Prosím pomoc :-(

[snnoop]

Pokaždé když zapojím flešku tak se mne tam načte nějaký zástupce,když ho vymažu opět se ukáže.Včera jsem udělal reinstal Pc kvůli tomu a dnes opět to samé. Udělal jsem nějaký log z programu usb fix možná vám to pomůže a poradíte mnohokrát děkuji za jakoukoliv pomoc...



############################# | UsbFix V 7.134 | [Research]

User: big (Administrator) # BIG-BIG-PC
Updated 06/09/2013 by El Desaparecido
Started at 17:42:27 | 18/03/2014

Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net

PC: Hewlett-Packard (HP Compaq 6910p) (X86-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz (2001)
RAM -> [Total : 1527 | Free : 659]
BIOS: KBC Version 68.35
BOOT: Normal boot

OS: Microsoft Windows 7 Ultimate (6.1.7600 32-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AS: Windows Defender [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 74 Gb (53 Mb free - 71%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Removable drive # 15 Gb (14 Mb free - 95%) [] # FAT32

################## | Active Processes |

C:\Windows\system32\csrss.exe (380)
C:\Windows\system32\wininit.exe (420)
C:\Windows\system32\csrss.exe (428)
C:\Windows\system32\services.exe (480)
C:\Windows\system32\lsass.exe (496)
C:\Windows\system32\lsm.exe (504)
C:\Windows\system32\winlogon.exe (548)
C:\Windows\system32\svchost.exe (652)
C:\Windows\system32\svchost.exe (736)
C:\Windows\System32\svchost.exe (832)
C:\Windows\System32\svchost.exe (880)
C:\Windows\system32\svchost.exe (912)
C:\Windows\system32\svchost.exe (1064)
C:\Windows\system32\Hpservice.exe (1140)
C:\Windows\system32\svchost.exe (1208)
C:\Windows\System32\spoolsv.exe (1356)
C:\Windows\system32\svchost.exe (1388)
C:\Windows\system32\svchost.exe (1424)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1548)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (1624)
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (1720)
C:\Windows\system32\Dwm.exe (1944)
C:\Windows\system32\svchost.exe (2012)
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (432)
C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe (1592)
C:\Windows\system32\taskhost.exe (1604)
C:\Windows\Explorer.EXE (312)
C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe (2556)
C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe (2664)
C:\Windows\System32\WUDFHost.exe (3428)
C:\Windows\System32\rundll32.exe (4004)
C:\Windows\System32\igfxtray.exe (2728)
C:\Windows\System32\hkcmd.exe (2748)
C:\Windows\System32\igfxpers.exe (2884)
C:\Windows\system32\igfxsrvc.exe (2968)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (3144)
C:\Windows\system32\wbem\wmiprvse.exe (3420)
C:\Users\big\AppData\Local\Temp\Skype.exe (3792)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (2256)
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3184)
C:\Windows\system32\SearchIndexer.exe (992)
C:\Windows\system32\wbem\wmiprvse.exe (3740)
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (3788)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3552)
C:\Windows\System32\svchost.exe (2144)
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (2120)
C:\Windows\System32\svchost.exe (2820)
C:\Windows\system32\DllHost.exe (3540)
C:\Users\big\AppData\Local\Temp\~nsu.tmp\Au_.exe (176)
C:\Program Files\Mozilla Firefox\firefox.exe (3196)
C:\Program Files\Mozilla Firefox\plugin-container.exe (3980)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (3648)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (3752)
C:\Windows\system32\SearchProtocolHost.exe (2568)
C:\Windows\system32\SearchFilterHost.exe (2792)
C:\UsbFix\Go.exe (3440)

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [IgfxTray] - C:\Windows\system32\igfxtray.exe
HKLM\SOFTWARE | Run : [HotKeysCmds] - C:\Windows\system32\hkcmd.exe
HKLM\SOFTWARE | Run : [Persistence] - C:\Windows\system32\igfxpers.exe
HKLM\SOFTWARE | Run : [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-776073097-1473087821-1952639389-1001\SOFTWARE | Run : [8e3bc91142bd8d798a10a1667ae4d2be] - "C:\Users\big\AppData\Local\Temp\Skype.exe" ..
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Files # Infected Folders |

Found ! E:\8e3bc91142bd8d798a10a1667ae4d2be.exe
Found ! E:\ahyb.avi.lnk

################## | Registry |

Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|8e3bc91142bd8d798a10a1667ae4d2be

################## | Mountpoints2 |



################## | Vaccin |

(!) This computer is not vaccinated!

################## | E.O.F | http://www.sosvirus.net |

[snnoop]

Ještě tu přidávám log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by big at 2014-03-18 17:53:56
Microsoft Windows 7 Ultimate
System drive C: has 54 GB (71%) free of 76 GB
Total RAM: 1527 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:22, on 18.3.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16540)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Users\big\AppData\Local\Temp\Skype.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Windows\system32\DllHost.exe
C:\Users\big\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\big\Desktop\RSIT.exe
C:\Program Files\trend micro\big.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovigo.com/?gd=&ctid=CT3314 ... 43F5&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [8e3bc91142bd8d798a10a1667ae4d2be] "C:\Users\big\AppData\Local\Temp\Skype.exe" ..
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: 8e3bc91142bd8d798a10a1667ae4d2be.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 4744 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\searchplugins\
conduit-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"8e3bc91142bd8d798a10a1667ae4d2be"=C:\Users\big\AppData\Local\Temp\Skype.exe [2014-03-18 206336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\8e3bc91142bd8d798a10a1667ae4d2be]
C:\Users\big\AppData\Local\Temp\Skype.exe [2014-03-18 206336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^big^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^8e3bc91142bd8d798a10a1667ae4d2be.exe]
C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8e3bc91142bd8d798a10a1667ae4d2be.exe [2014-03-18 206336]

