Zdravím všechny machry na viry. Prosím o kontrolu logu. Počítač mám od známého, který si stěžuje na kompletně zavirovaný PC.
Děkuji moc za případnou pomoc.
Logfile of random's system information tool 1.07 (written by random/random)
Run by Honza Kryl at 2010-05-14 16:40:32
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (11%) free of 76 GB
Total RAM: 509 MB (43% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49E0E0F0-5C30-11D4-945D-000000000003}]
IE PopUp-Killer - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll [2004-09-01 414720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\toolbaru.dll [2005-01-19 446464]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-02-24 5537792]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-02-27 47104]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2004-12-20 33792]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Media Access"=C:\Program Files\Media Access\MediaAccK.exe [2005-05-07 20992]
"salm"=c:\temp\salm.exe []
"pdfSaver3"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-10-21 98304]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2005-12-13 217088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]
""= []
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"PrintPack dispatcher"=C:\Program Files\Software602\Print2PDF\PrnPack.exe [2007-05-03 2759872]
"bgsmsnd.exe"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe [2006-06-02 106496]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"combofix"=C:\ComboFix\CF4237.cfxxe /c C:\ComboFix\C.bat []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Gadwin PrintScreen 2.6"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2003-07-16 913408]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-04-08 1953792]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2005-01-19 405583]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2006-03-13 19543592]
"Ashampoo PopUpBlocker"=C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe [2004-02-03 1216000]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-11-30 1306624]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile Communication Centre\Centre.exe [2006-07-29 687163]
"EPSON SX100 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
Software Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění
ctfmon.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQLite"
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe"="C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe:*:Enabled:AIMICQ invisible checker"
"C:\Program Files\BT2Net\bt2net.exe"="C:\Program Files\BT2Net\bt2net.exe:*:Enabled:BT2Net"
"C:\Program Files\EA SPORTS\NHL06\nhl06.exe"="C:\Program Files\EA SPORTS\NHL06\nhl06.exe:*:Enabled:nhl06"
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe"="C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe:*:Enabled:fifa06"
"C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe"="C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe:*:Enabled:casinove"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe:*:Enabled:Kaspersky Anti-Virus Service"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\mswt kart 2004\MSWorldTour.exe"="C:\Program Files\mswt kart 2004\MSWorldTour.exe:*:Enabled:MSWorldTour"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe"="C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe:*:Enabled:Usca2004"
"C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe"="C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe:*:Enabled:Usca2004"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe"="C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{212a7316-6a5e-11de-ba16-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{306ce6a2-5f62-11df-ba25-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e4f44ee-b45f-11de-ba1d-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{443ad38a-4748-11dd-b9fb-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5476929a-2b58-11dd-b9f9-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - E:\resycled\boot.com f:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}]
shell\AutoRun\command - E:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5f2be83-1180-11df-ba21-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7847fd8-d61b-11de-ba1e-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ffe2337a-10a8-11df-ba20-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
======List of files/folders created in the last 1 months======
2010-05-14 16:40:32 ----D---- C:\rsit
2010-05-14 16:40:32 ----D---- C:\Program Files\trend micro
2010-05-14 16:12:32 ----D---- C:\WINDOWS\ERDNT
2010-05-14 16:10:38 ----D---- C:\Qoobox
======List of files/folders modified in the last 1 months======
2010-05-14 16:40:32 ----AD---- C:\Program Files
2010-05-14 16:17:08 ----D---- C:\WINDOWS\Prefetch
2010-05-14 16:16:50 ----D---- C:\WINDOWS
2010-05-14 16:16:46 ----D---- C:\WINDOWS\Temp
2010-05-14 16:11:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-14 16:08:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-14 16:01:01 ----D---- C:\WINDOWS\system32
2010-05-14 16:01:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2005-12-27 164992]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2005-12-27 12544]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-02-19 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-02-19 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-03-07 707212]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-02-24 3454144]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 vdrv8000;vdrv8000; C:\WINDOWS\system32\DRIVERS\vdrv8000.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;AVC Device; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-11-20 223128]
S3 GT43XX;GT Combo 802.11g Wireless LAN Adapter Driver GT43XX; C:\WINDOWS\system32\DRIVERS\gtwl5.sys [2005-01-28 266496]
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys [2004-06-11 62035]
S3 GTEDGWModem;Option NV GTEDGWModem; C:\WINDOWS\system32\DRIVERS\GTEDG.sys [2005-01-28 107904]
S3 GTEDGWWNIC;Option NV GTEDGWWNIC; C:\WINDOWS\system32\DRIVERS\GTEDGNet.sys [2005-01-28 52864]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-04-10 10578]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2002-02-19 9600]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-02-19 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 ndiscm;Motorola USB Cable Modem Windows Driver; C:\WINDOWS\System32\DRIVERS\NetMotCM.sys [2003-08-10 14336]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2005-10-13 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2005-10-13 124928]
S3 OptionWWSC;GT Combo EDGE SIM Card Reader; C:\WINDOWS\system32\DRIVERS\GTEDGSC.sys [2005-01-28 21888]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TridDev;Trident Device; C:\WINDOWS\system32\DRIVERS\Triddev.sys [2006-07-22 3584]
S3 tridhid;tridhid - USB 2.0 HID Driver; C:\WINDOWS\system32\drivers\tridhid.sys [2006-09-18 15488]
S3 TridVid;Trident USB TV; C:\WINDOWS\system32\DRIVERS\TridVid.sys [2006-10-20 166912]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2005-05-26 21344]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2005-06-24 39036]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-12-06 104064]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2005-11-20 664064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-02-24 127043]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 bepldr;BCL easyPDF SDK 5 Loader; C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe [2007-03-01 151552]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - totálně zavirovaný PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - totálně zavirovaný PC
Zdravím 
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.
Vložte do PC všechny flash disky, které používáte.
Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
Máte někde log z ComboFixu 
Nedoporučuji používat ComboFix z vlastní iniciativy, může dojít k poškození systému!
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy. Vložte do PC všechny flash disky, které používáte. Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe
- Spusťte, poté zvolte jazyk E - Enter
- Zvolte 2 - Enter (je možný restart PC)
- Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Máte někde log z ComboFixu Nedoporučuji používat ComboFix z vlastní iniciativy, může dojít k poškození systému!
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
Děkuji za pomoc.
Combofix byl spoušten asi někdy dříve. Přihodím ještě log.
Jak tady mám vložit logy z OTL. (přesahujou povolený počet znaků a přípona txt ani doc není povolena)
Děkuji
Combofix byl spoušten asi někdy dříve. Přihodím ještě log.
