060 dmadmin - ok
18:35:59.0687 3060 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:36:00.0031 3060 dmboot - ok
18:36:00.0171 3060 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:36:00.0218 3060 dmio - ok
18:36:00.0250 3060 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:36:00.0250 3060 dmload - ok
18:36:00.0296 3060 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:36:00.0312 3060 dmserver - ok
18:36:00.0359 3060 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:36:00.0359 3060 DMusic - ok
18:36:00.0406 3060 [ 0634B791684B84F4A331F3D3536FEEF8 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:36:00.0406 3060 Dnscache - ok
18:36:00.0562 3060 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:36:00.0578 3060 Dot3svc - ok
18:36:00.0593 3060 dpti2o - ok
18:36:00.0656 3060 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:36:00.0656 3060 drmkaud - ok
18:36:00.0812 3060 [ E6B7D1B24E16FB24CE1FEA964E144EBC ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
18:36:00.0890 3060 dtsoftbus01 - ok
18:36:00.0953 3060 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:36:00.0953 3060 EapHost - ok
18:36:01.0031 3060 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:36:01.0031 3060 ERSvc - ok
18:36:01.0125 3060 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] Eventlog C:\WINDOWS\system32\services.exe
18:36:01.0156 3060 Eventlog - ok
18:36:01.0312 3060 [ 260C69FD67687B0DC062FC3D31655857 ] EventSystem C:\WINDOWS\system32\es.dll
18:36:01.0406 3060 EventSystem - ok
18:36:01.0500 3060 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:36:01.0531 3060 Fastfat - ok
18:36:01.0640 3060 [ B927443008910B412BEC72FC41C1BAD0 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:36:01.0687 3060 FastUserSwitchingCompatibility - ok
18:36:01.0718 3060 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:36:01.0734 3060 Fdc - ok
18:36:01.0765 3060 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:36:01.0765 3060 Fips - ok
18:36:01.0796 3060 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:36:01.0796 3060 Flpydisk - ok
18:36:01.0921 3060 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:36:01.0937 3060 FltMgr - ok
18:36:01.0953 3060 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:36:01.0953 3060 Fs_Rec - ok
18:36:02.0031 3060 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:36:02.0062 3060 Ftdisk - ok
18:36:02.0140 3060 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:36:02.0140 3060 Gpc - ok
18:36:02.0265 3060 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:36:02.0296 3060 gusvc - ok
18:36:02.0406 3060 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:36:02.0406 3060 helpsvc - ok
18:36:02.0468 3060 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:36:02.0484 3060 HidServ - ok
18:36:02.0531 3060 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:36:02.0531 3060 hidusb - ok
18:36:02.0625 3060 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:36:02.0625 3060 hkmsvc - ok
18:36:02.0640 3060 hpn - ok
18:36:02.0703 3060 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
18:36:02.0718 3060 HPZid412 - ok
18:36:02.0734 3060 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
18:36:02.0750 3060 HPZipr12 - ok
18:36:02.0796 3060 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
18:36:02.0796 3060 HPZius12 - ok
18:36:02.0968 3060 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:36:03.0062 3060 HTTP - ok
18:36:03.0109 3060 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:36:03.0125 3060 HTTPFilter - ok
18:36:03.0140 3060 i2omgmt - ok
18:36:03.0156 3060 i2omp - ok
18:36:03.0203 3060 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:36:03.0218 3060 i8042prt - ok
18:36:03.0281 3060 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:36:03.0281 3060 Imapi - ok
18:36:03.0390 3060 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:36:03.0437 3060 ImapiService - ok
18:36:03.0453 3060 ini910u - ok
18:36:03.0484 3060 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:36:03.0484 3060 IntelIde - ok
18:36:03.0531 3060 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:36:03.0531 3060 intelppm - ok
18:36:03.0578 3060 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:36:03.0578 3060 Ip6Fw - ok
18:36:03.0640 3060 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:36:03.0640 3060 IpFilterDriver - ok
18:36:03.0687 3060 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:36:03.0687 3060 IpInIp - ok
18:36:03.0781 3060 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:36:03.0828 3060 IpNat - ok
18:36:03.0906 3060 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:36:03.0921 3060 IPSec - ok