C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
8e3bc91142bd8d798a10a1667ae4d2be.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-18 17:53:56 ----D---- C:\rsit
2014-03-18 17:53:56 ----D---- C:\Program Files\trend micro
2014-03-18 17:42:27 ----A---- C:\UsbFix [Scan 1] BIG-BIG-PC.txt
2014-03-18 17:42:05 ----D---- C:\UsbFix
2014-03-18 17:19:07 ----D---- C:\Users\big\AppData\Roaming\Malwarebytes
2014-03-18 17:18:54 ----D---- C:\ProgramData\Malwarebytes
2014-03-18 17:18:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-03-18 17:18:51 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-03-18 17:18:16 ----D---- C:\Windows\pss
2014-03-18 15:35:41 ----D---- C:\Program Files\PDF Helper
2014-03-18 14:05:57 ----D---- C:\Intel
2014-03-18 13:37:40 ----D---- C:\Users\big\AppData\Roaming\Flashmedia
2014-03-18 13:36:43 ----D---- C:\Users\big\AppData\Roaming\WinRAR
2014-03-18 13:36:33 ----D---- C:\Program Files\WinRAR
2014-03-18 13:27:06 ----D---- C:\ProgramData\DriverGenius
2014-03-18 13:26:36 ----D---- C:\Program Files\Driver-Soft
2014-03-18 13:17:30 ----D---- C:\Users\big\AppData\Roaming\vlc
2014-03-18 09:20:54 ----A---- C:\Windows\system32\atmlib.dll
2014-03-18 09:20:54 ----A---- C:\Windows\system32\atmfd.dll
2014-03-18 09:18:35 ----A---- C:\Windows\system32\msv1_0.dll
2014-03-18 09:09:31 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2014-03-18 09:09:31 ----A---- C:\Windows\system32\PresentationHost.exe
2014-03-18 09:09:31 ----A---- C:\Windows\system32\netfxperf.dll
2014-03-18 09:09:31 ----A---- C:\Windows\system32\mscoree.dll
2014-03-18 09:09:31 ----A---- C:\Windows\system32\dfshim.dll
2014-03-18 08:44:53 ----A---- C:\Windows\system32\Wdfres.dll
2014-03-18 08:44:53 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-03-18 08:44:53 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-03-18 08:43:54 ----A---- C:\Windows\system32\WUDFx.dll
2014-03-18 08:43:54 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-03-18 08:43:54 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-03-18 08:43:54 ----A---- C:\Windows\system32\WUDFHost.exe
2014-03-18 08:43:54 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-03-18 08:43:54 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-03-18 08:43:54 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-03-18 08:42:22 ----A---- C:\Windows\system32\wmi.dll
2014-03-18 08:42:22 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-03-18 08:42:21 ----A---- C:\Windows\system32\imagehlp.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\wininet.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\wextract.exe
2014-03-18 08:40:50 ----A---- C:\Windows\system32\webcheck.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\vbscript.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\urlmon.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\url.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-03-18 08:40:50 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-18 08:40:50 ----A---- C:\Windows\system32\msrating.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\msls31.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\mshtmler.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\mshtmled.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\msfeedssync.exe
2014-03-18 08:40:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\licmgr10.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\inseng.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\iexpress.exe
2014-03-18 08:40:50 ----A---- C:\Windows\system32\ieui.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\iesysprep.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\iesetup.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\iertutil.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\iernonce.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\ieframe.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\iedkcs32.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\ieapfltr.dat
2014-03-18 08:40:50 ----A---- C:\Windows\system32\ieakeng.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-18 08:40:50 ----A---- C:\Windows\system32\icardie.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\dxtrans.dll
2014-03-18 08:40:50 ----A---- C:\Windows\system32\dxtmsft.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\pngfilt.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\occache.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\mshtml.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\mshta.exe
2014-03-18 08:40:49 ----A---- C:\Windows\system32\jscript9.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\jscript.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\imgutil.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-18 08:40:49 ----A---- C:\Windows\system32\iepeers.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\ieakui.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\ieaksie.dll
2014-03-18 08:40:49 ----A---- C:\Windows\system32\admparse.dll
2014-03-18 08:38:36 ----A---- C:\Windows\system32\browserchoice.exe
2014-03-18 08:33:12 ----A---- C:\Windows\system32\drivers\ks.sys
2014-03-18 08:31:55 ----A---- C:\Windows\system32\wcncsvc.dll
2014-03-17 23:28:06 ----D---- C:\Program Files\VideoLAN
2014-03-17 23:27:25 ----D---- C:\Program Files\SearchProtect
2014-03-17 22:41:48 ----A---- C:\Windows\system32\ole32.dll
2014-03-17 22:41:45 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-03-17 22:41:41 ----A---- C:\Windows\system32\usp10.dll
2014-03-17 22:41:36 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-03-17 22:41:36 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-03-17 22:41:36 ----A---- C:\Windows\system32\drivers\srv.sys
2014-03-17 22:41:32 ----A---- C:\Windows\system32\wintrust.dll
2014-03-17 22:41:30 ----A---- C:\Windows\system32\win32k.sys
2014-03-17 22:41:29 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-03-17 22:41:13 ----A---- C:\Windows\system32\dpnet.dll
2014-03-17 22:40:45 ----A---- C:\Windows\system32\win32spl.dll
2014-03-17 22:40:43 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-03-17 22:40:41 ----A---- C:\Windows\system32\dnsapi.dll
2014-03-17 22:40:40 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-03-17 22:40:40 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-03-17 22:40:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-03-17 22:40:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-03-17 22:40:35 ----A---- C:\Windows\system32\smss.exe
2014-03-17 22:40:35 ----A---- C:\Windows\system32\csrsrv.dll
2014-03-17 22:40:19 ----A---- C:\Windows\system32\winlogon.exe
2014-03-17 22:40:19 ----A---- C:\Windows\explorer.exe
2014-03-17 22:40:08 ----A---- C:\Windows\system32\t2embed.dll
2014-03-17 22:40:04 ----A---- C:\Windows\system32\cryptsvc.dll
2014-03-17 22:40:04 ----A---- C:\Windows\system32\cryptnet.dll
2014-03-17 22:40:04 ----A---- C:\Windows\system32\crypt32.dll
2014-03-17 22:39:50 ----A---- C:\Windows\system32\psisdecd.dll
2014-03-17 22:39:47 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-03-17 22:39:46 ----A---- C:\Windows\system32\schedsvc.dll
2014-03-17 22:39:45 ----A---- C:\Windows\system32\wmicmiplugin.dll
2014-03-17 22:39:45 ----A---- C:\Windows\system32\taskschd.dll
2014-03-17 22:39:45 ----A---- C:\Windows\system32\taskeng.exe
2014-03-17 22:39:45 ----A---- C:\Windows\system32\taskcomp.dll
2014-03-17 22:39:45 ----A---- C:\Windows\system32\schtasks.exe
2014-03-17 22:39:41 ----A---- C:\Windows\system32\rtutils.dll
2014-03-17 22:39:40 ----A---- C:\Windows\system32\schannel.dll
2014-03-17 22:39:39 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-03-17 22:39:39 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-03-17 22:39:39 ----A---- C:\Windows\system32\drivers\cng.sys
2014-03-17 22:39:34 ----A---- C:\Windows\system32\msxml3.dll
2014-03-17 22:39:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-03-17 22:39:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-03-17 22:39:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-03-17 22:39:21 ----A---- C:\Windows\system32\odbc32.dll
2014-03-17 22:39:11 ----A---- C:\Windows\system32\tsgqec.dll
2014-03-17 22:39:11 ----A---- C:\Windows\system32\mstscax.dll
2014-03-17 22:39:11 ----A---- C:\Windows\system32\aaclient.dll
2014-03-17 22:38:57 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-03-17 22:38:43 ----A---- C:\Windows\system32\msxml6.dll
2014-03-17 22:38:40 ----A---- C:\Windows\system32\inetcomm.dll
2014-03-17 22:38:23 ----A---- C:\Windows\system32\asycfilt.dll
2014-03-17 22:38:21 ----A---- C:\Windows\system32\comctl32.dll
2014-03-17 22:38:15 ----A---- C:\Windows\system32\mfc40u.dll
2014-03-17 22:38:15 ----A---- C:\Windows\system32\mfc40.dll
2014-03-17 22:38:09 ----A---- C:\Windows\system32\packager.dll
2014-03-17 22:38:07 ----A---- C:\Windows\system32\wmp.dll
2014-03-17 22:38:05 ----A---- C:\Windows\system32\wmploc.DLL
2014-03-17 22:38:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-03-17 22:38:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-03-17 22:37:16 ----A---- C:\Windows\system32\fontsub.dll
2014-03-17 22:37:15 ----A---- C:\Windows\system32\srcore.dll
2014-03-17 22:37:09 ----A---- C:\Windows\system32\netapi32.dll
2014-03-17 22:37:09 ----A---- C:\Windows\system32\browser.dll
2014-03-17 22:37:09 ----A---- C:\Windows\system32\browcli.dll
2014-03-17 22:37:07 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-03-17 22:37:05 ----A---- C:\Windows\system32\tsbyuv.dll
2014-03-17 22:37:05 ----A---- C:\Windows\system32\msyuv.dll
2014-03-17 22:37:05 ----A---- C:\Windows\system32\msvidc32.dll
2014-03-17 22:37:05 ----A---- C:\Windows\system32\msrle32.dll
2014-03-17 22:37:05 ----A---- C:\Windows\system32\mciavi32.dll
2014-03-17 22:37:05 ----A---- C:\Windows\system32\iyuv_32.dll
2014-03-17 22:37:05 ----A---- C:\Windows\system32\avifil32.dll
2014-03-17 22:36:46 ----A---- C:\Windows\system32\CPFilters.dll
2014-03-17 22:36:45 ----A---- C:\Windows\system32\sbe.dll
2014-03-17 22:36:22 ----A---- C:\Windows\system32\quartz.dll
2014-03-17 22:36:21 ----A---- C:\Windows\system32\qdvd.dll
2014-03-17 22:36:19 ----A---- C:\Windows\system32\kerberos.dll
2014-03-17 22:36:06 ----A---- C:\Windows\system32\d3d10level9.dll
2014-03-17 22:35:56 ----A---- C:\Windows\system32\Wpc.dll
2014-03-17 22:35:56 ----A---- C:\Windows\system32\gameux.dll
2014-03-17 22:35:24 ----A---- C:\Windows\system32\ncrypt.dll
2014-03-17 22:35:23 ----A---- C:\Windows\system32\webio.dll
2014-03-17 22:35:23 ----A---- C:\Windows\system32\lsasrv.dll
2014-03-17 22:35:22 ----A---- C:\Windows\system32\sspisrv.dll
2014-03-17 22:35:22 ----A---- C:\Windows\system32\sspicli.dll
2014-03-17 22:35:22 ----A---- C:\Windows\system32\secur32.dll
2014-03-17 22:35:22 ----A---- C:\Windows\system32\lsass.exe
2014-03-17 22:35:16 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-03-17 22:35:16 ----A---- C:\Windows\system32\rdpwsx.dll
2014-03-17 22:35:16 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-03-17 22:35:14 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-03-17 22:35:11 ----A---- C:\Windows\system32\profsvc.dll
2014-03-17 22:35:10 ----A---- C:\Windows\system32\synceng.dll
2014-03-17 22:35:01 ----A---- C:\Windows\system32\localspl.dll
2014-03-17 22:34:59 ----A---- C:\Windows\system32\wmpmde.dll
2014-03-17 22:34:58 ----A---- C:\Windows\system32\consent.exe
2014-03-17 22:34:56 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-03-17 22:34:56 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-03-17 22:34:56 ----A---- C:\Windows\system32\secproc_isv.dll
2014-03-17 22:34:56 ----A---- C:\Windows\system32\secproc.dll
2014-03-17 22:34:56 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-17 22:34:56 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-03-17 22:34:56 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-03-17 22:34:56 ----A---- C:\Windows\system32\RMActivate.exe
2014-03-17 22:34:51 ----A---- C:\Windows\system32\DWrite.dll
2014-03-17 22:34:51 ----A---- C:\Windows\system32\d3d10warp.dll
2014-03-17 22:34:51 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-03-17 22:34:51 ----A---- C:\Windows\system32\d3d10_1.dll
2014-03-17 22:34:51 ----A---- C:\Windows\system32\d2d1.dll
2014-03-17 22:34:44 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-03-17 22:34:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-03-17 22:34:38 ----A---- C:\Windows\system32\spoolsv.exe
2014-03-17 22:34:34 ----A---- C:\Windows\system32\ntdll.dll
2014-03-17 22:34:30 ----A---- C:\Windows\system32\xmllite.dll
2014-03-17 22:34:27 ----A---- C:\Windows\system32\prevhost.exe
2014-03-17 22:34:24 ----A---- C:\Windows\system32\iccvid.dll
2014-03-17 22:34:23 ----A---- C:\Windows\system32\ir32_32.dll
2014-03-17 22:34:10 ----A---- C:\Windows\system32\msdri.dll
2014-03-17 22:34:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-03-17 22:33:59 ----A---- C:\Windows\system32\msasn1.dll
2014-03-17 22:33:48 ----A---- C:\Windows\system32\oleaut32.dll
2014-03-17 22:33:48 ----A---- C:\Windows\system32\oleacc.dll
2014-03-17 22:33:40 ----A---- C:\Windows\system32\CertEnroll.dll
2014-03-17 22:33:39 ----A---- C:\Windows\system32\winresume.exe
2014-03-17 22:33:39 ----A---- C:\Windows\system32\winload.exe
2014-03-17 22:33:19 ----A---- C:\Windows\system32\tquery.dll
2014-03-17 22:33:19 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-03-17 22:33:19 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-03-17 22:33:19 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-03-17 22:33:19 ----A---- C:\Windows\system32\mssvp.dll
2014-03-17 22:33:19 ----A---- C:\Windows\system32\mssrch.dll
2014-03-17 22:33:19 ----A---- C:\Windows\system32\mssphtb.dll
2014-03-17 22:33:19 ----A---- C:\Windows\system32\mssph.dll
2014-03-17 22:33:19 ----A---- C:\Windows\system32\msscntrs.dll
2014-03-17 22:33:11 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-03-17 22:33:09 ----A---- C:\Windows\system32\EncDec.dll
2014-03-17 22:33:03 ----A---- C:\Windows\system32\XpsPrint.dll
2014-03-17 22:32:57 ----A---- C:\Windows\system32\apphelp.dll
2014-03-17 22:32:53 ----A---- C:\Windows\system32\msi.dll
2014-03-17 22:32:51 ----A---- C:\Windows\system32\mstsc.exe
2014-03-17 22:32:47 ----A---- C:\Windows\system32\odbctrac.dll
2014-03-17 22:32:47 ----A---- C:\Windows\system32\odbcjt32.dll
2014-03-17 22:32:47 ----A---- C:\Windows\system32\odbccu32.dll
2014-03-17 22:32:47 ----A---- C:\Windows\system32\odbccr32.dll
2014-03-17 22:32:47 ----A---- C:\Windows\system32\odbccp32.dll
2014-03-17 22:32:45 ----A---- C:\Windows\system32\msvcrt.dll
2014-03-17 22:32:43 ----A---- C:\Windows\system32\srvsvc.dll
2014-03-17 22:32:41 ----A---- C:\Windows\system32\mf.dll
2014-03-17 22:32:41 ----A---- C:\Windows\system32\FntCache.dll
2014-03-17 22:32:40 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-03-17 22:32:40 ----A---- C:\Windows\system32\mfreadwrite.dll
2014-03-17 22:32:40 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-03-17 22:32:39 ----A---- C:\Windows\system32\XpsRasterService.dll
2014-03-17 22:32:33 ----A---- C:\Windows\system32\upnp.dll
2014-03-17 22:32:32 ----A---- C:\Windows\system32\wscapi.dll
2014-03-17 22:32:32 ----A---- C:\Windows\system32\winhttp.dll
2014-03-17 22:32:32 ----A---- C:\Windows\system32\WebClnt.dll
2014-03-17 22:32:32 ----A---- C:\Windows\system32\davclnt.dll
2014-03-17 22:32:31 ----A---- C:\Windows\system32\wscsvc.dll
2014-03-17 22:32:31 ----A---- C:\Windows\system32\slwga.dll
2014-03-17 22:32:27 ----A---- C:\Windows\system32\ntshrui.dll
2014-03-17 22:32:21 ----A---- C:\Windows\system32\StructuredQuery.dll
2014-03-17 22:32:19 ----A---- C:\Windows\system32\shell32.dll
2014-03-17 22:32:15 ----A---- C:\Windows\system32\poqexec.exe
2014-03-17 22:32:13 ----A---- C:\Windows\system32\mfc42u.dll
2014-03-17 22:32:13 ----A---- C:\Windows\system32\mfc42.dll
2014-03-17 22:32:12 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-03-17 22:32:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-03-17 22:17:39 ----A---- C:\Windows\system32\tzres.dll
2014-03-17 22:17:29 ----D---- C:\Program Files\Common Files\Adobe
2014-03-17 22:17:29 ----D---- C:\Program Files\Adobe
2014-03-17 22:16:24 ----A---- C:\Windows\system32\KernelBase.dll
2014-03-17 22:16:24 ----A---- C:\Windows\system32\kernel32.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-17 22:16:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-17 22:16:23 ----A---- C:\Windows\system32\winsrv.dll
2014-03-17 22:16:23 ----A---- C:\Windows\system32\conhost.exe
2014-03-17 22:16:16 ----D---- C:\ProgramData\Adobe
2014-03-17 22:14:47 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-03-17 22:14:47 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-03-17 22:14:47 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-03-17 22:14:47 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-03-17 22:14:47 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-03-17 22:14:47 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-03-17 22:14:47 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-03-17 22:14:46 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-03-17 22:14:46 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-03-17 22:14:46 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-03-17 22:14:46 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-03-17 22:14:46 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-03-17 22:14:45 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-03-17 22:14:44 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-03-17 22:14:44 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-03-17 22:14:43 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-03-17 22:14:42 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-03-17 22:14:42 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-03-17 22:14:42 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-03-17 22:14:42 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-03-17 22:14:42 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-03-17 22:14:41 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-03-17 22:14:40 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-03-17 22:14:39 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-03-17 22:14:39 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-03-17 22:14:39 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-03-17 22:14:39 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-03-17 22:14:39 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-03-17 22:14:38 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-03-17 22:14:37 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-03-17 22:14:37 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-03-17 22:14:37 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-03-17 22:14:36 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-03-17 22:14:36 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-03-17 22:14:36 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-03-17 22:14:36 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\xinput1_3.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-03-17 22:14:35 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-03-17 22:14:34 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-03-17 22:14:34 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-03-17 22:14:34 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-03-17 22:14:34 ----A---- C:\Windows\system32\d3dx10.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\xinput1_2.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\xinput1_1.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-03-17 22:14:33 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-03-17 22:14:27 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-03-17 22:14:26 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-03-17 22:14:26 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-03-17 22:14:26 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-03-17 22:14:26 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-03-17 22:14:26 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-03-17 22:14:26 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-03-17 22:14:25 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-03-17 22:14:25 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-03-17 22:11:00 ----D---- C:\Users\big\AppData\Roaming\Skype
2014-03-17 22:10:42 ----D---- C:\Program Files\Common Files\Skype
2014-03-17 22:10:41 ----RD---- C:\Program Files\Skype
2014-03-17 22:10:31 ----D---- C:\ProgramData\Skype
2014-03-17 22:09:23 ----A---- C:\Windows\system32\xvidvfw.dll
2014-03-17 22:09:23 ----A---- C:\Windows\system32\xvidcore.dll
2014-03-17 22:09:23 ----A---- C:\Windows\system32\x264vfw.dll
2014-03-17 22:09:23 ----A---- C:\Windows\system32\lagarith.dll
2014-03-17 22:09:22 ----A---- C:\Windows\system32\unrar.dll
2014-03-17 22:09:21 ----A---- C:\Windows\system32\ff_vfw.dll
2014-03-17 22:09:12 ----D---- C:\Program Files\K-Lite Codec Pack
2014-03-17 22:09:05 ----N---- C:\Windows\system32\MpSigStub.exe
2014-03-17 22:07:45 ----SHD---- C:\Windows\Installer
2014-03-17 22:07:45 ----D---- C:\Users\big\AppData\Roaming\hpqLog
2014-03-17 22:07:13 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01005.dll
2014-03-17 22:07:13 ----A---- C:\Windows\system32\drivers\HpqKbFiltr.sys
2014-03-17 22:07:12 ----RA---- C:\Windows\system32\BttnCmn.dll
2014-03-17 22:07:12 ----D---- C:\Program Files\Hewlett-Packard
2014-03-17 22:07:12 ----A---- C:\Windows\system32\BttnCmns.dll
2014-03-17 22:07:11 ----HD---- C:\Program Files\InstallShield Installation Information
2014-03-17 22:06:43 ----D---- C:\Windows\QLB
2014-03-17 22:05:17 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-03-17 22:05:17 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-03-17 22:05:17 ----A---- C:\Windows\system32\cdd.dll
2014-03-17 21:56:18 ----A---- C:\Windows\system32\TVWizudlg.exe
2014-03-17 21:56:18 ----A---- C:\Windows\system32\igfxtvcx.dll
2014-03-17 21:56:17 ----D---- C:\Windows\system32\Lang
2014-03-17 21:56:17 ----D---- C:\Program Files\Intel
2014-03-17 21:52:36 ----D---- C:\Windows\system32\x64
2014-03-17 21:52:36 ----A---- C:\Windows\system32\igxpun.exe
2014-03-17 21:51:15 ----A---- C:\Windows\system32\rdpcore.dll
2014-03-17 21:51:15 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-03-17 21:51:04 ----A---- C:\Windows\system32\cabview.dll
2014-03-17 21:50:16 ----D---- C:\Users\big\AppData\Roaming\Mozilla
2014-03-17 21:50:02 ----D---- C:\ProgramData\Mozilla
2014-03-17 21:50:01 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-03-17 21:50:01 ----D---- C:\Program Files\Mozilla Firefox
2014-03-17 21:49:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-17 21:46:36 ----A---- C:\Windows\system32\wups2.dll
2014-03-17 21:46:36 ----A---- C:\Windows\system32\wucltux.dll
2014-03-17 21:46:36 ----A---- C:\Windows\system32\wuaueng.dll
2014-03-17 21:46:36 ----A---- C:\Windows\system32\wuauclt.exe
2014-03-17 21:46:23 ----A---- C:\Windows\system32\wups.dll
2014-03-17 21:46:23 ----A---- C:\Windows\system32\wudriver.dll
2014-03-17 21:46:22 ----A---- C:\Windows\system32\wuapi.dll
2014-03-17 21:45:25 ----D---- C:\Users\big\AppData\Roaming\Macromedia
2014-03-17 21:45:25 ----D---- C:\Users\big\AppData\Roaming\Adobe
2014-03-17 21:45:18 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-03-17 21:45:17 ----D---- C:\Windows\system32\Macromed
2014-03-17 21:43:06 ----D---- C:\Users\big\AppData\Roaming\Identities
2014-03-17 21:41:37 ----SD---- C:\Users\big\AppData\Roaming\Microsoft
2014-03-17 21:41:37 ----D---- C:\Users\big\AppData\Roaming\Media Center Programs
2014-03-17 21:41:22 ----A---- C:\Windows\system32\wuwebv.dll
2014-03-17 21:41:22 ----A---- C:\Windows\system32\wuapp.exe
2014-03-17 21:40:39 ----SHD---- C:\Recovery
2014-03-17 21:40:39 ----SHD---- C:\ProgramData\Šablony
2014-03-17 21:40:39 ----SHD---- C:\ProgramData\Plocha
2014-03-17 21:40:39 ----SHD---- C:\ProgramData\Oblíbené položky
2014-03-17 21:40:39 ----SHD---- C:\ProgramData\Nabídka Start
2014-03-17 21:40:39 ----SHD---- C:\ProgramData\Dokumenty
2014-03-17 21:40:39 ----SHD---- C:\ProgramData\Data aplikací
2014-03-17 21:32:38 ----D---- C:\Windows\SoftwareDistribution
2014-03-17 21:29:49 ----D---- C:\Windows\Prefetch
2014-03-17 21:29:26 ----SHD---- C:\System Volume Information
2014-03-17 21:29:26 ----ASH---- C:\pagefile.sys
2014-03-17 21:29:26 ----ASH---- C:\hiberfil.sys
2014-03-17 21:28:55 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