Jak tady mám vložit logy z OTL. (přesahujou povolený počet znaků a přípona txt ani doc není povolena)
Děkuji
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
OTL logfile created on: 14.5.2010 17:42:38 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Honza Kryl\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
509,00 Mb Total Physical Memory | 219,00 Mb Available Physical Memory | 43,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 8,26 Gb Free Space | 11,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,73 Gb Total Space | 0,70 Gb Free Space | 18,83% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HONZA
Current User Name: Honza Kryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
PRC - [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.03 09:43:06 | 002,759,872 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\PrnPack.exe
PRC - [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic) -- C:\Program Files\T-Mobile Communication Centre\Centre.exe
PRC - [2006.07.11 12:06:40 | 003,144,800 | ---- | M] (ICQ Ltd.) -- C:\Program Files\ICQLite\ICQLite.exe
PRC - [2006.06.27 12:06:12 | 000,020,480 | R-S- | M] (Microsoft Corporation) -- C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe
PRC - [2006.06.14 23:11:40 | 000,180,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2006.06.02 01:33:00 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe
PRC - [2006.03.16 09:43:28 | 000,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005.12.13 08:49:08 | 000,217,088 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2005.11.07 10:09:18 | 000,120,320 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2005.10.28 13:54:50 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2005.10.26 17:17:24 | 000,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005.08.10 08:54:34 | 000,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005.06.08 17:45:04 | 000,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2005.06.06 23:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2005.05.07 15:00:38 | 000,020,992 | ---- | M] () -- C:\Program Files\Media Access\MediaAccK.exe
PRC - [2005.05.07 15:00:37 | 000,048,128 | ---- | M] () -- C:\Program Files\Media Access\MediaAccess.exe
PRC - [2005.03.04 03:36:46 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
PRC - [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2004.12.20 20:41:22 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2004.02.03 13:13:56 | 001,216,000 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
PRC - [2003.12.17 12:57:08 | 000,106,496 | ---- | M] (Sony Corporation.) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
PRC - [2003.11.21 22:02:42 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
PRC - [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2003.02.27 08:29:26 | 000,047,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2007.03.01 14:50:36 | 000,151,552 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe -- (bepldr)
========== Driver Services (SafeList) ==========
DRV - [2006.10.20 22:00:00 | 000,166,912 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TridVid.sys -- (TridVid)
DRV - [2006.09.18 04:44:12 | 000,015,488 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tridhid.sys -- (tridhid)
DRV - [2006.07.22 05:55:32 | 000,003,584 | R--- | M] (Trident Microsystem Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Triddev.sys -- (TridDev)
DRV - [2006.04.28 17:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.04.28 17:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.04.28 17:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.04.28 17:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.04.28 17:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006.04.28 17:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.04.28 17:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.04.22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2006.04.10 20:34:03 | 000,010,578 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.12.27 23:27:47 | 000,164,992 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\athsgt.sys -- (athsgt)
DRV - [2005.12.27 23:27:47 | 000,012,544 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\limsgt.sys -- (limsgt)
DRV - [2005.11.20 16:28:45 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2005.11.20 16:27:03 | 000,664,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2005.10.13 08:15:18 | 000,124,928 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2005.10.13 08:15:18 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2005.10.13 08:15:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.24 18:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005.05.26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.02.24 14:32:00 | 003,454,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.02.11 11:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.02.11 11:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.02.11 11:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.02.11 11:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.01.28 19:31:08 | 000,266,496 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtwl5.SYS -- (GT43XX)
DRV - [2005.01.28 19:30:56 | 000,021,888 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGSC.sys -- (OptionWWSC)
DRV - [2005.01.28 19:30:42 | 000,052,864 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGNet.sys -- (GTEDGWWNIC)
DRV - [2005.01.28 19:30:34 | 000,107,904 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDG.sys -- (GTEDGWModem)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2004.08.03 23:10:12 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004.08.03 23:10:12 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004.08.03 23:10:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2004.08.03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004.08.03 22:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004.06.11 17:44:50 | 000,062,035 | ---- | M] (Flextronics Design Korea Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtusbmdm_gpc6400.sys -- (gtcdcmdm) GTRAN USB CDC Driver (PID 3196)
DRV - [2003.12.03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003.08.10 02:32:14 | 000,014,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003.03.07 03:05:02 | 000,707,212 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002.02.19 17:43:08 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002.02.19 17:43:08 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2002.02.19 17:42:34 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IE PopUp-Killer) - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\popup.dll ()
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [bgsmsnd.exe] C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe ()
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF4237.cfx File not found
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [pdfSaver3] File not found
O4 - HKLM..\Run: [PrintPack dispatcher] C:\Program Files\Software602\Print2PDF\PrnPack.exe (Software602)
O4 - HKLM..\Run: [salm] c:\temp\salm.exe File not found
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Ashampoo PopUpBlocker] C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [T-Mobile Communication Centre] C:\Program Files\T-Mobile Communication Centre\Centre.exe (Gemfor s.r.o., Czech Republic)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe ()
O4 - Startup: C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe (Microsoft Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Vytvořit mobilní oblíbenou položku - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra Button: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra 'Tools' menuitem : Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.imgfarm.com/images/nocache/fu ... 0.0.15.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-445535400000} http://download.macromedia.com/pub/shoc ... wflash.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bt2 {1730B77B-F429-498f-9B15-4514D83C8294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-bt2 {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.01 16:44:34 | 000,000,121 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.05.14 17:27:34 | 000,000,103 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{212a7316-6a5e-11de-ba16-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{27b5f80a-2bfa-11da-b7a4-806d6172696f}\Shell\Open(O)\command - "" = C:\Recycled\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{3e4f44ee-b45f-11de-ba1d-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{443ad38a-4748-11dd-b9fb-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{5476929a-2b58-11dd-b9f9-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell - "" = AutoRun
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell\Open\command - "" = E:\resycled\boot.com -- File not found
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell - "" = AutoRun
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O33 - MountPoints2\{e5f2be83-1180-11df-ba21-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{e7847fd8-d61b-11de-ba1e-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{ffe2337a-10a8-11df-ba20-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005.04.27 17:19:35 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\mobileV.acm ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINDOWS\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.vp31 - vp31vfw.dll File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:28:08 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.14 16:12:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.14 16:10:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:42:13 | 007,864,320 | -H-- | M] () -- C:\Documents and Settings\Honza Kryl\NTUSER.DAT
[2010.05.14 16:24:26 | 003,688,866 | ---- | M] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2010.05.14 16:17:48 | 003,905,536 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mbb
[2010.05.14 16:17:48 | 001,875,968 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mb
[2010.05.14 16:16:42 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.14 16:12:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.14 16:12:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.14 16:11:03 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Honza Kryl\ntuser.ini
[2010.05.14 16:01:01 | 000,884,654 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.14 16:01:01 | 000,380,548 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.14 16:01:01 | 000,379,532 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.14 16:01:01 | 000,062,156 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.14 16:01:01 | 000,052,962 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.14 15:56:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.05.14 16:42:08 | 003,688,866 | ---- | C] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2009.09.07 21:02:03 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.09.07 20:58:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDESX100EXPORT.ini
[2008.07.01 13:19:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008.07.01 11:01:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\bgspmnt.dll
[2008.07.01 11:01:43 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2008.07.01 11:01:43 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2007.01.02 23:40:10 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\VendorCmdRW.dll
[2006.09.22 21:40:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2006.08.26 21:19:23 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005.12.27 23:27:47 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys
[2005.12.27 23:27:47 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys
[2005.11.17 11:48:51 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2005.11.11 12:02:37 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005.07.21 12:03:58 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2005.07.01 09:41:42 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2005.06.29 09:58:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.06.11 21:18:53 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005.06.11 19:54:53 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005.05.29 03:45:43 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2005.05.10 17:44:08 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys
[2005.04.30 23:58:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005.04.30 03:09:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.04.30 01:36:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005.04.30 00:39:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005.04.27 19:26:11 | 000,000,132 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.04.27 18:18:47 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005.04.27 17:34:09 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.02.17 12:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.02.17 12:31:58 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.02.17 12:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.02.17 12:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.02.17 12:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.02.17 12:31:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.02.17 12:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.07.03 22:08:04 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.06.12 15:55:32 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004.06.12 15:55:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LameEncShim.dll
[2000.09.08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
========== LOP Check ==========
[2005.10.21 11:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2006.06.29 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.09.07 21:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2005.05.29 02:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Anti-Virus Personal
[2006.09.15 21:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.09.07 21:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.10.13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation)
"Gadwin PrintScreen 2.6" = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash -- [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.)
"NBJ" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" -- [2005.04.08 18:43:22 | 001,953,792 | ---- | M] (Ahead Software AG)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" -- [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2006.03.13 11:10:54 | 019,543,592 | ---- | M] ()
"Ashampoo PopUpBlocker" = C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe -- [2004.02.03 13:13:56 | 001,216,000 | ---- | M] ()
"PcSync" = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog -- [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.)