18:36:03.0953 3060 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:36:03.0953 3060 IRENUM - ok
18:36:04.0000 3060 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:36:04.0015 3060 isapnp - ok
18:36:04.0265 3060 [ FFDB868A2A069F8D58C0E9A1203378C5 ] jswpsapi C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe
18:36:04.0390 3060 jswpsapi - ok
18:36:04.0453 3060 [ AD67795900AA8C05CC4570F5349E0639 ] JSWSCIMD C:\WINDOWS\system32\DRIVERS\jswscimd.sys
18:36:04.0453 3060 JSWSCIMD - ok
18:36:04.0500 3060 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:36:04.0500 3060 Kbdclass - ok
18:36:04.0531 3060 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:36:04.0531 3060 kbdhid - ok
18:36:04.0640 3060 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:36:04.0687 3060 kmixer - ok
18:36:04.0750 3060 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:36:04.0765 3060 KSecDD - ok
18:36:04.0843 3060 [ 21920AC69594AB021237054FA728FE46 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:36:04.0875 3060 lanmanserver - ok
18:36:04.0953 3060 [ 5190783F51A2D7A8495202C664D7C963 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:36:05.0000 3060 lanmanworkstation - ok
18:36:05.0000 3060 lbrtfdc - ok
18:36:05.0046 3060 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:36:05.0062 3060 LmHosts - ok
18:36:05.0109 3060 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
18:36:05.0109 3060 MBAMSwissArmy - ok
18:36:05.0156 3060 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:36:05.0171 3060 Messenger - ok
18:36:05.0265 3060 Microsoft SharePoint Workspace Audit Service - ok
18:36:05.0296 3060 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:36:05.0296 3060 mnmdd - ok
18:36:05.0359 3060 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:36:05.0375 3060 mnmsrvc - ok
18:36:05.0421 3060 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:36:05.0421 3060 Modem - ok
18:36:05.0484 3060 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:36:05.0484 3060 Mouclass - ok
18:36:05.0546 3060 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:36:05.0546 3060 mouhid - ok
18:36:05.0578 3060 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:36:05.0593 3060 MountMgr - ok
18:36:05.0703 3060 [ A2226FD3E659A6ABF43F6CB31D94744F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:36:05.0750 3060 MozillaMaintenance - ok
18:36:05.0750 3060 mraid35x - ok
18:36:05.0843 3060 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:36:05.0906 3060 MRxDAV - ok
18:36:06.0125 3060 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:36:06.0328 3060 MRxSmb - ok
18:36:06.0375 3060 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:36:06.0375 3060 MSDTC - ok
18:36:06.0406 3060 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:36:06.0406 3060 Msfs - ok
18:36:06.0421 3060 MSIServer - ok
18:36:06.0453 3060 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:36:06.0468 3060 MSKSSRV - ok
18:36:06.0484 3060 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:36:06.0484 3060 MSPCLOCK - ok
18:36:06.0531 3060 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:36:06.0531 3060 MSPQM - ok
18:36:06.0593 3060 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:36:06.0593 3060 mssmbios - ok
18:36:06.0656 3060 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:36:06.0687 3060 Mup - ok
18:36:06.0890 3060 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:36:07.0000 3060 napagent - ok
18:36:07.0421 3060 [ 2637F26312ECCEEB6F110E95F1ECE243 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:36:07.0718 3060 NBService - ok
18:36:07.0828 3060 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:36:07.0890 3060 NDIS - ok
18:36:07.0921 3060 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:36:07.0921 3060 NdisTapi - ok
18:36:07.0968 3060 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:36:07.0984 3060 Ndisuio - ok
18:36:08.0031 3060 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:36:08.0046 3060 NdisWan - ok
18:36:08.0093 3060 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:36:08.0093 3060 NDProxy - ok
18:36:08.0125 3060 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:36:08.0125 3060 NetBIOS - ok
18:36:08.0218 3060 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:36:08.0265 3060 NetBT - ok
18:36:08.0359 3060 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
18:36:08.0390 3060 NetDDE - ok
18:36:08.0453 3060 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:36:08.0468 3060 NetDDEdsdm - ok
18:36:08.0515 3060 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:36:08.0531 3060 Netlogon - ok