2014-03-18 17:54:16 ----D---- C:\Windows\Temp
2014-03-18 17:53:56 ----RD---- C:\Program Files
2014-03-18 17:35:38 ----D---- C:\Windows\system32\config
2014-03-18 17:30:27 ----D---- C:\Windows\system32\drivers
2014-03-18 17:28:57 ----D---- C:\Windows\System32
2014-03-18 17:28:57 ----D---- C:\Windows\inf
2014-03-18 17:28:10 ----D---- C:\Windows\system32\Tasks
2014-03-18 17:28:09 ----D---- C:\Windows\Tasks
2014-03-18 17:18:54 ----HD---- C:\ProgramData
2014-03-18 17:18:16 ----D---- C:\Windows
2014-03-18 14:55:44 ----D---- C:\Windows\system32\wfp
2014-03-18 14:55:42 ----D---- C:\Windows\system32\wbem
2014-03-18 14:54:48 ----D---- C:\Windows\system32\DriverStore
2014-03-18 14:54:48 ----D---- C:\Windows\system32\catroot2
2014-03-18 14:54:46 ----D---- C:\Windows\system32\CodeIntegrity
2014-03-18 14:54:36 ----D---- C:\Windows\registration
2014-03-18 14:54:28 ----D---- C:\Windows\system32\catroot
2014-03-18 14:54:06 ----SHD---- C:\$Recycle.Bin
2014-03-18 14:52:10 ----D---- C:\Windows\Logs
2014-03-18 14:51:51 ----D---- C:\Windows\system32\NDF
2014-03-18 10:44:08 ----D---- C:\Windows\Microsoft.NET
2014-03-18 10:44:07 ----RSD---- C:\Windows\assembly
2014-03-18 10:39:30 ----D---- C:\Windows\winsxs
2014-03-18 10:36:26 ----D---- C:\Windows\system32\cs-CZ
2014-03-18 10:36:26 ----D---- C:\Program Files\Common Files\System
2014-03-18 10:36:24 ----D---- C:\Windows\AppPatch
2014-03-18 10:36:24 ----D---- C:\Program Files\Windows Mail
2014-03-18 10:36:23 ----RSD---- C:\Windows\Fonts
2014-03-18 10:36:23 ----D---- C:\Windows\ehome
2014-03-18 10:36:17 ----D---- C:\Program Files\Windows Journal
2014-03-18 10:36:14 ----D---- C:\Windows\system32\Boot
2014-03-18 10:36:12 ----D---- C:\Program Files\Windows Media Player
2014-03-18 10:36:06 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-03-18 10:35:59 ----D---- C:\Program Files\Internet Explorer
2014-03-18 10:35:57 ----D---- C:\Windows\system32\migration
2014-03-18 10:35:57 ----D---- C:\Windows\system32\en-US
2014-03-18 10:35:57 ----D---- C:\Windows\PolicyDefinitions
2014-03-17 22:17:29 ----D---- C:\Program Files\Common Files
2014-03-17 22:00:24 ----SD---- C:\ProgramData\Microsoft
2014-03-17 22:00:21 ----D---- C:\Windows\system32\drivers\UMDF
2014-03-17 21:57:44 ----D---- C:\Windows\system32\wdi
2014-03-17 21:45:25 ----D---- C:\Windows\Downloaded Program Files
2014-03-17 21:41:35 ----RD---- C:\Users
2014-03-17 21:40:54 ----D---- C:\Windows\system32\restore
2014-03-17 21:40:39 ----D---- C:\Windows\system32\Recovery
2014-03-17 21:40:39 ----D---- C:\Program Files\Windows NT
2014-03-17 21:36:57 ----D---- C:\Windows\rescache
2014-03-17 21:36:27 ----D---- C:\Windows\debug
2014-03-17 21:33:54 ----D---- C:\Windows\system32\sysprep
2014-03-17 21:30:23 ----D---- C:\Windows\CSC
2014-03-17 21:28:29 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-13 211456]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RICOH SmartCard Reader;RICOH SmartCard Reader; C:\Windows\system32\DRIVERS\rismc32.sys [2006-10-03 47488]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-03-03 2454816]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