"T-Mobile Communication Centre" = C:\Program Files\T-Mobile Communication Centre\Centre.exe -- [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic)
"EPSON SX100 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\WINDOWS\TEMP\E_S6A.tmp" /EF "HKCU" -- [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2006.09.15 21:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Adobe
[2007.01.09 18:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeAUM
[2007.09.02 11:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeUM
[2006.02.22 18:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Ahead
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2006.04.10 20:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Hamachi
[2005.06.30 18:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Help
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.04.27 17:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Identities
[2007.08.26 21:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InstallShield
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2005.05.14 15:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Macromedia
[2006.04.05 19:58:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Microsoft
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2010.05.14 17:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Skype
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2005.09.29 11:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Sun
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Honza Kryl\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
509,00 Mb Total Physical Memory | 219,00 Mb Available Physical Memory | 43,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 8,26 Gb Free Space | 11,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,73 Gb Total Space | 0,70 Gb Free Space | 18,83% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HONZA
Current User Name: Honza Kryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
PRC - [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.03 09:43:06 | 002,759,872 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\PrnPack.exe
PRC - [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic) -- C:\Program Files\T-Mobile Communication Centre\Centre.exe
PRC - [2006.07.11 12:06:40 | 003,144,800 | ---- | M] (ICQ Ltd.) -- C:\Program Files\ICQLite\ICQLite.exe
PRC - [2006.06.27 12:06:12 | 000,020,480 | R-S- | M] (Microsoft Corporation) -- C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe
PRC - [2006.06.14 23:11:40 | 000,180,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2006.06.02 01:33:00 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe
PRC - [2006.03.16 09:43:28 | 000,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005.12.13 08:49:08 | 000,217,088 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2005.11.07 10:09:18 | 000,120,320 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2005.10.28 13:54:50 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2005.10.26 17:17:24 | 000,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005.08.10 08:54:34 | 000,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005.06.08 17:45:04 | 000,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2005.06.06 23:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2005.05.07 15:00:38 | 000,020,992 | ---- | M] () -- C:\Program Files\Media Access\MediaAccK.exe
PRC - [2005.05.07 15:00:37 | 000,048,128 | ---- | M] () -- C:\Program Files\Media Access\MediaAccess.exe
PRC - [2005.03.04 03:36:46 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
PRC - [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2004.12.20 20:41:22 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2004.02.03 13:13:56 | 001,216,000 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
PRC - [2003.12.17 12:57:08 | 000,106,496 | ---- | M] (Sony Corporation.) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
PRC - [2003.11.21 22:02:42 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
PRC - [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2003.02.27 08:29:26 | 000,047,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2007.03.01 14:50:36 | 000,151,552 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe -- (bepldr)
========== Driver Services (SafeList) ==========
DRV - [2006.10.20 22:00:00 | 000,166,912 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TridVid.sys -- (TridVid)
DRV - [2006.09.18 04:44:12 | 000,015,488 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tridhid.sys -- (tridhid)
DRV - [2006.07.22 05:55:32 | 000,003,584 | R--- | M] (Trident Microsystem Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Triddev.sys -- (TridDev)
DRV - [2006.04.28 17:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.04.28 17:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.04.28 17:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.04.28 17:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.04.28 17:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006.04.28 17:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.04.28 17:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.04.22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2006.04.10 20:34:03 | 000,010,578 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.12.27 23:27:47 | 000,164,992 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\athsgt.sys -- (athsgt)
DRV - [2005.12.27 23:27:47 | 000,012,544 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\limsgt.sys -- (limsgt)
DRV - [2005.11.20 16:28:45 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2005.11.20 16:27:03 | 000,664,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2005.10.13 08:15:18 | 000,124,928 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2005.10.13 08:15:18 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2005.10.13 08:15:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.24 18:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005.05.26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.02.24 14:32:00 | 003,454,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.02.11 11:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.02.11 11:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.02.11 11:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.02.11 11:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.01.28 19:31:08 | 000,266,496 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtwl5.SYS -- (GT43XX)
DRV - [2005.01.28 19:30:56 | 000,021,888 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGSC.sys -- (OptionWWSC)
DRV - [2005.01.28 19:30:42 | 000,052,864 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGNet.sys -- (GTEDGWWNIC)
DRV - [2005.01.28 19:30:34 | 000,107,904 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDG.sys -- (GTEDGWModem)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2004.08.03 23:10:12 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004.08.03 23:10:12 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004.08.03 23:10:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2004.08.03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004.08.03 22:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004.06.11 17:44:50 | 000,062,035 | ---- | M] (Flextronics Design Korea Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtusbmdm_gpc6400.sys -- (gtcdcmdm) GTRAN USB CDC Driver (PID 3196)
DRV - [2003.12.03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003.08.10 02:32:14 | 000,014,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003.03.07 03:05:02 | 000,707,212 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002.02.19 17:43:08 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002.02.19 17:43:08 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2002.02.19 17:42:34 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IE PopUp-Killer) - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\popup.dll ()
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [bgsmsnd.exe] C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe ()
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF4237.cfx File not found
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [pdfSaver3] File not found
O4 - HKLM..\Run: [PrintPack dispatcher] C:\Program Files\Software602\Print2PDF\PrnPack.exe (Software602)
O4 - HKLM..\Run: [salm] c:\temp\salm.exe File not found
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Ashampoo PopUpBlocker] C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [T-Mobile Communication Centre] C:\Program Files\T-Mobile Communication Centre\Centre.exe (Gemfor s.r.o., Czech Republic)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe ()
O4 - Startup: C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe (Microsoft Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Vytvořit mobilní oblíbenou položku - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra Button: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra 'Tools' menuitem : Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.imgfarm.com/images/nocache/fu ... 0.0.15.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-445535400000} http://download.macromedia.com/pub/shoc ... wflash.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bt2 {1730B77B-F429-498f-9B15-4514D83C8294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-bt2 {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.01 16:44:34 | 000,000,121 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.05.14 17:27:34 | 000,000,103 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{212a7316-6a5e-11de-ba16-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{27b5f80a-2bfa-11da-b7a4-806d6172696f}\Shell\Open(O)\command - "" = C:\Recycled\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{3e4f44ee-b45f-11de-ba1d-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{443ad38a-4748-11dd-b9fb-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{5476929a-2b58-11dd-b9f9-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell - "" = AutoRun
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell\Open\command - "" = E:\resycled\boot.com -- File not found
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell - "" = AutoRun
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O33 - MountPoints2\{e5f2be83-1180-11df-ba21-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{e7847fd8-d61b-11de-ba1e-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{ffe2337a-10a8-11df-ba20-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005.04.27 17:19:35 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\mobileV.acm ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINDOWS\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.vp31 - vp31vfw.dll File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:28:08 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.14 16:12:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.14 16:10:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:42:13 | 007,864,320 | -H-- | M] () -- C:\Documents and Settings\Honza Kryl\NTUSER.DAT
[2010.05.14 16:24:26 | 003,688,866 | ---- | M] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2010.05.14 16:17:48 | 003,905,536 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mbb
[2010.05.14 16:17:48 | 001,875,968 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mb
[2010.05.14 16:16:42 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.14 16:12:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.14 16:12:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.14 16:11:03 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Honza Kryl\ntuser.ini
[2010.05.14 16:01:01 | 000,884,654 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.14 16:01:01 | 000,380,548 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.14 16:01:01 | 000,379,532 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.14 16:01:01 | 000,062,156 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.14 16:01:01 | 000,052,962 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.14 15:56:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.05.14 16:42:08 | 003,688,866 | ---- | C] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2009.09.07 21:02:03 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.09.07 20:58:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDESX100EXPORT.ini
[2008.07.01 13:19:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008.07.01 11:01:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\bgspmnt.dll
[2008.07.01 11:01:43 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2008.07.01 11:01:43 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2007.01.02 23:40:10 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\VendorCmdRW.dll
[2006.09.22 21:40:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2006.08.26 21:19:23 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005.12.27 23:27:47 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys
[2005.12.27 23:27:47 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys
[2005.11.17 11:48:51 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2005.11.11 12:02:37 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005.07.21 12:03:58 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2005.07.01 09:41:42 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2005.06.29 09:58:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.06.11 21:18:53 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005.06.11 19:54:53 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005.05.29 03:45:43 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2005.05.10 17:44:08 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys
[2005.04.30 23:58:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005.04.30 03:09:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.04.30 01:36:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005.04.30 00:39:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005.04.27 19:26:11 | 000,000,132 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.04.27 18:18:47 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005.04.27 17:34:09 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.02.17 12:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.02.17 12:31:58 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.02.17 12:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.02.17 12:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.02.17 12:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.02.17 12:31:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.02.17 12:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.07.03 22:08:04 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.06.12 15:55:32 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004.06.12 15:55:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LameEncShim.dll
[2000.09.08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
========== LOP Check ==========
[2005.10.21 11:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2006.06.29 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.09.07 21:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2005.05.29 02:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Anti-Virus Personal
[2006.09.15 21:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.09.07 21:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.10.13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation)
"Gadwin PrintScreen 2.6" = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash -- [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.)
"NBJ" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" -- [2005.04.08 18:43:22 | 001,953,792 | ---- | M] (Ahead Software AG)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" -- [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2006.03.13 11:10:54 | 019,543,592 | ---- | M] ()
"Ashampoo PopUpBlocker" = C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe -- [2004.02.03 13:13:56 | 001,216,000 | ---- | M] ()
"PcSync" = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog -- [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.)
"T-Mobile Communication Centre" = C:\Program Files\T-Mobile Communication Centre\Centre.exe -- [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic)
"EPSON SX100 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\WINDOWS\TEMP\E_S6A.tmp" /EF "HKCU" -- [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2006.09.15 21:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Adobe
[2007.01.09 18:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeAUM
[2007.09.02 11:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeUM
[2006.02.22 18:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Ahead
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2006.04.10 20:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Hamachi
[2005.06.30 18:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Help
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.04.27 17:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Identities
[2007.08.26 21:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InstallShield
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2005.05.14 15:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Macromedia
[2006.04.05 19:58:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Microsoft
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2010.05.14 17:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Skype
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2005.09.29 11:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Sun
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
To tu pak budeme asi do vánoc... (mají přes 800000 znaků,povoleno je 60000)
Nestačil by zkontrolovat log z Combofixu?