18:36:08.0687 3060 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
18:36:08.0750 3060 Netman - ok
18:36:08.0875 3060 [ AAC97DAB5F8A0573CF10E0EAC42A7724 ] Nla C:\WINDOWS\System32\mswsock.dll
18:36:08.0984 3060 Nla - ok
18:36:09.0046 3060 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:36:09.0046 3060 Npfs - ok
18:36:09.0343 3060 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:36:09.0578 3060 Ntfs - ok
18:36:09.0609 3060 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:36:09.0609 3060 NtLmSsp - ok
18:36:09.0875 3060 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:36:10.0046 3060 NtmsSvc - ok
18:36:10.0078 3060 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:36:10.0093 3060 Null - ok
18:36:11.0656 3060 [ 920D2D77A9C17DC628123D16EEEA5C22 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:36:13.0140 3060 nv - ok
18:36:13.0218 3060 [ A59A928B2A1934403FA8731352D09822 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
18:36:13.0265 3060 NVSvc - ok
18:36:13.0312 3060 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:36:13.0328 3060 NwlnkFlt - ok
18:36:13.0359 3060 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:36:13.0359 3060 NwlnkFwd - ok
18:36:13.0515 3060 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:36:13.0562 3060 ose - ok
18:36:15.0828 3060 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:36:18.0031 3060 osppsvc - ok
18:36:18.0125 3060 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:36:18.0125 3060 Parport - ok
18:36:18.0156 3060 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:36:18.0156 3060 PartMgr - ok
18:36:18.0218 3060 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:36:18.0218 3060 ParVdm - ok
18:36:18.0265 3060 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:36:18.0281 3060 PCI - ok
18:36:18.0281 3060 PCIDump - ok
18:36:18.0328 3060 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:36:18.0328 3060 PCIIde - ok
18:36:18.0406 3060 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:36:18.0437 3060 Pcmcia - ok
18:36:18.0500 3060 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
18:36:18.0500 3060 pcouffin - ok
18:36:18.0515 3060 PDCOMP - ok
18:36:18.0531 3060 PDFRAME - ok
18:36:18.0546 3060 PDRELI - ok
18:36:18.0546 3060 PDRFRAME - ok
18:36:18.0562 3060 perc2 - ok
18:36:18.0578 3060 perc2hib - ok
18:36:18.0781 3060 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] PlugPlay C:\WINDOWS\system32\services.exe
18:36:18.0796 3060 PlugPlay - ok
18:36:18.0875 3060 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
18:36:18.0875 3060 Pml Driver HPZ12 - ok
18:36:18.0906 3060 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:36:18.0921 3060 PolicyAgent - ok
18:36:18.0953 3060 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:36:18.0968 3060 PptpMiniport - ok
18:36:18.0984 3060 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:36:19.0000 3060 ProtectedStorage - ok
18:36:19.0062 3060 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:36:19.0062 3060 PSched - ok
18:36:19.0109 3060 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:36:19.0109 3060 Ptilink - ok
18:36:19.0125 3060 ql1080 - ok
18:36:19.0140 3060 Ql10wnt - ok
18:36:19.0156 3060 ql12160 - ok
18:36:19.0171 3060 ql1240 - ok
18:36:19.0171 3060 ql1280 - ok
18:36:19.0203 3060 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:36:19.0203 3060 RasAcd - ok
18:36:19.0281 3060 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:36:19.0296 3060 RasAuto - ok
18:36:19.0359 3060 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:36:19.0359 3060 Rasl2tp - ok
18:36:19.0500 3060 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:36:19.0562 3060 RasMan - ok
18:36:19.0609 3060 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:36:19.0625 3060 RasPppoe - ok
18:36:19.0640 3060 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:36:19.0640 3060 Raspti - ok
18:36:19.0750 3060 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:36:19.0796 3060 Rdbss - ok
18:36:19.0828 3060 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:36:19.0828 3060 RDPCDD - ok
18:36:19.0937 3060 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:36:19.0984 3060 RDPWD - ok
18:36:20.0078 3060 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:36:20.0140 3060 RDSessMgr - ok
18:36:20.0203 3060 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:36:20.0203 3060 redbook - ok
18:36:20.0265 3060 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:36:20.0281 3060 RemoteAccess - ok
18:36:20.0328 3060 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:36:20.0343 3060 RpcLocator - ok