[vyosek]

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

[snnoop]

já mám od kámoše a říkal že jsem aktivovaný ,já jsem v Německu a vůbec se v tom nevyznám jen co znám je reinstal pc

[vyosek]

Aktivovany neznamena legalni - od toho jsou prave cracky a aktivatory...Takovych "kamaradu" znam hodne, co Vam daji system, je jim jedno jaky a klidne Vas vedomne vystavi riziku trestniho stihani za nelegalni system

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[snnoop]

To je krásný já mu dal za ně 150 euro a jsou na uložto a na fastshare pod heslem,prej aby se knim nikdo nedostal jenom já to heslo mám .Takže mám ty falešný to je hajzl a dobře zná mou situaci,že se v tom vůbec nevyznám.No nevadí já si to sním vyříkám,ted koncem měsíce jedu dom.

[vyosek]

Nechci soudit predcasne, udelejte prosim OTL a budeme chytrejsi jak na tom Vase Windows jsou...Ja to bral ted obecne, ze tu bylo uz hodne lidi co meli "kamarady"...

Cena by odpovidala licenci, ktera je bezna na trhu, ale je mozne ze si ji jen nasadil dle internetu...

Uvidime co rekne OTL...

[snnoop]

OTL logfile created on: 18.3.2014 18:48:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\big\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,58 Gb Available Physical Memory | 39,11% Memory free
2,98 Gb Paging File | 1,87 Gb Available in Paging File | 62,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 52,83 Gb Free Space | 70,98% Space Free | Partition Type: NTFS
Drive E: | 14,70 Gb Total Space | 14,02 Gb Free Space | 95,35% Space Free | Partition Type: FAT32

Computer Name: BIG-BIG-PC | User Name: big | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.03.18 18:25:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\big\Desktop\OTL.exe
PRC - [2014.03.03 14:32:36 | 004,620,064 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2014.03.03 14:32:36 | 003,008,800 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
PRC - [2014.03.03 14:32:36 | 002,454,816 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2014.02.13 01:36:25 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009.11.11 14:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2014.02.13 01:36:39 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV - [2014.03.03 14:32:36 | 002,454,816 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014.02.13 01:36:33 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.05.13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011.05.13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.02.25 00:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.07.13 23:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2009.04.29 07:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.10.03 01:07:00 | 000,047,488 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rismc32.sys -- (RICOH SmartCard Reader)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovigo.com/?gd=&ctid=CT3314 ... 43F5&SSPV=
IE - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a%404bb97481-aead-4c2e-a62b-e25e264651bb.com:0.93.44
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3m
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014.03.17 21:50:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\big\AppData\Roaming\Mozilla\Extensions
[2014.03.18 17:24:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\extensions
[2014.03.18 13:07:58 | 000,347,599 | ---- | M] () (No name found) -- C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\extensions\translator@dontfollowme.net.xpi
[2014.03.18 13:06:54 | 000,060,307 | ---- | M] () (No name found) -- C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\extensions\translator@zoli.bod.xpi
[2014.03.18 08:27:01 | 000,000,980 | ---- | M] () -- C:\Users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\searchplugins\conduit-search.xml
[2014.03.17 21:50:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.03.17 21:50:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\BIG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G8A46TEO.DEFAULT\EXTENSIONS\B1AC2FF7-8E51-4BB6-8BF8-87F1D567919A@4BB97481-AEAD-4C2E-A62B-E25E264651BB.COM