Děkuji
Logfile of random's system information tool 1.07 (written by random/random)
Run by Honza Kryl at 2010-05-14 16:40:32
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (11%) free of 76 GB
Total RAM: 509 MB (43% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49E0E0F0-5C30-11D4-945D-000000000003}]
IE PopUp-Killer - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll [2004-09-01 414720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\toolbaru.dll [2005-01-19 446464]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-02-24 5537792]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-02-27 47104]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2004-12-20 33792]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Media Access"=C:\Program Files\Media Access\MediaAccK.exe [2005-05-07 20992]
"salm"=c:\temp\salm.exe []
"pdfSaver3"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-10-21 98304]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2005-12-13 217088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]
""= []
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"PrintPack dispatcher"=C:\Program Files\Software602\Print2PDF\PrnPack.exe [2007-05-03 2759872]
"bgsmsnd.exe"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe [2006-06-02 106496]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"combofix"=C:\ComboFix\CF4237.cfxxe /c C:\ComboFix\C.bat []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Gadwin PrintScreen 2.6"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2003-07-16 913408]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-04-08 1953792]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2005-01-19 405583]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2006-03-13 19543592]
"Ashampoo PopUpBlocker"=C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe [2004-02-03 1216000]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-11-30 1306624]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile Communication Centre\Centre.exe [2006-07-29 687163]
"EPSON SX100 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
Software Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění
ctfmon.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQLite"
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe"="C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe:*:Enabled:AIMICQ invisible checker"
"C:\Program Files\BT2Net\bt2net.exe"="C:\Program Files\BT2Net\bt2net.exe:*:Enabled:BT2Net"
"C:\Program Files\EA SPORTS\NHL06\nhl06.exe"="C:\Program Files\EA SPORTS\NHL06\nhl06.exe:*:Enabled:nhl06"
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe"="C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe:*:Enabled:fifa06"
"C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe"="C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe:*:Enabled:casinove"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe:*:Enabled:Kaspersky Anti-Virus Service"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\mswt kart 2004\MSWorldTour.exe"="C:\Program Files\mswt kart 2004\MSWorldTour.exe:*:Enabled:MSWorldTour"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe"="C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe:*:Enabled:Usca2004"
"C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe"="C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe:*:Enabled:Usca2004"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe"="C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{212a7316-6a5e-11de-ba16-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{306ce6a2-5f62-11df-ba25-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e4f44ee-b45f-11de-ba1d-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{443ad38a-4748-11dd-b9fb-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5476929a-2b58-11dd-b9f9-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - E:\resycled\boot.com f:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}]
shell\AutoRun\command - E:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5f2be83-1180-11df-ba21-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7847fd8-d61b-11de-ba1e-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ffe2337a-10a8-11df-ba20-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
======List of files/folders created in the last 1 months======
2010-05-14 16:40:32 ----D---- C:\rsit
2010-05-14 16:40:32 ----D---- C:\Program Files\trend micro
2010-05-14 16:12:32 ----D---- C:\WINDOWS\ERDNT
2010-05-14 16:10:38 ----D---- C:\Qoobox
======List of files/folders modified in the last 1 months======
2010-05-14 16:40:32 ----AD---- C:\Program Files
2010-05-14 16:17:08 ----D---- C:\WINDOWS\Prefetch
2010-05-14 16:16:50 ----D---- C:\WINDOWS
2010-05-14 16:16:46 ----D---- C:\WINDOWS\Temp
2010-05-14 16:11:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-14 16:08:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-14 16:01:01 ----D---- C:\WINDOWS\system32
2010-05-14 16:01:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2005-12-27 164992]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2005-12-27 12544]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-02-19 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-02-19 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-03-07 707212]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-02-24 3454144]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 vdrv8000;vdrv8000; C:\WINDOWS\system32\DRIVERS\vdrv8000.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;AVC Device; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-11-20 223128]
S3 GT43XX;GT Combo 802.11g Wireless LAN Adapter Driver GT43XX; C:\WINDOWS\system32\DRIVERS\gtwl5.sys [2005-01-28 266496]
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys [2004-06-11 62035]
S3 GTEDGWModem;Option NV GTEDGWModem; C:\WINDOWS\system32\DRIVERS\GTEDG.sys [2005-01-28 107904]
S3 GTEDGWWNIC;Option NV GTEDGWWNIC; C:\WINDOWS\system32\DRIVERS\GTEDGNet.sys [2005-01-28 52864]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-04-10 10578]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2002-02-19 9600]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-02-19 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 ndiscm;Motorola USB Cable Modem Windows Driver; C:\WINDOWS\System32\DRIVERS\NetMotCM.sys [2003-08-10 14336]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2005-10-13 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2005-10-13 124928]
S3 OptionWWSC;GT Combo EDGE SIM Card Reader; C:\WINDOWS\system32\DRIVERS\GTEDGSC.sys [2005-01-28 21888]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TridDev;Trident Device; C:\WINDOWS\system32\DRIVERS\Triddev.sys [2006-07-22 3584]
S3 tridhid;tridhid - USB 2.0 HID Driver; C:\WINDOWS\system32\drivers\tridhid.sys [2006-09-18 15488]
S3 TridVid;Trident USB TV; C:\WINDOWS\system32\DRIVERS\TridVid.sys [2006-10-20 166912]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2005-05-26 21344]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2005-06-24 39036]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-12-06 104064]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2005-11-20 664064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-02-24 127043]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 bepldr;BCL easyPDF SDK 5 Loader; C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe [2007-03-01 151552]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
(mají přes 800000 znaků,povoleno je 60000)Nestačil by zkontrolovat log z Combofixu?
Děkuji
Logfile of random's system information tool 1.07 (written by random/random)
Run by Honza Kryl at 2010-05-14 16:40:32
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (11%) free of 76 GB
Total RAM: 509 MB (43% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49E0E0F0-5C30-11D4-945D-000000000003}]
IE PopUp-Killer - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll [2004-09-01 414720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\toolbaru.dll [2005-01-19 446464]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-02-24 5537792]
"nwiz"=nwiz.exe /install []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-02-27 47104]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2004-12-20 33792]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Media Access"=C:\Program Files\Media Access\MediaAccK.exe [2005-05-07 20992]
"salm"=c:\temp\salm.exe []
"pdfSaver3"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-10-21 98304]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2005-12-13 217088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]
""= []
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"PrintPack dispatcher"=C:\Program Files\Software602\Print2PDF\PrnPack.exe [2007-05-03 2759872]
"bgsmsnd.exe"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe [2006-06-02 106496]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"combofix"=C:\ComboFix\CF4237.cfxxe /c C:\ComboFix\C.bat []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Gadwin PrintScreen 2.6"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2003-07-16 913408]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-04-08 1953792]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2005-01-19 405583]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2006-03-13 19543592]
"Ashampoo PopUpBlocker"=C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe [2004-02-03 1216000]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-11-30 1306624]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile Communication Centre\Centre.exe [2006-07-29 687163]
"EPSON SX100 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
Software Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění
ctfmon.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQLite"
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe"="C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe:*:Enabled:AIMICQ invisible checker"
"C:\Program Files\BT2Net\bt2net.exe"="C:\Program Files\BT2Net\bt2net.exe:*:Enabled:BT2Net"
"C:\Program Files\EA SPORTS\NHL06\nhl06.exe"="C:\Program Files\EA SPORTS\NHL06\nhl06.exe:*:Enabled:nhl06"
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe"="C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe:*:Enabled:fifa06"
"C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe"="C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe:*:Enabled:casinove"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe:*:Enabled:Kaspersky Anti-Virus Service"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\mswt kart 2004\MSWorldTour.exe"="C:\Program Files\mswt kart 2004\MSWorldTour.exe:*:Enabled:MSWorldTour"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe"="C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe:*:Enabled:Usca2004"
"C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe"="C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe:*:Enabled:Usca2004"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe"="C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{212a7316-6a5e-11de-ba16-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{306ce6a2-5f62-11df-ba25-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e4f44ee-b45f-11de-ba1d-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{443ad38a-4748-11dd-b9fb-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5476929a-2b58-11dd-b9f9-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - E:\resycled\boot.com f:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}]
shell\AutoRun\command - E:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5f2be83-1180-11df-ba21-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7847fd8-d61b-11de-ba1e-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ffe2337a-10a8-11df-ba20-00c09f2ed312}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe
======List of files/folders created in the last 1 months======
2010-05-14 16:40:32 ----D---- C:\rsit
2010-05-14 16:40:32 ----D---- C:\Program Files\trend micro
2010-05-14 16:12:32 ----D---- C:\WINDOWS\ERDNT
2010-05-14 16:10:38 ----D---- C:\Qoobox
======List of files/folders modified in the last 1 months======
2010-05-14 16:40:32 ----AD---- C:\Program Files
2010-05-14 16:17:08 ----D---- C:\WINDOWS\Prefetch
2010-05-14 16:16:50 ----D---- C:\WINDOWS
2010-05-14 16:16:46 ----D---- C:\WINDOWS\Temp
2010-05-14 16:11:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-14 16:08:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-14 16:01:01 ----D---- C:\WINDOWS\system32
2010-05-14 16:01:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2005-12-27 164992]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2005-12-27 12544]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-02-19 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-02-19 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-03-07 707212]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2005-02-24 3454144]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 vdrv8000;vdrv8000; C:\WINDOWS\system32\DRIVERS\vdrv8000.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;AVC Device; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-11-20 223128]
S3 GT43XX;GT Combo 802.11g Wireless LAN Adapter Driver GT43XX; C:\WINDOWS\system32\DRIVERS\gtwl5.sys [2005-01-28 266496]
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys [2004-06-11 62035]
S3 GTEDGWModem;Option NV GTEDGWModem; C:\WINDOWS\system32\DRIVERS\GTEDG.sys [2005-01-28 107904]
S3 GTEDGWWNIC;Option NV GTEDGWWNIC; C:\WINDOWS\system32\DRIVERS\GTEDGNet.sys [2005-01-28 52864]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-04-10 10578]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2002-02-19 9600]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-02-19 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 ndiscm;Motorola USB Cable Modem Windows Driver; C:\WINDOWS\System32\DRIVERS\NetMotCM.sys [2003-08-10 14336]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2005-10-13 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2005-10-13 124928]
S3 OptionWWSC;GT Combo EDGE SIM Card Reader; C:\WINDOWS\system32\DRIVERS\GTEDGSC.sys [2005-01-28 21888]
S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-04-28 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TridDev;Trident Device; C:\WINDOWS\system32\DRIVERS\Triddev.sys [2006-07-22 3584]
S3 tridhid;tridhid - USB 2.0 HID Driver; C:\WINDOWS\system32\drivers\tridhid.sys [2006-09-18 15488]
S3 TridVid;Trident USB TV; C:\WINDOWS\system32\DRIVERS\TridVid.sys [2006-10-20 166912]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2005-05-26 21344]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2005-06-24 39036]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-12-06 104064]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2005-11-20 664064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-02-24 127043]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 bepldr;BCL easyPDF SDK 5 Loader; C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe [2007-03-01 151552]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