18:36:20.0546 3060 [ C868F3AE15CF71A93F2AA3A32856D839 ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:36:20.0578 3060 RpcSs - ok
18:36:20.0656 3060 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:36:20.0703 3060 RSVP - ok
18:36:20.0750 3060 [ D0AC0B0355A3FFB85EB77B083CD0627C ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
18:36:20.0765 3060 rtl8139 - ok
18:36:20.0796 3060 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
18:36:20.0796 3060 SamSs - ok
18:36:20.0859 3060 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:36:20.0875 3060 SCardSvr - ok
18:36:21.0015 3060 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:36:21.0109 3060 Schedule - ok
18:36:21.0156 3060 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:36:21.0156 3060 Secdrv - ok
18:36:21.0203 3060 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:36:21.0218 3060 seclogon - ok
18:36:21.0296 3060 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
18:36:21.0312 3060 SENS - ok
18:36:21.0343 3060 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:36:21.0343 3060 serenum - ok
18:36:21.0390 3060 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:36:21.0390 3060 Serial - ok
18:36:21.0421 3060 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:36:21.0421 3060 Sfloppy - ok
18:36:21.0640 3060 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:36:21.0750 3060 SharedAccess - ok
18:36:21.0843 3060 [ B927443008910B412BEC72FC41C1BAD0 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:36:21.0859 3060 ShellHWDetection - ok
18:36:21.0875 3060 Simbad - ok
18:36:21.0890 3060 Sparrow - ok
18:36:21.0906 3060 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:36:21.0921 3060 splitter - ok
18:36:22.0000 3060 [ CB1090BCA0E7B40D0B5B4E4D66531809 ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:36:22.0000 3060 Spooler - ok
18:36:22.0375 3060 [ 0C1DAD75274CB6E31F053CE3E08BF9C3 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
18:36:22.0390 3060 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 0C1DAD75274CB6E31F053CE3E08BF9C3
18:36:22.0390 3060 sptd ( LockedFile.Multi.Generic ) - warning
18:36:22.0390 3060 sptd - detected LockedFile.Multi.Generic (1)
18:36:22.0453 3060 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:36:22.0453 3060 sr - ok
18:36:22.0578 3060 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
18:36:22.0640 3060 srservice - ok
18:36:22.0984 3060 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:36:23.0125 3060 Srv - ok
18:36:23.0187 3060 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:36:23.0203 3060 SSDPSRV - ok
18:36:23.0390 3060 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
18:36:23.0500 3060 StarWindServiceAE - ok
18:36:23.0703 3060 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:36:23.0843 3060 stisvc - ok
18:36:23.0875 3060 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:36:23.0875 3060 swenum - ok
18:36:24.0234 3060 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:36:24.0437 3060 SwitchBoard - ok
18:36:24.0515 3060 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:36:24.0515 3060 swmidi - ok
18:36:24.0531 3060 SwPrv - ok
18:36:24.0546 3060 symc810 - ok
18:36:24.0562 3060 symc8xx - ok
18:36:24.0578 3060 sym_hi - ok
18:36:24.0593 3060 sym_u3 - ok
18:36:24.0640 3060 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:36:24.0656 3060 sysaudio - ok
18:36:24.0750 3060 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:36:24.0765 3060 SysmonLog - ok
18:36:24.0921 3060 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:36:25.0000 3060 TapiSrv - ok
18:36:25.0203 3060 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:36:25.0328 3060 Tcpip - ok
18:36:25.0390 3060 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:36:25.0390 3060 TDPIPE - ok
18:36:25.0437 3060 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:36:25.0453 3060 TDTCP - ok
18:36:25.0515 3060 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:36:25.0515 3060 TermDD - ok
18:36:25.0703 3060 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
18:36:25.0843 3060 TermService - ok
18:36:25.0984 3060 [ B927443008910B412BEC72FC41C1BAD0 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:36:25.0984 3060 Themes - ok
18:36:26.0015 3060 TosIde - ok
18:36:26.0078 3060 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:36:26.0109 3060 TrkWks - ok
18:36:26.0203 3060 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:36:26.0203 3060 Udfs - ok
18:36:26.0218 3060 ultra - ok
18:36:26.0437 3060 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:36:26.0625 3060 Update - ok
18:36:26.0734 3060 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
18:36:26.0812 3060 upnphost - ok