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKU\S-1-5-21-776073097-1473087821-1952639389-1001..\Run: [8e3bc91142bd8d798a10a1667ae4d2be] "C:\Users\big\AppData\Local\Temp\Skype.exe" .. File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKU\S-1-5-21-776073097-1473087821-1952639389-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F9C547B-56C3-4507-8598-E94242203DF6}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.03.18 18:25:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\big\Desktop\OTL.exe
[2014.03.18 17:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.03.18 17:53:56 | 000,000,000 | ---D | C] -- C:\rsit
[2014.03.18 17:42:05 | 000,000,000 | ---D | C] -- C:\UsbFix
[2014.03.18 17:41:40 | 001,144,875 | ---- | C] (El Desaparecido - SosVirus.net) -- C:\Users\big\Desktop\UsbFix.exe
[2014.03.18 17:19:07 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Malwarebytes
[2014.03.18 17:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.03.18 17:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.03.18 17:18:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014.03.18 17:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.03.18 17:18:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014.03.18 17:14:02 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\big\Desktop\mbam-setup-1.75.0.1300.exe
[2014.03.18 15:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Helper
[2014.03.18 15:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Helper
[2014.03.18 14:56:10 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\SearchProtect
[2014.03.18 14:42:20 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Microsoft Games
[2014.03.18 14:31:08 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Diagnostics
[2014.03.18 14:16:45 | 000,000,000 | ---D | C] -- C:\Users\big\Desktop\Moje Anvald
[2014.03.18 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\ElevatedDiagnostics
[2014.03.18 14:05:57 | 000,000,000 | ---D | C] -- C:\Intel
[2014.03.18 13:37:40 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Flashmedia
[2014.03.18 13:36:43 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\WinRAR
[2014.03.18 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.03.18 13:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.03.18 13:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014.03.18 13:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2014.03.18 13:17:30 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\vlc
[2014.03.18 12:52:07 | 000,000,000 | ---D | C] -- C:\Users\big\Desktop\win 7
[2014.03.18 09:20:54 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014.03.18 09:20:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014.03.18 09:09:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2014.03.18 09:09:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2014.03.18 09:09:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014.03.18 08:44:53 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014.03.18 08:44:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2014.03.18 08:43:54 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2014.03.18 08:43:54 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2014.03.18 08:43:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2014.03.18 08:40:50 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014.03.18 08:40:50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.03.18 08:40:50 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.03.18 08:40:50 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.03.18 08:40:50 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014.03.18 08:40:50 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.03.18 08:40:50 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014.03.18 08:40:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014.03.18 08:40:50 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.03.18 08:40:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.03.18 08:40:50 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.03.18 08:40:50 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014.03.18 08:40:50 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014.03.18 08:40:50 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014.03.18 08:40:50 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2014.03.18 08:40:50 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014.03.18 08:40:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014.03.18 08:40:50 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014.03.18 08:40:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014.03.18 08:40:50 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014.03.18 08:40:50 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.03.18 08:40:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.03.18 08:40:50 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.03.18 08:40:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014.03.18 08:40:50 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014.03.18 08:40:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.03.18 08:40:50 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014.03.18 08:40:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014.03.18 08:40:49 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.03.18 08:40:49 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.03.18 08:40:49 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2014.03.18 08:40:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2014.03.18 08:40:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.03.18 08:40:49 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014.03.18 08:40:49 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2014.03.18 08:40:49 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014.03.18 08:40:49 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014.03.18 08:38:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2014.03.18 08:33:12 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014.03.17 23:28:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014.03.17 23:28:06 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014.03.17 23:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2014.03.17 23:23:51 | 000,000,000 | R--D | C] -- C:\Users\big\Desktop\vypinac
[2014.03.17 22:41:30 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.03.17 22:41:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2014.03.17 22:41:13 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2014.03.17 22:40:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2014.03.17 22:40:36 | 003,958,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014.03.17 22:40:36 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014.03.17 22:40:35 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2014.03.17 22:40:19 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014.03.17 22:40:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014.03.17 22:39:50 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2014.03.17 22:39:50 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2014.03.17 22:39:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2014.03.17 22:39:50 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2014.03.17 22:39:49 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2014.03.17 22:39:45 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2014.03.17 22:39:45 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2014.03.17 22:39:45 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2014.03.17 22:39:45 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2014.03.17 22:39:11 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014.03.17 22:39:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014.03.17 22:38:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2014.03.17 22:38:15 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2014.03.17 22:38:15 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2014.03.17 22:38:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2014.03.17 22:38:05 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014.03.17 22:38:03 | 000,187,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014.03.17 22:37:16 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2014.03.17 22:37:15 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014.03.17 22:37:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2014.03.17 22:37:07 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014.03.17 22:37:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014.03.17 22:36:46 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2014.03.17 22:36:45 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2014.03.17 22:36:45 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2014.03.17 22:36:22 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2014.03.17 22:36:21 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014.03.17 22:36:06 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014.03.17 22:35:57 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2014.03.17 22:35:57 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2014.03.17 22:35:57 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2014.03.17 22:35:57 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2014.03.17 22:35:57 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2014.03.17 22:35:57 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2014.03.17 22:35:57 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2014.03.17 22:35:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2014.03.17 22:35:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2014.03.17 22:35:57 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2014.03.17 22:35:56 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014.03.17 22:35:56 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2014.03.17 22:35:55 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2014.03.17 22:35:55 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2014.03.17 22:35:55 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2014.03.17 22:35:55 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2014.03.17 22:35:24 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014.03.17 22:35:23 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014.03.17 22:35:22 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014.03.17 22:35:16 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2014.03.17 22:35:16 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014.03.17 22:35:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2014.03.17 22:35:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2014.03.17 22:34:59 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2014.03.17 22:34:58 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014.03.17 22:34:56 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014.03.17 22:34:56 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014.03.17 22:34:56 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014.03.17 22:34:56 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014.03.17 22:34:56 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014.03.17 22:34:56 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014.03.17 22:34:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014.03.17 22:34:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014.03.17 22:34:51 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014.03.17 22:34:51 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014.03.17 22:34:51 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014.03.17 22:34:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014.03.17 22:34:51 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014.03.17 22:34:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2014.03.17 22:34:24 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2014.03.17 22:34:23 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2014.03.17 22:34:10 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2014.03.17 22:34:05 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014.03.17 22:33:40 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2014.03.17 22:33:39 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014.03.17 22:33:39 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014.03.17 22:33:19 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2014.03.17 22:33:19 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2014.03.17 22:33:19 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2014.03.17 22:33:19 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2014.03.17 22:33:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2014.03.17 22:33:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2014.03.17 22:33:11 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2014.03.17 22:33:09 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2014.03.17 22:33:03 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014.03.17 22:32:47 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2014.03.17 22:32:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2014.03.17 22:32:47 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2014.03.17 22:32:47 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2014.03.17 22:32:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2014.03.17 22:32:41 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014.03.17 22:32:40 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014.03.17 22:32:40 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014.03.17 22:32:40 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014.03.17 22:32:39 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014.03.17 22:32:32 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014.03.17 22:32:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2014.03.17 22:32:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014.03.17 22:32:13 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2014.03.17 22:32:13 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2014.03.17 22:32:10 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2014.03.17 22:24:41 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Macromedia
[2014.03.17 22:23:43 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Adobe
[2014.03.17 22:17:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014.03.17 22:17:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014.03.17 22:17:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014.03.17 22:16:23 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014.03.17 22:16:23 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014.03.17 22:16:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2014.03.17 22:16:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2014.03.17 22:16:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2014.03.17 22:16:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2014.03.17 22:16:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2014.03.17 22:16:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2014.03.17 22:16:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2014.03.17 22:16:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2014.03.17 22:16:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2014.03.17 22:16:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2014.03.17 22:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014.03.17 22:14:47 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2014.03.17 22:14:47 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2014.03.17 22:14:47 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2014.03.17 22:14:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2014.03.17 22:14:47 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2014.03.17 22:14:47 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2014.03.17 22:14:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2014.03.17 22:14:46 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2014.03.17 22:14:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2014.03.17 22:14:46 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2014.03.17 22:14:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2014.03.17 22:14:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2014.03.17 22:14:45 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2014.03.17 22:14:44 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2014.03.17 22:14:44 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2014.03.17 22:14:43 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2014.03.17 22:14:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2014.03.17 22:14:43 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2014.03.17 22:14:43 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2014.03.17 22:14:43 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2014.03.17 22:14:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2014.03.17 22:14:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2014.03.17 22:14:43 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2014.03.17 22:14:43 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2014.03.17 22:14:42 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2014.03.17 22:14:42 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2014.03.17 22:14:42 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2014.03.17 22:14:42 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2014.03.17 22:14:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2014.03.17 22:14:41 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2014.03.17 22:14:41 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2014.03.17 22:14:41 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2014.03.17 22:14:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2014.03.17 22:14:41 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2014.03.17 22:14:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2014.03.17 22:14:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2014.03.17 22:14:41 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2014.03.17 22:14:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2014.03.17 22:14:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2014.03.17 22:14:40 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2014.03.17 22:14:40 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2014.03.17 22:14:40 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2014.03.17 22:14:40 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2014.03.17 22:14:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2014.03.17 22:14:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2014.03.17 22:14:40 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2014.03.17 22:14:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2014.03.17 22:14:39 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2014.03.17 22:14:39 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2014.03.17 22:14:39 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2014.03.17 22:14:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2014.03.17 22:14:39 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2014.03.17 22:14:38 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2014.03.17 22:14:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2014.03.17 22:14:37 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2014.03.17 22:14:37 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2014.03.17 22:14:36 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2014.03.17 22:14:36 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2014.03.17 22:14:36 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2014.03.17 22:14:36 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2014.03.17 22:14:35 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2014.03.17 22:14:35 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2014.03.17 22:14:35 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2014.03.17 22:14:35 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2014.03.17 22:14:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2014.03.17 22:14:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2014.03.17 22:14:35 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2014.03.17 22:14:35 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2014.03.17 22:14:35 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2014.03.17 22:14:35 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2014.03.17 22:14:34 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2014.03.17 22:14:34 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2014.03.17 22:14:34 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2014.03.17 22:14:34 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2014.03.17 22:14:33 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2014.03.17 22:14:33 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2014.03.17 22:14:33 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2014.03.17 22:14:33 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2014.03.17 22:14:33 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2014.03.17 22:14:33 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2014.03.17 22:14:33 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2014.03.17 22:14:33 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2014.03.17 22:14:27 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2014.03.17 22:14:26 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2014.03.17 22:14:26 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2014.03.17 22:14:26 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2014.03.17 22:14:26 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2014.03.17 22:14:26 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2014.03.17 22:14:26 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2014.03.17 22:14:25 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2014.03.17 22:14:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2014.03.17 22:11:24 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Skype
[2014.03.17 22:11:00 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Skype
[2014.03.17 22:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.03.17 22:10:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014.03.17 22:10:41 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2014.03.17 22:10:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014.03.17 22:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2014.03.17 22:09:23 | 003,649,536 | ---- | C] (x264vfw project) -- C:\Windows\System32\x264vfw.dll
[2014.03.17 22:09:23 | 000,122,880 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2014.03.17 22:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2014.03.17 22:09:05 | 000,231,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014.03.17 22:08:52 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Programs
[2014.03.17 22:07:45 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014.03.17 22:07:45 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\hpqLog
[2014.03.17 22:07:13 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wdfcoinstaller01005.dll
[2014.03.17 22:07:13 | 000,015,872 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys
[2014.03.17 22:07:12 | 001,885,488 | R--- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmn.dll
[2014.03.17 22:07:12 | 001,885,488 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmns.dll
[2014.03.17 22:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2014.03.17 22:07:11 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014.03.17 22:06:43 | 000,000,000 | ---D | C] -- C:\Windows\QLB
[2014.03.17 22:05:17 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2014.03.17 22:05:17 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014.03.17 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\big\Desktop\Nová složka
[2014.03.17 21:56:18 | 000,398,336 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWizudlg.exe
[2014.03.17 21:56:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2014.03.17 21:56:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014.03.17 21:52:36 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe
[2014.03.17 21:52:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2014.03.17 21:51:15 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2014.03.17 21:50:16 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Mozilla
[2014.03.17 21:50:16 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Mozilla
[2014.03.17 21:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.03.17 21:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014.03.17 21:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014.03.17 21:46:36 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014.03.17 21:46:36 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014.03.17 21:46:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014.03.17 21:46:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014.03.17 21:46:22 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014.03.17 21:45:25 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Macromedia
[2014.03.17 21:45:25 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Adobe
[2014.03.17 21:45:18 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.03.17 21:45:18 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014.03.17 21:45:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014.03.17 21:43:17 | 000,000,000 | R--D | C] -- C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.03.17 21:43:17 | 000,000,000 | R--D | C] -- C:\Users\big\Searches
[2014.03.17 21:43:17 | 000,000,000 | R--D | C] -- C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.03.17 21:43:06 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Identities
[2014.03.17 21:42:00 | 000,000,000 | R--D | C] -- C:\Users\big\Contacts
[2014.03.17 21:41:44 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\VirtualStore
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\AppData\Local\Temporary Internet Files
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Šablony
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Soubory cookie
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\SendTo
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Poslední
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Okolní tiskárny
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Okolní síť
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Documents\Obrázky
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Nabídka Start
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Local Settings
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Documents\Hudba
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\AppData\Local\History
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Documents\Filmy
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Dokumenty
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\Data aplikací
[2014.03.17 21:41:38 | 000,000,000 | -HSD | C] -- C:\Users\big\AppData\Local\Data aplikací
[2014.03.17 21:41:37 | 000,000,000 | --SD | C] -- C:\Users\big\AppData\Roaming\Microsoft
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Videos
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Saved Games
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Pictures
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Music
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Links
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Favorites
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Downloads
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Documents
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\Desktop
[2014.03.17 21:41:37 | 000,000,000 | R--D | C] -- C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.03.17 21:41:37 | 000,000,000 | -H-D | C] -- C:\Users\big\AppData
[2014.03.17 21:41:37 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Temp
[2014.03.17 21:41:37 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Local\Microsoft
[2014.03.17 21:41:37 | 000,000,000 | ---D | C] -- C:\Users\big\AppData\Roaming\Media Center Programs
[2014.03.17 21:41:22 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014.03.17 21:41:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014.03.17 21:40:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014.03.17 21:32:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014.03.17 21:29:49 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014.03.17 21:29:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014.03.17 21:28:55 | 000,000,000 | ---D | C] -- C:\Windows\Panther