OTL logfile created on: 14.5.2010 17:42:38 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Honza Kryl\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
509,00 Mb Total Physical Memory | 219,00 Mb Available Physical Memory | 43,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 8,26 Gb Free Space | 11,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,73 Gb Total Space | 0,70 Gb Free Space | 18,83% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HONZA
Current User Name: Honza Kryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
PRC - [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.03 09:43:06 | 002,759,872 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\PrnPack.exe
PRC - [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic) -- C:\Program Files\T-Mobile Communication Centre\Centre.exe
PRC - [2006.07.11 12:06:40 | 003,144,800 | ---- | M] (ICQ Ltd.) -- C:\Program Files\ICQLite\ICQLite.exe
PRC - [2006.06.27 12:06:12 | 000,020,480 | R-S- | M] (Microsoft Corporation) -- C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe
PRC - [2006.06.14 23:11:40 | 000,180,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2006.06.02 01:33:00 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe
PRC - [2006.03.16 09:43:28 | 000,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005.12.13 08:49:08 | 000,217,088 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2005.11.07 10:09:18 | 000,120,320 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2005.10.28 13:54:50 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2005.10.26 17:17:24 | 000,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005.08.10 08:54:34 | 000,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005.06.08 17:45:04 | 000,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2005.06.06 23:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2005.05.07 15:00:38 | 000,020,992 | ---- | M] () -- C:\Program Files\Media Access\MediaAccK.exe
PRC - [2005.05.07 15:00:37 | 000,048,128 | ---- | M] () -- C:\Program Files\Media Access\MediaAccess.exe
PRC - [2005.03.04 03:36:46 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
PRC - [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2004.12.20 20:41:22 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2004.02.03 13:13:56 | 001,216,000 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
PRC - [2003.12.17 12:57:08 | 000,106,496 | ---- | M] (Sony Corporation.) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
PRC - [2003.11.21 22:02:42 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
PRC - [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2003.02.27 08:29:26 | 000,047,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2007.03.01 14:50:36 | 000,151,552 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe -- (bepldr)
========== Driver Services (SafeList) ==========
DRV - [2006.10.20 22:00:00 | 000,166,912 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TridVid.sys -- (TridVid)
DRV - [2006.09.18 04:44:12 | 000,015,488 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tridhid.sys -- (tridhid)
DRV - [2006.07.22 05:55:32 | 000,003,584 | R--- | M] (Trident Microsystem Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Triddev.sys -- (TridDev)
DRV - [2006.04.28 17:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.04.28 17:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.04.28 17:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.04.28 17:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.04.28 17:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006.04.28 17:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.04.28 17:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.04.22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2006.04.10 20:34:03 | 000,010,578 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.12.27 23:27:47 | 000,164,992 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\athsgt.sys -- (athsgt)
DRV - [2005.12.27 23:27:47 | 000,012,544 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\limsgt.sys -- (limsgt)
DRV - [2005.11.20 16:28:45 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2005.11.20 16:27:03 | 000,664,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2005.10.13 08:15:18 | 000,124,928 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2005.10.13 08:15:18 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2005.10.13 08:15:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.24 18:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005.05.26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.02.24 14:32:00 | 003,454,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.02.11 11:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.02.11 11:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.02.11 11:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.02.11 11:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.01.28 19:31:08 | 000,266,496 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtwl5.SYS -- (GT43XX)
DRV - [2005.01.28 19:30:56 | 000,021,888 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGSC.sys -- (OptionWWSC)
DRV - [2005.01.28 19:30:42 | 000,052,864 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGNet.sys -- (GTEDGWWNIC)
DRV - [2005.01.28 19:30:34 | 000,107,904 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDG.sys -- (GTEDGWModem)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2004.08.03 23:10:12 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004.08.03 23:10:12 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004.08.03 23:10:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2004.08.03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004.08.03 22:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004.06.11 17:44:50 | 000,062,035 | ---- | M] (Flextronics Design Korea Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtusbmdm_gpc6400.sys -- (gtcdcmdm) GTRAN USB CDC Driver (PID 3196)
DRV - [2003.12.03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003.08.10 02:32:14 | 000,014,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003.03.07 03:05:02 | 000,707,212 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002.02.19 17:43:08 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002.02.19 17:43:08 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2002.02.19 17:42:34 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IE PopUp-Killer) - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\popup.dll ()
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [bgsmsnd.exe] C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe ()
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF4237.cfx File not found
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [pdfSaver3] File not found
O4 - HKLM..\Run: [PrintPack dispatcher] C:\Program Files\Software602\Print2PDF\PrnPack.exe (Software602)
O4 - HKLM..\Run: [salm] c:\temp\salm.exe File not found
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Ashampoo PopUpBlocker] C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [T-Mobile Communication Centre] C:\Program Files\T-Mobile Communication Centre\Centre.exe (Gemfor s.r.o., Czech Republic)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe ()
O4 - Startup: C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe (Microsoft Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Vytvořit mobilní oblíbenou položku - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra Button: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra 'Tools' menuitem : Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.imgfarm.com/images/nocache/fu ... 0.0.15.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-445535400000} http://download.macromedia.com/pub/shoc ... wflash.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bt2 {1730B77B-F429-498f-9B15-4514D83C8294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-bt2 {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.01 16:44:34 | 000,000,121 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.05.14 17:27:34 | 000,000,103 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{212a7316-6a5e-11de-ba16-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{27b5f80a-2bfa-11da-b7a4-806d6172696f}\Shell\Open(O)\command - "" = C:\Recycled\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{3e4f44ee-b45f-11de-ba1d-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{443ad38a-4748-11dd-b9fb-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{5476929a-2b58-11dd-b9f9-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell - "" = AutoRun
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell\Open\command - "" = E:\resycled\boot.com -- File not found
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell - "" = AutoRun
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O33 - MountPoints2\{e5f2be83-1180-11df-ba21-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{e7847fd8-d61b-11de-ba1e-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{ffe2337a-10a8-11df-ba20-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005.04.27 17:19:35 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\mobileV.acm ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINDOWS\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.vp31 - vp31vfw.dll File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:28:08 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.14 16:12:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.14 16:10:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:42:13 | 007,864,320 | -H-- | M] () -- C:\Documents and Settings\Honza Kryl\NTUSER.DAT
[2010.05.14 16:24:26 | 003,688,866 | ---- | M] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2010.05.14 16:17:48 | 003,905,536 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mbb
[2010.05.14 16:17:48 | 001,875,968 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mb
[2010.05.14 16:16:42 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.14 16:12:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.14 16:12:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.14 16:11:03 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Honza Kryl\ntuser.ini
[2010.05.14 16:01:01 | 000,884,654 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.14 16:01:01 | 000,380,548 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.14 16:01:01 | 000,379,532 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.14 16:01:01 | 000,062,156 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.14 16:01:01 | 000,052,962 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.14 15:56:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.05.14 16:42:08 | 003,688,866 | ---- | C] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2009.09.07 21:02:03 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.09.07 20:58:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDESX100EXPORT.ini
[2008.07.01 13:19:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008.07.01 11:01:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\bgspmnt.dll
[2008.07.01 11:01:43 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2008.07.01 11:01:43 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2007.01.02 23:40:10 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\VendorCmdRW.dll
[2006.09.22 21:40:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2006.08.26 21:19:23 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005.12.27 23:27:47 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys
[2005.12.27 23:27:47 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys
[2005.11.17 11:48:51 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2005.11.11 12:02:37 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005.07.21 12:03:58 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2005.07.01 09:41:42 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2005.06.29 09:58:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.06.11 21:18:53 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005.06.11 19:54:53 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005.05.29 03:45:43 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2005.05.10 17:44:08 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys
[2005.04.30 23:58:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005.04.30 03:09:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.04.30 01:36:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005.04.30 00:39:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005.04.27 19:26:11 | 000,000,132 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.04.27 18:18:47 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005.04.27 17:34:09 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.02.17 12:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.02.17 12:31:58 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.02.17 12:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.02.17 12:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.02.17 12:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.02.17 12:31:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.02.17 12:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.07.03 22:08:04 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.06.12 15:55:32 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004.06.12 15:55:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LameEncShim.dll
[2000.09.08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
========== LOP Check ==========
[2005.10.21 11:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2006.06.29 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.09.07 21:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2005.05.29 02:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Anti-Virus Personal
[2006.09.15 21:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.09.07 21:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Honza Kryl\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
509,00 Mb Total Physical Memory | 219,00 Mb Available Physical Memory | 43,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 8,26 Gb Free Space | 11,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,73 Gb Total Space | 0,70 Gb Free Space | 18,83% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HONZA
Current User Name: Honza Kryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