18:36:26.0843 3060 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
18:36:26.0859 3060 UPS - ok
18:36:26.0937 3060 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:36:26.0937 3060 usbccgp - ok
18:36:26.0984 3060 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:36:26.0984 3060 usbehci - ok
18:36:27.0031 3060 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:36:27.0031 3060 usbhub - ok
18:36:27.0078 3060 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:36:27.0093 3060 usbprint - ok
18:36:27.0125 3060 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:36:27.0140 3060 usbscan - ok
18:36:27.0203 3060 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:36:27.0203 3060 USBSTOR - ok
18:36:27.0234 3060 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:36:27.0234 3060 usbuhci - ok
18:36:27.0265 3060 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:36:27.0265 3060 VgaSave - ok
18:36:27.0281 3060 ViaIde - ok
18:36:27.0328 3060 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:36:27.0343 3060 VolSnap - ok
18:36:27.0515 3060 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
18:36:27.0625 3060 VSS - ok
18:36:27.0750 3060 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
18:36:27.0812 3060 W32Time - ok
18:36:27.0843 3060 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:36:27.0859 3060 Wanarp - ok
18:36:27.0875 3060 WDICA - ok
18:36:27.0921 3060 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:36:27.0937 3060 wdmaud - ok
18:36:28.0000 3060 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:36:28.0015 3060 WebClient - ok
18:36:28.0171 3060 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:36:28.0218 3060 winmgmt - ok
18:36:28.0281 3060 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:36:28.0296 3060 WmdmPmSN - ok
18:36:28.0390 3060 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:36:28.0421 3060 WmiApSrv - ok
18:36:28.0921 3060 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:36:29.0296 3060 WMPNetworkSvc - ok
18:36:29.0359 3060 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:36:29.0359 3060 WS2IFSL - ok
18:36:29.0453 3060 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:36:29.0484 3060 wscsvc - ok
18:36:29.0546 3060 [ 0091D78C5F8FDE0CDF2B214823DE6E48 ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
18:36:29.0562 3060 WSIMD - ok
18:36:29.0578 3060 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:36:29.0593 3060 wuauserv - ok
18:36:29.0671 3060 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:36:29.0671 3060 WudfPf - ok
18:36:29.0734 3060 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:36:29.0750 3060 WudfRd - ok
18:36:29.0859 3060 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:36:29.0890 3060 WudfSvc - ok
18:36:30.0140 3060 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:36:30.0375 3060 WZCSVC - ok
18:36:30.0500 3060 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:36:30.0531 3060 xmlprov - ok
18:36:30.0546 3060 ================ Scan global ===============================
18:36:30.0609 3060 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
18:36:30.0781 3060 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] C:\WINDOWS\system32\winsrv.dll
18:36:31.0031 3060 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] C:\WINDOWS\system32\winsrv.dll
18:36:31.0140 3060 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] C:\WINDOWS\system32\services.exe
18:36:31.0156 3060 [Global] - ok
18:36:31.0171 3060 ================ Scan MBR ==================================
18:36:31.0203 3060 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
18:36:31.0578 3060 \Device\Harddisk0\DR0 - ok
18:36:31.0593 3060 [ 180DBDE3AF7EA48B3DB3AC27B1DDF401 ] \Device\Harddisk1\DR2
18:36:31.0593 3060 \Device\Harddisk1\DR2 - ok
18:36:31.0609 3060 ================ Scan VBR ==================================
18:36:31.0609 3060 [ 805748B9C1BB3F80C49E84D86E2F132A ] \Device\Harddisk0\DR0\Partition1
18:36:31.0625 3060 \Device\Harddisk0\DR0\Partition1 - ok
18:36:31.0625 3060 [ 1A24BF5AC150C74927375005307AF48F ] \Device\Harddisk1\DR2\Partition1
18:36:31.0640 3060 \Device\Harddisk1\DR2\Partition1 - ok
18:36:31.0640 3060 ============================================================
18:36:31.0640 3060 Scan finished
18:36:31.0640 3060 ============================================================
18:36:31.0656 3352 Detected object count: 1
18:36:31.0656 3352 Actual detected object count: 1
18:36:51.0750 3352 sptd ( LockedFile.Multi.Generic ) - skipped by user
18:36:51.0750 3352 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
18:36:58.0031 4036 Deinitialize success