========== Files - Modified Within 7 Days ==========

[2014.03.18 18:50:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.03.18 18:50:46 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.18 18:50:46 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.18 18:48:12 | 000,622,660 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.03.18 18:48:12 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.03.18 18:48:12 | 000,118,810 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.03.18 18:48:12 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.03.18 18:43:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.18 18:43:11 | 1201,119,232 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.18 18:25:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\big\Desktop\OTL.exe
[2014.03.18 17:53:28 | 000,781,383 | ---- | M] () -- C:\Users\big\Desktop\RSIT.exe
[2014.03.18 17:41:43 | 001,144,875 | ---- | M] (El Desaparecido - SosVirus.net) -- C:\Users\big\Desktop\UsbFix.exe
[2014.03.18 17:30:15 | 000,000,017 | ---- | M] () -- C:\Users\big\AppData\Roaming\mbam.context.scan
[2014.03.18 17:18:55 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.03.18 17:14:16 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\big\Desktop\mbam-setup-1.75.0.1300.exe
[2014.03.18 17:11:45 | 755,855,360 | ---- | M] () -- C:\Users\big\Desktop\Scary Movie 5 Scary Movie 5 (2013).avi
[2014.03.18 16:09:51 | 734,355,456 | ---- | M] () -- C:\Users\big\Desktop\ahyb.avi
[2014.03.18 15:35:42 | 000,001,134 | ---- | M] () -- C:\Users\big\Desktop\PDF to DOC.lnk
[2014.03.18 10:38:26 | 000,268,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.03.18 08:40:50 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014.03.18 08:40:50 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.03.18 08:40:50 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.03.18 08:40:50 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014.03.18 08:40:50 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014.03.18 08:40:50 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014.03.18 08:40:50 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014.03.18 08:40:50 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014.03.18 08:40:50 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014.03.18 08:40:50 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.03.18 08:40:50 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014.03.18 08:40:50 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014.03.18 08:40:50 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014.03.18 08:40:50 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014.03.18 08:40:50 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2014.03.18 08:40:50 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014.03.18 08:40:50 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014.03.18 08:40:50 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014.03.18 08:40:50 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014.03.18 08:40:50 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014.03.18 08:40:50 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014.03.18 08:40:50 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014.03.18 08:40:50 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014.03.18 08:40:50 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.03.18 08:40:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014.03.18 08:40:50 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014.03.18 08:40:50 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014.03.18 08:40:50 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014.03.18 08:40:50 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014.03.18 08:40:49 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.03.18 08:40:49 | 001,806,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.03.18 08:40:49 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2014.03.18 08:40:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2014.03.18 08:40:49 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.03.18 08:40:49 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014.03.18 08:40:49 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2014.03.18 08:40:49 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014.03.18 08:40:49 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014.03.17 23:28:30 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014.03.17 22:24:22 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.03.17 22:24:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014.03.17 22:17:50 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.03.17 22:10:42 | 000,002,719 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.03.17 22:00:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.03.17 21:50:05 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.03.17 21:34:26 | 000,061,655 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2014.03.18 18:29:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.03.18 17:53:27 | 000,781,383 | ---- | C] () -- C:\Users\big\Desktop\RSIT.exe
[2014.03.18 17:30:15 | 000,000,017 | ---- | C] () -- C:\Users\big\AppData\Roaming\mbam.context.scan
[2014.03.18 17:18:55 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.03.18 16:17:16 | 755,855,360 | ---- | C] () -- C:\Users\big\Desktop\Scary Movie 5 Scary Movie 5 (2013).avi
[2014.03.18 15:35:42 | 000,001,134 | ---- | C] () -- C:\Users\big\Desktop\PDF to DOC.lnk
[2014.03.18 15:16:31 | 734,355,456 | ---- | C] () -- C:\Users\big\Desktop\ahyb.avi
[2014.03.18 08:44:54 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014.03.18 08:43:54 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014.03.18 08:40:50 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014.03.17 23:28:30 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014.03.17 22:17:50 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014.03.17 22:17:50 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014.03.17 22:10:42 | 000,002,719 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.03.17 22:09:23 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014.03.17 22:09:23 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014.03.17 22:09:23 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2014.03.17 22:09:22 | 000,218,200 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2014.03.17 22:09:21 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014.03.17 22:00:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.03.17 21:56:18 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2014.03.17 21:56:18 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2014.03.17 21:50:05 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.03.17 21:50:05 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.03.17 21:43:21 | 000,001,393 | ---- | C] () -- C:\Users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.03.17 21:34:16 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014.03.17 21:34:05 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014.03.17 21:29:26 | 1201,119,232 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.03.18 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Flashmedia

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,002,908 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2347e1c1efb91df2d1b80df333ec27b3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2347e1c1efb91df2d1b80df333ec27b3\*.tmp -> ]
[13 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.03.18 15:37:01 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Adobe
[2014.03.18 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Flashmedia
[2014.03.17 22:07:45 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\hpqLog
[2014.03.17 21:43:06 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Identities
[2014.03.17 21:45:25 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Macromedia
[2014.03.18 17:19:07 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Malwarebytes
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Media Center Programs
[2014.03.18 13:37:53 | 000,000,000 | --SD | M] -- C:\Users\big\AppData\Roaming\Microsoft
[2014.03.17 21:50:20 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Mozilla
[2014.03.18 17:14:30 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\Skype
[2014.03.18 16:22:33 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\vlc
[2014.03.18 13:36:43 | 000,000,000 | ---D | M] -- C:\Users\big\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014.03.18 13:37:40 | 000,206,336 | ---- | M] () -- C:\Users\big\AppData\Roaming\Flashmedia\drvgenipro.exe
[2014.03.18 13:37:51 | 014,107,008 | ---- | M] (Driver-Soft Inc. ) -- C:\Users\big\AppData\Roaming\Flashmedia\drvgenpro.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.03.18 18:50:46 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.18 18:50:46 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.18 08:40:49 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll
[2014.03.18 08:40:50 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2014.03.18 08:40:50 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2014.03.17 22:24:22 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.03.17 22:24:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2014.03.18 10:38:26 | 000,268,520 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2014.03.18 08:40:50 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2014.03.18 08:40:50 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2014.03.18 08:40:50 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2014.03.18 08:40:50 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2014.03.18 08:40:50 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll
[2014.03.18 08:40:49 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll
[2014.03.18 08:40:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll
[2014.03.18 08:40:50 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2014.03.18 08:40:50 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2014.03.18 08:40:50 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2014.03.18 08:40:50 | 009,739,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2014.03.18 08:40:49 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2014.03.18 08:40:50 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2014.03.18 08:40:50 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2014.03.18 08:40:50 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2014.03.18 08:40:50 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2014.03.18 08:40:50 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2014.03.18 08:40:50 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2014.03.18 08:40:49 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2014.03.18 08:40:50 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2014.03.18 08:40:49 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2014.03.18 08:40:50 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2014.03.18 08:40:50 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2014.03.18 08:40:49 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2014.03.18 08:40:49 | 001,806,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2014.03.18 08:40:50 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2014.03.17 21:34:26 | 000,061,655 | ---- | M] () -- C:\Windows\system32\license.rtf
[2014.03.18 08:40:50 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2014.03.18 08:40:50 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2014.03.18 08:40:50 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2014.03.18 08:40:50 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2014.03.18 08:40:49 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2014.03.18 08:40:50 | 012,347,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2014.03.18 08:40:49 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2014.03.18 08:40:50 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2014.03.18 08:40:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2014.03.18 08:40:50 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2014.03.18 08:40:50 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2014.03.18 08:40:49 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2014.03.18 18:48:12 | 000,118,810 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.03.18 18:48:12 | 000,103,568 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.03.18 18:48:12 | 000,622,660 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.03.18 18:48:12 | 000,607,190 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.03.18 18:48:12 | 001,445,734 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2014.03.18 08:40:49 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2014.03.18 08:40:50 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2014.03.18 08:40:50 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2014.03.18 08:40:50 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2014.03.18 08:40:50 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2014.03.18 08:40:50 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2014.03.18 08:40:50 | 000,421,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2014.03.18 08:40:50 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2014.03.18 08:40:50 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2014.03.18 08:40:50 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"8e3bc91142bd8d798a10a1667ae4d2be" = "C:\Users\big\AppData\Local\Temp\Skype.exe" ..

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.02.13 01:36:25 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=D9184C5FF3FD526761D518A95ABA74A3 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.03.18 08:40:50 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=10EB5C0E376727E21198B14E2F1637F7 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.03.18 18:50:48 | 000,000,512 | ---- | M] () MD5=1537ADBC57CDB62801C2190D93C36758 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.03.18 13:36:43 | 000,000,802 | ---- | M] () -- \Users\big\AppData\Roaming\Microsoft\Windows\Recent\Driver-Genius-Professional-14.0.323-Build-6050-Final+Crack.lnk