PRC - [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.03 09:43:06 | 002,759,872 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\PrnPack.exe
PRC - [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic) -- C:\Program Files\T-Mobile Communication Centre\Centre.exe
PRC - [2006.07.11 12:06:40 | 003,144,800 | ---- | M] (ICQ Ltd.) -- C:\Program Files\ICQLite\ICQLite.exe
PRC - [2006.06.27 12:06:12 | 000,020,480 | R-S- | M] (Microsoft Corporation) -- C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe
PRC - [2006.06.14 23:11:40 | 000,180,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2006.06.02 01:33:00 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe
PRC - [2006.03.16 09:43:28 | 000,872,448 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005.12.13 08:49:08 | 000,217,088 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2005.11.07 10:09:18 | 000,120,320 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2005.10.28 13:54:50 | 000,471,040 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2005.10.26 17:17:24 | 000,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005.08.10 08:54:34 | 000,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005.06.08 17:45:04 | 000,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2005.06.06 23:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2005.05.07 15:00:38 | 000,020,992 | ---- | M] () -- C:\Program Files\Media Access\MediaAccK.exe
PRC - [2005.05.07 15:00:37 | 000,048,128 | ---- | M] () -- C:\Program Files\Media Access\MediaAccess.exe
PRC - [2005.03.04 03:36:46 | 000,036,975 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
PRC - [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2004.12.20 20:41:22 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2004.02.03 13:13:56 | 001,216,000 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe
PRC - [2003.12.17 12:57:08 | 000,106,496 | ---- | M] (Sony Corporation.) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
PRC - [2003.11.21 22:02:42 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
PRC - [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
PRC - [2003.02.27 08:29:26 | 000,047,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004.08.03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2007.03.01 14:50:36 | 000,151,552 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe -- (bepldr)
========== Driver Services (SafeList) ==========
DRV - [2006.10.20 22:00:00 | 000,166,912 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TridVid.sys -- (TridVid)
DRV - [2006.09.18 04:44:12 | 000,015,488 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tridhid.sys -- (tridhid)
DRV - [2006.07.22 05:55:32 | 000,003,584 | R--- | M] (Trident Microsystem Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Triddev.sys -- (TridDev)
DRV - [2006.04.28 17:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.04.28 17:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.04.28 17:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.04.28 17:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.04.28 17:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006.04.28 17:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.04.28 17:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.04.22 03:44:39 | 000,008,064 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2006.04.10 20:34:03 | 000,010,578 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.12.27 23:27:47 | 000,164,992 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\athsgt.sys -- (athsgt)
DRV - [2005.12.27 23:27:47 | 000,012,544 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\limsgt.sys -- (limsgt)
DRV - [2005.11.20 16:28:45 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2005.11.20 16:27:03 | 000,664,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2005.10.13 08:15:18 | 000,124,928 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2005.10.13 08:15:18 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2005.10.13 08:15:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.24 18:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005.05.26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.02.24 14:32:00 | 003,454,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.02.11 11:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.02.11 11:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.02.11 11:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.02.11 11:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.01.28 19:31:08 | 000,266,496 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtwl5.SYS -- (GT43XX)
DRV - [2005.01.28 19:30:56 | 000,021,888 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGSC.sys -- (OptionWWSC)
DRV - [2005.01.28 19:30:42 | 000,052,864 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGNet.sys -- (GTEDGWWNIC)
DRV - [2005.01.28 19:30:34 | 000,107,904 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDG.sys -- (GTEDGWModem)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2004.08.03 23:10:12 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004.08.03 23:10:12 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004.08.03 23:10:00 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2004.08.03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004.08.03 22:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004.06.11 17:44:50 | 000,062,035 | ---- | M] (Flextronics Design Korea Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtusbmdm_gpc6400.sys -- (gtcdcmdm) GTRAN USB CDC Driver (PID 3196)
DRV - [2003.12.03 18:44:58 | 000,013,566 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrbsvsd.sys -- (cdrbsvsd)
DRV - [2003.08.10 02:32:14 | 000,014,336 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2003.03.07 03:05:02 | 000,707,212 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002.02.19 17:43:08 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002.02.19 17:43:08 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
IE - HKU\S-1-5-21-790525478-1343024091-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2002.02.19 17:42:34 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IE PopUp-Killer) - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\popup.dll ()
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (ICQ Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [bgsmsnd.exe] C:\WINDOWS\system32\spool\drivers\w32x86\2\bgsmsnd.exe ()
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF4237.cfx File not found
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [pdfSaver3] File not found
O4 - HKLM..\Run: [PrintPack dispatcher] C:\Program Files\Software602\Print2PDF\PrnPack.exe (Software602)
O4 - HKLM..\Run: [salm] c:\temp\salm.exe File not found
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Ashampoo PopUpBlocker] C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\PopUpKiller.exe ()
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\Run: [T-Mobile Communication Centre] C:\Program Files\T-Mobile Communication Centre\Centre.exe (Gemfor s.r.o., Czech Republic)
O4 - HKU\S-1-5-21-790525478-1343024091-839522115-1003..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe ()
O4 - Startup: C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\ctfmon.exe (Microsoft Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1343024091-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Vytvořit mobilní oblíbenou položku - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra Button: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra 'Tools' menuitem : Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll (Software602 a.s.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.imgfarm.com/images/nocache/fu ... 0.0.15.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-445535400000} http://download.macromedia.com/pub/shoc ... wflash.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bt2 {1730B77B-F429-498f-9B15-4514D83C8294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-bt2 {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.01 16:44:34 | 000,000,121 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.05.14 17:27:34 | 000,000,103 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{212a7316-6a5e-11de-ba16-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{27b5f80a-2bfa-11da-b7a4-806d6172696f}\Shell\Open(O)\command - "" = C:\Recycled\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{3e4f44ee-b45f-11de-ba1d-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{443ad38a-4748-11dd-b9fb-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{5476929a-2b58-11dd-b9f9-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell - "" = AutoRun
O33 - MountPoints2\{7f76c5f6-df2a-11dd-ba10-00c09f2ed312}\Shell\Open\command - "" = E:\resycled\boot.com -- File not found
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell - "" = AutoRun
O33 - MountPoints2\{807a8519-4236-11da-b7c3-000f9fbd5519}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O33 - MountPoints2\{e5f2be83-1180-11df-ba21-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{e7847fd8-d61b-11de-ba1e-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O33 - MountPoints2\{ffe2337a-10a8-11df-ba20-00c09f2ed312}\Shell\Open(0)\command - "" = E:\Recycled\ctfmon.exe -- [2006.06.27 12:06:12 | 000,020,480 | RHS- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005.04.27 17:19:35 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\mobileV.acm ()
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINDOWS\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.vp31 - vp31vfw.dll File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:28:08 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.14 16:40:32 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.14 16:12:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.14 16:10:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\Honza Kryl\Plocha\Encore Hoyle Slots And Video Poker v1[1][1].0.0.2.
[2010.05.14 17:16:58 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza Kryl\Plocha\OTL.exe
[2010.05.14 16:42:13 | 007,864,320 | -H-- | M] () -- C:\Documents and Settings\Honza Kryl\NTUSER.DAT
[2010.05.14 16:24:26 | 003,688,866 | ---- | M] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2010.05.14 16:17:48 | 003,905,536 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mbb
[2010.05.14 16:17:48 | 001,875,968 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mb
[2010.05.14 16:16:42 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.14 16:12:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.14 16:12:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.14 16:11:03 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Honza Kryl\ntuser.ini
[2010.05.14 16:01:01 | 000,884,654 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.14 16:01:01 | 000,380,548 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.14 16:01:01 | 000,379,532 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.14 16:01:01 | 000,062,156 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.14 16:01:01 | 000,052,962 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.14 15:56:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.05.14 16:42:08 | 003,688,866 | ---- | C] () -- C:\Documents and Settings\Honza Kryl\Plocha\ComboFix.exe
[2009.09.07 21:02:03 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.09.07 20:58:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDESX100EXPORT.ini
[2008.07.01 13:19:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008.07.01 11:01:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\bgspmnt.dll
[2008.07.01 11:01:43 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2008.07.01 11:01:43 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2007.01.02 23:40:10 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\VendorCmdRW.dll
[2006.09.22 21:40:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2006.08.26 21:19:23 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005.12.27 23:27:47 | 000,164,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\athsgt.sys
[2005.12.27 23:27:47 | 000,012,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\limsgt.sys
[2005.11.17 11:48:51 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2005.11.11 12:02:37 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005.07.21 12:03:58 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2005.07.01 09:41:42 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2005.06.29 09:58:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.06.11 21:18:53 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2005.06.11 19:54:53 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005.05.29 03:45:43 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2005.05.10 17:44:08 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys
[2005.04.30 23:58:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005.04.30 03:09:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.04.30 01:36:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005.04.30 00:39:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005.04.27 19:26:11 | 000,000,132 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.04.27 18:18:47 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005.04.27 17:34:09 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.02.17 12:31:58 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.02.17 12:31:58 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.02.17 12:31:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.02.17 12:31:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.02.17 12:31:58 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.02.17 12:31:58 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.02.17 12:31:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004.07.03 22:08:04 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.06.12 15:55:32 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004.06.12 15:55:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LameEncShim.dll
[2000.09.08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
========== LOP Check ==========
[2005.10.21 11:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2006.06.29 21:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.09.07 21:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2005.05.29 02:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Anti-Virus Personal
[2006.09.15 21:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.09.07 21:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.10.13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation)
"Gadwin PrintScreen 2.6" = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash -- [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.)