< *keygen* /s >

< *loader* /s >
[2014.03.03 14:32:36 | 001,050,912 | ---- | M] () -- \Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
[2014.03.03 14:32:36 | 001,355,040 | ---- | M] () -- \Program Files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
[2014.03.18 16:29:04 | 000,112,122 | ---- | M] () -- \Users\big\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E53Q5MW\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.03.17 22:23:48 | 000,001,174 | ---- | M] () -- \Users\big\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E53Q5MW\downloader[1].js
[2014.03.17 23:26:13 | 000,003,032 | ---- | M] () -- \Users\big\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\81XKHW2N\loader[1].gif
[2014.03.17 23:28:39 | 000,145,054 | ---- | M] () -- \Users\big\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\81XKHW2N\monetizationLoader[1].js
[2014.03.18 16:29:03 | 000,001,870 | ---- | M] () -- \Users\big\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0ROPAC0\AdLoader[1].htm
[2014.03.17 22:23:48 | 000,000,723 | ---- | M] () -- \Users\big\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0ROPAC0\downloaderror[1].js
[2014.03.17 21:44:38 | 000,003,061 | ---- | M] () -- \Users\big\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XRC6RQ8P\rmsloaderdelayeddiv[1].js
[2014.01.28 19:35:56 | 000,072,638 | ---- | M] () -- \Users\big\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 19:35:56 | 000,003,032 | ---- | M] () -- \Users\big\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 19:35:56 | 000,006,012 | ---- | M] () -- \Users\big\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 19:35:56 | 000,021,956 | ---- | M] () -- \Users\big\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 19:35:56 | 000,009,772 | ---- | M] () -- \Users\big\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.03.17 23:26:49 | 000,066,368 | ---- | M] () -- \Users\big\AppData\Local\Temp\sp_downloader.exe
[23 \Users\big\AppData\Local\Temp\*.tmp files -> \Users\big\AppData\Local\Temp\*.tmp -> ]
[2014.03.17 21:11:57 | 000,223,744 | ---- | M] () -- \Users\big\Desktop\win 7\sources\upgloader.dll
[2014.03.17 21:02:54 | 002,202,645 | ---- | M] () -- \Users\big\Desktop\win 7\sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe
[2014.03.17 21:03:19 | 000,024,064 | ---- | M] () -- \Users\big\Desktop\win 7\sources\cs-cz\upgloader.dll.mui
[2014.03.17 23:27:00 | 000,050,584 | ---- | M] () -- \Windows\Prefetch\SP_DOWNLOADER.EXE-5E46A1E0.pf
[2014.03.17 21:40:52 | 000,036,254 | ---- | M] () -- \Windows\Prefetch\WINDOWS7LOADER.EXE-9E01DBAC.pf
[2014.03.17 21:02:54 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\ad7b8cfdb711865249ce6247b8e8e8d1\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.03.18 18:00:07 | 000,003,528 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2014.03.18 08:56:32 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2014.03.18 08:56:32 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2014.03.18 08:56:32 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[snnoop]

OTL Extras logfile created on: 18.3.2014 18:48:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\big\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,58 Gb Available Physical Memory | 39,11% Memory free
2,98 Gb Paging File | 1,87 Gb Available in Paging File | 62,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 52,83 Gb Free Space | 70,98% Space Free | Partition Type: NTFS
Drive E: | 14,70 Gb Total Space | 14,02 Gb Free Space | 95,35% Space Free | Partition Type: FAT32

Computer Name: BIG-BIG-PC | User Name: big | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-776073097-1473087821-1952639389-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{053FBD7D-B249-433B-9DDF-571228583054}" = rport=137 | protocol=17 | dir=out | app=system |
"{21B51DE7-59FB-4C8E-B661-19DFBB1424EA}" = lport=139 | protocol=6 | dir=in | app=system |
"{2CCD6DD4-0D31-4F38-9F63-8C2B1A31A440}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2FB789B9-AC2A-4CC4-AD5B-950888B9DB5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{34DAF363-B083-46BC-9ABD-976595589FF1}" = rport=138 | protocol=17 | dir=out | app=system |
"{4186D06E-EC12-4139-952C-FB047B0BD5A4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42B4BC3D-8857-4E7D-97B9-A9AE997BB400}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44E2D950-305D-44F7-A76B-235CC3C4F603}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4B0054F2-406A-41DA-B598-7AB6E7F7E779}" = lport=445 | protocol=6 | dir=in | app=system |
"{4E3E63DA-7D80-44EB-BAC6-FB471EDD9B3E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{502922EE-F347-4D20-A9CC-685709A87CEF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{508ACBB9-6F75-40EE-B5D9-9BF865D9A3E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{675EC9EE-7C6C-4679-A7FC-1C5271E540EA}" = rport=139 | protocol=6 | dir=out | app=system |
"{89447C00-0248-481F-ABFF-11A8FBC87FBD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A9BD7CF5-DFA2-492C-81AE-ADA4E9038043}" = lport=137 | protocol=17 | dir=in | app=system |
"{C264FAFE-98A8-4931-B17D-3093BDBA73E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CB1A0AF3-D40B-4869-BD55-D1CD4AAF12CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{DE9D6F3F-DF90-4E8B-A286-3F1652D7E28D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E7FE31A9-A940-43A3-A5FE-D86354ABA8EF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E8C512CF-3C8D-433F-9413-CEE0BBD1438F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F065CB6D-BEB0-4710-978B-C06E37194FFD}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006E1EAB-01A5-4752-BF35-78E0C4BDC8FA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{04B6A59B-54F9-4DDF-95DA-3422C1A07AF1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{05165C1F-1285-46C5-A77B-332974DD0C0B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{13FD2572-09DD-4EA6-A09D-688CB813B549}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{16AB265D-F5A2-4ABA-9437-155DADE3CD9C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{21410DE3-D113-4517-90DE-87B32A437C61}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{368A1685-86A7-481E-B6A8-7C0819A78B20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{496C5EFE-F214-4F74-BD77-320A11365081}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6513EDCD-5C3B-4AFC-89FE-6E67084573CF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{71504C11-C4C2-479C-8C3B-D6D9F8C8149B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB8AAACD-9AFD-460B-872F-DBE511EDB51D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D473DF3F-E39A-4832-A968-E3B6B44C8090}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D885F3A3-EEB9-49F6-9062-1DD92A65CBCE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8BC93D2-5065-43BD-96BD-5A2FC1F6A5A2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1CA88FE-6E0C-4863-99DE-EC2C4B7A4D0D}" = protocol=6 | dir=in | app=c:\users\big\appdata\local\temp\skype.exe |
"{E930E537-457F-41DF-8D0B-6A5107233D31}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F4B921DA-FEB4-4715-8433-21117E0F508E}" = protocol=17 | dir=in | app=c:\users\big\appdata\local\temp\skype.exe |
"{F6311D66-C45A-4577-9893-A961F61FE713}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB3F78DB-8B90-4EEE-907A-1DDC58E4C19C}" = protocol=6 | dir=out | app=system |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.3.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDF to DOC_is1" = PDF to DOC 3.0
"SearchProtect" = Search Protect
"TVWiz" = Intel(R) TV Wizard
"Usbfix" = UsbFix By El Desaparecido
"VLC media player" = VLC media player 2.1.3
"WinRAR archiver" = WinRAR 5.01 (32-bit)

========== Last 20 Event Log Errors ==========

Error - 18.3.2014 12:19:53 | Computer Name = big-big-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mbam.exe, verze: 1.75.0.1, časové razítko:
0x511f8eb2 Název chybujícího modulu: mbamnet.DLL, verze: 1.70.0.0, časové razítko:
0x512fc02d Kód výjimky: 0xc0000005 Posun chyby: 0x0000af39 ID chybujícího procesu:
0x890 Čas spuštění chybující aplikace: 0x01cf42c5d991bcf6 Cesta k chybující aplikaci:
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe Cesta k chybujícímu modulu:
C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.DLL ID zprávy: 22cd27b8-aeb9-11e3-90ea-001eec15afd0

Error - 18.3.2014 13:41:51 | Computer Name = big-big-PC | Source = Application Hang | ID = 1002
Description = Program OTL.exe verze 3.2.69.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 4a8 Čas
spuštění: 01cf42cf116346b6 Čas ukončení: 5 Cesta k aplikaci: C:\Users\big\Desktop\OTL.exe

ID
hlášení: 8e939c29-aec4-11e3-96a8-001eec15afd0

[ System Events ]
Error - 18.3.2014 3:26:27 | Computer Name = big-big-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.3.2014 3:26:28 | Computer Name = big-big-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.3.2014 3:26:29 | Computer Name = big-big-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.3.2014 4:22:55 | Computer Name = big-big-PC | Source = Service Control Manager | ID = 7043
Description = Služba Instalační služba modulů systému Windows se po přijetí pokynu
pro vypnutí neukončila správně.

Error - 18.3.2014 5:39:58 | Computer Name = big-big-PC | Source = Service Control Manager | ID = 7023
Description = Služba Instalační služba modulů systému Windows byla ukončena s následující
chybou: %%16405

Error - 18.3.2014 5:42:27 | Computer Name = big-big-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80242016): Aktualizace pro seznam Kompatibilní zobrazení aplikace
Internet Explorer 8 pro systém Windows 7 (KB2598845).

Error - 18.3.2014 5:42:27 | Computer Name = big-big-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80242016): Aktualizace systému Windows 7 (KB2703157).

Error - 18.3.2014 7:55:38 | Computer Name = big-big-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.3.2014 7:55:38 | Computer Name = big-big-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.3.2014 7:55:39 | Computer Name = big-big-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.


< End of report >

[vyosek]

Tak kamarad na Vas hezky vydelal V logu jsou jasne patrne stopy nelagalni aktivace

[snnoop]

Nu což já stejně budu kupovat v červnu novej tento mám hodně dlouho. Ted musím vyřešit tu flešku ,budete tak moc hodný?Ale jemu to nedaruji to se nedělá...Doufám,že mne tu pomůžete a vyřešíme tu záhadu,proč nebo co se to děje

[vyosek]

Nelegalnimi systemy se tu nezabyvame, ale tak primhourim oko, jelikoz jste v tom nevinne

Pripojte flash disk

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[snnoop]

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/18/2014 08:27:16 PM in x86 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe (PID: 3096) [Win32/Conduit.SearchProtect.B]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 03/18/2014 08:30:13 PM
Execution time: 0 hours(s), 2 minute(s), and 56 seconds(s)

[vyosek]

Jeste si pockam na log z ComboFixu

[snnoop]

ComboFix 14-03-16.01 - big 18.03.2014 20:36:07.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.1527.342 [GMT 1:00]
Spuštěný z: c:\users\big\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\SearchProtect
c:\program files\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files\SearchProtect\Main\bin\SPTool.dll
c:\program files\SearchProtect\Main\bin\uninstall.exe
c:\program files\SearchProtect\Main\rep\SystemRepository.dat
c:\program files\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files\SearchProtect\SearchProtect\bin\SPTool64.exe
c:\program files\SearchProtect\SearchProtect\bin\SPVC32.dll
c:\program files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
c:\program files\SearchProtect\SearchProtect\bin\SPVC64.dll
c:\program files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
c:\program files\SearchProtect\UI\bin\cltmngui.exe
c:\program files\SearchProtect\UI\dialogs\bubble\bubble.js
c:\program files\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files\SearchProtect\UI\dialogs\libs\main.js
c:\program files\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
c:\program files\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files\SearchProtect\UI\dialogs\protection\protection.js
c:\program files\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files\SearchProtect\UI\dialogs\settings\settings.js
c:\program files\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files\SearchProtect\UI\dialogs\uninstall\uninstall.js
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-18 do 2014-03-18 )))))))))))))))))))))))))))))))
.
.
2014-03-18 20:05 . 2014-03-18 20:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-18 19:37 . 2014-03-18 19:37 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{131B71D2-E606-4A7F-8B68-DA747A740BA3}\offreg.dll
2014-03-18 19:16 . 2014-03-18 19:16 -------- d-----w- C:\_OTL
2014-03-18 19:05 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{131B71D2-E606-4A7F-8B68-DA747A740BA3}\mpengine.dll
2014-03-18 16:53 . 2014-03-18 16:54 -------- d-----w- C:\rsit
2014-03-18 16:53 . 2014-03-18 16:54 -------- d-----w- c:\program files\trend micro
2014-03-18 16:42 . 2014-03-18 16:44 -------- d-----w- C:\UsbFix
2014-03-18 16:18 . 2014-03-18 16:18 -------- d-----w- c:\programdata\Malwarebytes
2014-03-18 16:18 . 2014-03-18 16:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-03-18 16:18 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-18 14:35 . 2014-03-18 14:35 -------- d-----w- c:\program files\PDF Helper
2014-03-18 13:05 . 2014-03-18 13:05 -------- d-----w- C:\Intel
2014-03-18 12:27 . 2014-03-18 13:54 -------- d-----w- c:\programdata\DriverGenius
2014-03-18 08:20 . 2012-12-16 14:25 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-03-18 08:20 . 2012-12-16 14:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-03-18 08:18 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2014-03-18 08:09 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-03-18 08:09 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-03-18 08:09 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-03-18 08:09 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-03-18 08:09 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-03-18 07:44 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-03-18 07:44 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-03-18 07:44 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-03-18 07:43 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-03-18 07:43 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-03-18 07:43 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-03-18 07:43 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-03-18 07:43 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-03-18 07:43 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-03-18 07:43 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-03-18 07:42 . 2012-03-01 05:53 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-03-18 07:42 . 2012-03-01 05:40 5120 ----a-w- c:\windows\system32\wmi.dll
2014-03-18 07:42 . 2012-03-01 05:45 158720 ----a-w- c:\windows\system32\imagehlp.dll
2014-03-18 07:38 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2014-03-18 07:33 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2014-03-18 07:31 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2014-03-17 22:28 . 2014-03-17 22:28 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-03-17 22:28 . 2014-03-17 22:28 -------- d-----w- c:\program files\VideoLAN
2014-03-17 21:41 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
2014-03-17 21:41 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2014-03-17 21:41 . 2013-04-12 13:58 1210728 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-03-17 21:41 . 2012-11-22 09:33 627712 ----a-w- c:\windows\system32\usp10.dll
2014-03-17 21:41 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2014-03-17 21:41 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-03-17 21:41 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-03-17 21:41 . 2012-08-24 17:10 172544 ----a-w- c:\windows\system32\wintrust.dll
2014-03-17 21:41 . 2013-03-01 03:11 2345984 ----a-w- c:\windows\system32\win32k.sys
2014-03-17 21:41 . 2013-02-12 13:51 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-03-17 21:41 . 2012-11-02 04:48 376832 ----a-w- c:\windows\system32\dpnet.dll
2014-03-17 21:39 . 2011-08-17 04:26 465408 ----a-w- c:\windows\system32\psisdecd.dll
2014-03-17 21:38 . 2011-04-27 02:33 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2014-03-17 21:38 . 2012-11-02 04:50 1388544 ----a-w- c:\windows\system32\msxml6.dll
2014-03-17 21:38 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2014-03-17 21:38 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2014-03-17 21:38 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2014-03-17 21:38 . 2010-08-31 04:32 954752 ----a-w- c:\windows\system32\mfc40.dll
2014-03-17 21:38 . 2010-08-31 04:32 954288 ----a-w- c:\windows\system32\mfc40u.dll
2014-03-17 21:38 . 2011-11-19 14:06 67072 ----a-w- c:\windows\system32\packager.dll
2014-03-17 21:38 . 2010-09-01 04:26 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-03-17 21:38 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-03-17 21:38 . 2013-01-04 04:55 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-03-17 21:38 . 2013-01-04 04:55 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-03-17 21:36 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2014-03-17 21:36 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2014-03-17 21:36 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2014-03-17 21:36 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\system32\quartz.dll
2014-03-17 21:36 . 2011-10-26 04:28 514560 ----a-w- c:\windows\system32\qdvd.dll
2014-03-17 21:36 . 2012-08-10 23:54 541184 ----a-w- c:\windows\system32\kerberos.dll
2014-03-17 21:36 . 2012-08-02 17:05 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2014-03-17 21:34 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2014-03-17 21:33 . 2009-08-29 06:57 34816 ----a-w- c:\windows\system32\msasn1.dll
2014-03-17 21:32 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2014-03-17 21:17 . 2012-11-09 04:49 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-17 21:17 . 2014-03-17 21:17 -------- d-----w- c:\program files\Common Files\Adobe
2014-03-17 21:14 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2014-03-17 21:10 . 2014-03-17 21:10 -------- d-----w- c:\program files\Common Files\Skype
2014-03-17 21:10 . 2014-03-17 21:10 -------- d-----r- c:\program files\Skype
2014-03-17 21:10 . 2014-03-17 21:10 -------- d-----w- c:\programdata\Skype
2014-03-17 21:09 . 2013-03-17 17:21 3649536 ----a-w- c:\windows\system32\x264vfw.dll
2014-03-17 21:09 . 2012-07-21 11:54 122880 ----a-w- c:\windows\system32\ac3acm.acm
2014-03-17 21:09 . 2011-12-07 18:32 216064 ----a-w- c:\windows\system32\lagarith.dll
2014-03-17 21:09 . 2011-06-24 15:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2014-03-17 21:09 . 2011-06-24 15:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2014-03-17 21:09 . 2013-12-01 13:10 218200 ----a-w- c:\windows\system32\unrar.dll
2014-03-17 21:09 . 2014-02-06 18:00 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2014-03-17 21:09 . 2014-03-17 21:09 -------- d-----w- c:\program files\K-Lite Codec Pack
2014-03-17 21:09 . 2013-12-18 06:13 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-17 21:07 . 2014-03-17 21:18 -------- d-sh--w- c:\windows\Installer
2014-03-17 21:07 . 2009-04-29 06:46 15872 ----a-w- c:\windows\system32\drivers\HpqKbFiltr.sys
2014-03-17 21:07 . 2006-11-02 05:09 1419232 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01005.dll
2014-03-17 21:07 . 2014-03-17 21:07 -------- d-----w- c:\program files\Hewlett-Packard
2014-03-17 21:07 . 2008-09-08 12:31 1885488 ----a-w- c:\windows\system32\BttnCmns.dll
2014-03-17 21:07 . 2008-09-08 12:31 1885488 ----a-r- c:\windows\system32\BttnCmn.dll
2014-03-17 21:07 . 2014-03-17 21:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2014-03-17 21:06 . 2014-03-17 21:07 -------- d-----w- c:\windows\QLB
2014-03-17 21:05 . 2011-02-03 05:45 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-03-17 21:05 . 2010-11-02 04:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-03-17 21:05 . 2010-11-02 04:23 107520 ----a-w- c:\windows\system32\cdd.dll
2014-03-17 20:56 . 2009-09-23 10:50 398336 ----a-w- c:\windows\system32\TVWizudlg.exe
2014-03-17 20:56 . 2009-09-23 10:49 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2014-03-17 20:56 . 2014-03-17 20:56 -------- d-----w- c:\windows\system32\Lang
2014-03-17 20:56 . 2014-03-17 20:56 -------- d-----w- c:\program files\Intel
2014-03-17 20:52 . 2014-03-17 20:52 -------- d-----w- c:\windows\system32\x64
2014-03-17 20:52 . 2009-09-23 18:30 1002008 ----a-w- c:\windows\system32\igxpun.exe
2014-03-17 20:51 . 2012-02-15 05:44 826368 ----a-w- c:\windows\system32\rdpcore.dll
2014-03-17 20:51 . 2012-02-15 04:22 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-03-17 20:51 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2014-03-17 20:50 . 2014-03-17 20:50 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-03-17 20:46 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-03-17 20:46 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-03-17 20:46 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-03-17 20:46 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-03-17 20:46 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-03-17 20:46 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-03-17 20:46 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-03-17 20:45 . 2014-03-17 21:24 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-17 20:45 . 2014-03-17 21:24 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-17 20:45 . 2014-03-17 20:45 -------- d-----w- c:\windows\system32\Macromed
2014-03-17 20:41 . 2014-03-18 17:48 -------- d-----w- c:\windows\system32\wbem\Performance
2014-03-17 20:41 . 2014-03-18 13:55 -------- d-----w- c:\users\big
2014-03-17 20:41 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-03-17 20:41 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-03-17 20:28 . 2014-03-17 20:41 -------- d-----w- c:\windows\Panther
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-18 07:40 . 2014-03-18 07:40 203776 ----a-w- c:\windows\system32\webcheck.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^big^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^8e3bc91142bd8d798a10a1667ae4d2be.exe]
path=c:\users\big\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8e3bc91142bd8d798a10a1667ae4d2be.exe
backup=c:\windows\pss\8e3bc91142bd8d798a10a1667ae4d2be.exe.Startup
backupExtension=.Startup
.
R2 CltMngSvc;Search Protect by Conduit Service;c:\progra~1\SearchProtect\Main\bin\CltMngSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\DRIVERS\rismc32.sys [2006-10-03 47488]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.trovigo.com/?gd=&ctid=CT3314759&oct ... 43F5&SSPV=
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\big\AppData\Roaming\Mozilla\Firefox\Profiles\g8a46teo.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-8e3bc91142bd8d798a10a1667ae4d2be - c:\users\big\AppData\Local\Temp\Skype.exe
AddRemove-SearchProtect - c:\progra~1\SearchProtect\Main\bin\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-18 21:09:04
ComboFix-quarantined-files.txt 2014-03-18 20:09
.
Před spuštěním: Volných bajtů: 55 443 148 800
Po spuštění: Volných bajtů: 55 706 923 008
.
- - End Of File - - 903AC0D9561EDBF1C2F449A2C1E7557C
A36C5E4F47E84449FF07ED3517B43A31