"NBJ" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" -- [2005.04.08 18:43:22 | 001,953,792 | ---- | M] (Ahead Software AG)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" -- [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2006.03.13 11:10:54 | 019,543,592 | ---- | M] ()
"Ashampoo PopUpBlocker" = C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe -- [2004.02.03 13:13:56 | 001,216,000 | ---- | M] ()
"PcSync" = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog -- [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.)
"T-Mobile Communication Centre" = C:\Program Files\T-Mobile Communication Centre\Centre.exe -- [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic)
"EPSON SX100 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\WINDOWS\TEMP\E_S6A.tmp" /EF "HKCU" -- [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2006.09.15 21:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Adobe
[2007.01.09 18:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeAUM
[2007.09.02 11:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeUM
[2006.02.22 18:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Ahead
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2006.04.10 20:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Hamachi
[2005.06.30 18:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Help
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.04.27 17:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Identities
[2007.08.26 21:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InstallShield
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2005.05.14 15:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Macromedia
[2006.04.05 19:58:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Microsoft
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2010.05.14 17:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Skype
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2005.09.29 11:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Sun
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CDROM.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2002.08.29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2002.09.20 18:03:40 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 18:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2002.09.20 18:05:24 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.03 22:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2002.08.29 01:05:04 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\HAL.DLL
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2002.02.19 17:42:40 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2002.09.20 18:05:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2002.08.29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.20 18:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2002.09.20 18:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2002.09.20 18:05:44 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2002.02.19 17:43:42 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=C3A0EF5EF2DB54843C53077372508A0A -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2002.08.29 01:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
[2002.09.20 18:05:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2002.09.20 18:05:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2002.02.19 17:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=DEB54E4F9718CB8B4DD5883B13B40AB0 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2005.04.27 18:41:03 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005.04.27 18:41:03 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.04.27 18:41:02 | 000,401,408 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.05.14 16:16:42 | 000,023,773 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.05.14 16:01:01 | 000,062,156 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.05.14 16:01:01 | 000,052,962 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.05.14 16:01:01 | 000,379,532 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.05.14 16:01:01 | 000,380,548 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.05.14 16:01:01 | 000,884,654 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.05.14 15:56:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\xpsp1hfm.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\winhlp32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\unvise32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\UNNeroVision.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\UNNeroVision.cfg:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\zonedon.reg:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\zonedoff.reg:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\zipfldr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xvidvfw.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xvid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xvid.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xpsp1res.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xmlprovi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xmlprov.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wzcsapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauserv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauclt1.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstrenderer.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstpager.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshtcpip.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshbth.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wsecedit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wow32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wnaoldd.mod:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpshell.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpns.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmploc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpdxm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmaudsdk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wjview.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winspool.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winshfhc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winrnr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winntbbu.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winipsec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\win32spl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wiashext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wiadefui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wiaacmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webcheck.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webclnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wdigest.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wbed.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\watchdog.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w3ssl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w32time.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vssvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vssapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vct3216.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vbscript.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vbicodec.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vbajet32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\utilman.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\userinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\usbmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\url.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ups.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\upnp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unrar.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\uniplat.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unimdmat.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unimdm.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ulib.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TwnLib4.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TwnLib20.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\twext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tsappcmp.dll:KAVICHS
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.10.13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation)
"Gadwin PrintScreen 2.6" = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash -- [2003.07.16 11:29:24 | 000,913,408 | ---- | M] (Gadwin Systems, Inc.)
"NBJ" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" -- [2005.04.08 18:43:22 | 001,953,792 | ---- | M] (Ahead Software AG)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" -- [2005.01.19 16:07:20 | 000,405,583 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2006.03.13 11:10:54 | 019,543,592 | ---- | M] ()
"Ashampoo PopUpBlocker" = C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe -- [2004.02.03 13:13:56 | 001,216,000 | ---- | M] ()
"PcSync" = C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog -- [2005.11.30 16:56:02 | 001,306,624 | ---- | M] (Time Information Services Ltd.)
"T-Mobile Communication Centre" = C:\Program Files\T-Mobile Communication Centre\Centre.exe -- [2006.07.29 11:19:44 | 000,687,163 | ---- | M] (Gemfor s.r.o., Czech Republic)
"EPSON SX100 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\WINDOWS\TEMP\E_S6A.tmp" /EF "HKCU" -- [2008.02.05 17:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.08.14 15:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\.bt2
[2006.09.15 21:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Adobe
[2007.01.09 18:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeAUM
[2007.09.02 11:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\AdobeUM
[2006.02.22 18:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Ahead
[2005.09.29 11:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Azureus
[2005.04.30 01:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\CD-LabelPrint
[2006.06.29 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Datalayer
[2006.04.27 17:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Elaborate Bytes
[2006.02.21 16:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Flexigen
[2005.06.05 23:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\funkitron
[2006.04.10 20:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Hamachi
[2005.06.30 18:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Help
[2005.04.27 18:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\ICQLite
[2005.04.27 17:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Identities
[2007.08.26 21:07:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InstallShield
[2005.07.19 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\InterTrust
[2007.02.17 17:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Leadertech
[2008.07.01 16:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LGSync
[2006.01.30 20:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\LingobitLingobit Localizer Trial4.2.1925
[2005.05.14 15:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Macromedia
[2006.04.05 19:58:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Microsoft
[2006.06.29 21:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia
[2006.06.30 09:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Nokia Multimedia Player
[2006.06.29 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\PC Suite
[2008.07.01 11:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\pdfMachine
[2010.05.14 17:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Skype
[2005.09.01 20:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Software602
[2005.09.29 11:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Sun
[2006.09.15 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Teleca
[2005.05.31 01:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\WebCompiler3
[2005.12.21 14:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Wočko
[2006.01.08 15:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza Kryl\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: CDROM.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2002.08.29 01:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2002.09.20 18:03:40 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 18:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2002.09.20 18:05:24 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.03 22:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2002.08.29 01:05:04 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\HAL.DLL
< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2002.02.19 17:42:40 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2002.09.20 18:05:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2002.08.29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.20 18:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2002.09.20 18:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2002.09.20 18:05:44 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2002.02.19 17:43:42 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=C3A0EF5EF2DB54843C53077372508A0A -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2002.08.29 01:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
[2002.09.20 18:05:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2002.09.20 18:05:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2002.02.19 17:44:02 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=DEB54E4F9718CB8B4DD5883B13B40AB0 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2005.04.27 18:41:03 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005.04.27 18:41:03 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.04.27 18:41:02 | 000,401,408 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.05.14 16:16:42 | 000,023,773 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.05.14 16:01:01 | 000,062,156 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.05.14 16:01:01 | 000,052,962 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.05.14 16:01:01 | 000,379,532 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.05.14 16:01:01 | 000,380,548 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.05.14 16:01:01 | 000,884,654 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.05.14 15:56:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\xpsp1hfm.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\winhlp32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\unvise32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\UNNeroVision.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\UNNeroVision.cfg:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\zonedon.reg:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\zonedoff.reg:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\zipfldr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xvidvfw.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xvid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xvid.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xpsp1res.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xmlprovi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xmlprov.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wzcsapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauserv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauclt1.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstrenderer.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstpager.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshtcpip.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshbth.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wsecedit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wow32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wnaoldd.mod:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpshell.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpns.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmploc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpdxm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmaudsdk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wjview.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winspool.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winshfhc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winrnr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winntbbu.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winipsec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\win32spl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wiashext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wiadefui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wiaacmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webcheck.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webclnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wdigest.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wbed.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\watchdog.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w3ssl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w32time.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vssvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vssapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vct3216.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vbscript.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vbicodec.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vbajet32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\utilman.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\userinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\usbmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\url.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ups.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\upnp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unrar.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\uniplat.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unimdmat.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unimdm.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ulib.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TwnLib4.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TwnLib20.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\twext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tsappcmp.dll:KAVICHS
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\trkwks.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tourstart.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tlntsvr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timedate.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\threed32.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\themeui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\termsrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tcpmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\taskmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\t2embed.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sysmon.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sysdm.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\svchost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\strmfilt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stobject.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sti_ci.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sti.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole2.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ssdpsrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srrstr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srclient.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spoolss.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spider.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spdwnwxp.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sorttbls.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\snmpapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sndrec32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smtpapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smlogsvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smbinst.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slserv.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slrundll.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slgen.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slextspk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slcoinst.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slayerxp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sl_anet.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sigtab.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\schedsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shmgrate.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shmedia.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shimgvw.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shgina.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shdoclc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfcfiles.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfc_os.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sethc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sessmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\services.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sens.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\seclogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\s3gnb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rwnh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\runonce.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rundll32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rtutils.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvpsp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsaenh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\remotesp.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\remotepg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\regsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rdshost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rcimlby.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rastls.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rastapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasppp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\raschap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qdvd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qdv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qcap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pstorsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pstorec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psbase.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\progman.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\powercfg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\powercfg.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pnrpnsp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pjlmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pifmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\picn20.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\perfproc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\perfos.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2psvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2pnetsh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2pgraph.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2pgasvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2p.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\osk.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\opengl32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olepro32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbcint.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbccp32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbcad32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ocmanage.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\occache.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nwiz.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nwc.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrszht.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrszhc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrssv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsru.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsnl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsko.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsja.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsfr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrses.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrseng.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsde.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsda.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwimg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwdmcpl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwddi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvudisp.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvsvc32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvshell.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrszht.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrszhc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrssv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsru.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsnl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsko.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsja.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsfr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrses.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrseng.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsde.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsda.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvoglnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvmctray.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nview.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvdspsch.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvdisp.nvu:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nv4_disp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntvdmd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntvdm.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntshrui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntsdexts.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntmarta.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntlsapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntlanui2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntlanman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntbackup.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\notepad.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\newdev.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netsetup.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netdde.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NeroCheck.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ndptsp.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mydocs.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mtxparhd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3a.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mswdat10.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvidc32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvcirt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvbvm60.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msv1_0.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstsc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstlsapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstask.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msrle32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msratelc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msprivs.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msports.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mspatcha.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mspaint.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msls31.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msjint40.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msjdbc10.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msimtf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msieftp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msidle.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msident.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshtml.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msh261.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdxm.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdtclog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdtc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdmo.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdart.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdadiag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msaud32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msadp32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpg4c32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpg2splt.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\moricons.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\modemui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mobsync.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mnmsrvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmcndmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmcbase.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\midimap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfcsubs.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc70.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc42.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc40loc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc40.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mdmxsdk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mdminst.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcicda.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mciavi32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcdvd_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcd32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\magnify.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LTOCX12n.INF:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lsass.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logonui.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logon.scr:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\locator.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\localspl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\locale.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\loadperf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lmhsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\licwmi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LFTIF12n.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfmpg12n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfgif12n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LFFAX12n.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LFCMP12n.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfavi12n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kmddsp.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdukx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdsmsno.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdsmsfi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdno1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdmlt48.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdmlt47.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdmaori.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdinmal.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdinben.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdinbe1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdfi1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdcz.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jview.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\joy.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jgsd400.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\javaee.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ivfsrc.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iuengine.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir50_qcx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir50_qc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir41_32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsink.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsecsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipconf.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\intl.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\input.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetpp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetmib1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcplc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcpl.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imapi.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagXR7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagXpr7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagX7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imaadp32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ieencode.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iedkcs32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ie4uinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iccvid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iac25_32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\httpapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\html.iec:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hsfcisp2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hotplug.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetwiz.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetcfg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\himem.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hidphone.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HAL.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\h323.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\glu32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\geo.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gcdef.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fwcfg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fsquirt.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fldrclnr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\flash.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\filemgmt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\feclient.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\faultrep.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\exts.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\extrac32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ersvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\encdec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\els.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxdllreg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxdiagn.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxdiag.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dx8vb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dx7vb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dx3j.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dwwin.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dumprep.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dswave.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dssenh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsound3d.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dskquoui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dskquota.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsdmoprp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsdmo.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ds16gt.dLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drprov.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wceusbsh.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\watv10nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\watv06nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv11nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv09nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv08nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv07nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wacompen.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\videoprt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\viaagp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\vchnt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\vga.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbvideo.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbser.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbprint.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbport.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbohci.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbhub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbehci.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usb8023x.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\uagp35.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdtcp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdpipe.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sysaudio.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\swmidi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\swenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\sr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\SONYPVU1.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\smbali.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slwdmsup.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slnthal.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slntamr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slnt7554.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\sisagp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\siint5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sffp_sd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sffdisk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\serenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sdbus.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\scsiport.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\s3gnbm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rndismpx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rfcomm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\redbook.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\recagent.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rdpdr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\raspptp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\processr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\pciidex.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\partmgr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\ohci1394.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nv4_mini.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ntmtlfax.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\netwlan5.img:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\NetMotCM.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\netbt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\netbios.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ndproxy.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ndis.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mutohpen.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mup.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mtxparhm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mtlstrm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mtlmnt5.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\msgpc.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mountmgr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouclass.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mdmxsdk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\limsgt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\kbdclass.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\isapnp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\irbus.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\i8042prt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ch7xxnt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hsfdpsp2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hsfcxts2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hsfbs2s2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidusb.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidparse.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidir.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidclass.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidbth.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gagp30kx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fips.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxg.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Drivers\dtscsi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\drmkaud.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmio.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmboot.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cxthsfs2.cty:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\classpnp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthusb.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthprint.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthport.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthpan.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthmodem.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\battc.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv10nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv06nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv04nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv02nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv01nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ativmc20.cod:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinxsxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinxbxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atintuxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinttxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinsnxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinrvxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinraxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinpdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinmdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinbtxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati2mtag.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati2mtaa.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1xsxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1xbxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1tuxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1ttxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1snxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1rvxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1raxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1pdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1mdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1btxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\athsgt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\aswRdr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\amdagp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\alim1541.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ALCXWDM.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\agpcpq.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\agp440.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\afd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv11nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv09nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv08nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv07nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv05nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv02nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv01nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\61883.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\1394bus.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpwsockx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvvox.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvsetup.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvoice.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvacm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpserial.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnsvr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnlobby.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnhupnp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnhpast.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnet.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnaddr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpmodemx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dplaysvr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dplay.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpcdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\docprop.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmusic.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmsynth.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmstyle.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmserver.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmscript.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmloader.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmime.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmcompos.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmband.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmadmin.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllhost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\gcdef.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dpcdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dimap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\diactfrm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dxof.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3drm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dramp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dpmesh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dim.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dispex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\diskcopy.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dimap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\digest.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\diactfrm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrgui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrgsnap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrg.msc:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devenum.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskperf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskadp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\defrag.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ddrawex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dbgeng.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\davclnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dxof.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dx9_26.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dramp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dim700.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dim.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tourstart.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tlntsvr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timedate.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\threed32.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\themeui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\termsrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tcpmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\taskmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\t2embed.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sysmon.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sysdm.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\svchost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\strmfilt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stobject.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sti_ci.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sti.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole2.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ssdpsrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srrstr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srclient.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spoolss.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spider.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spdwnwxp.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sorttbls.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\snmpapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sndrec32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smtpapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smlogsvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smbinst.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slserv.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slrundll.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slgen.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slextspk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slcoinst.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\slayerxp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sl_anet.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sigtab.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\schedsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shmgrate.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shmedia.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shimgvw.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shgina.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shdoclc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfcfiles.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfc_os.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sethc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sessmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\services.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sens.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\seclogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\s3gnb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rwnh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\runonce.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rundll32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rtutils.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvpsp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsaenh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\remotesp.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\remotepg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\regsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rdshost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rcimlby.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rastls.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rastapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasppp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\raschap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qdvd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qdv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\qcap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pstorsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pstorec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psbase.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\progman.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\powercfg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\powercfg.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pnrpnsp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pjlmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pifmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\picn20.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\perfproc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\perfos.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2psvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2pnetsh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2pgraph.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2pgasvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\p2p.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\osk.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\opengl32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olepro32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbcint.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbccp32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbcad32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ocmanage.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\occache.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nwiz.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nwc.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrszht.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrszhc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrssv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsru.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsnl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsko.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsja.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsfr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrses.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrseng.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsde.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwrsda.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwimg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwdmcpl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvwddi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvudisp.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvsvc32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvshell.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrszht.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrszhc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrssv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsru.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsnl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsko.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsja.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsfr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrses.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrseng.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsde.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrsda.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvoglnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvmctray.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nview.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvdspsch.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvdisp.nvu:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nv4_disp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntvdmd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntvdm.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntshrui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntsdexts.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntmarta.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntlsapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntlanui2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntlanman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntbackup.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\notepad.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\newdev.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netsetup.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netdde.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NeroCheck.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ndptsp.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mydocs.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mtxparhd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3a.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mswdat10.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvidc32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvcirt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvbvm60.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msv1_0.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstsc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstlsapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstask.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msrle32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msratelc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msprivs.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msports.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mspatcha.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mspaint.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msls31.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msjint40.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msjdbc10.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msimtf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msieftp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msidle.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msident.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshtml.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msh261.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdxm.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdtclog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdtc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdmo.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdart.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msdadiag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msaud32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msadp32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpg4c32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpg2splt.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\moricons.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\modemui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mobsync.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mnmsrvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmcndmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmcbase.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\midimap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfcsubs.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc70.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc42.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc40loc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc40.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mdmxsdk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mdminst.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcicda.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mciavi32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcdvd_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcd32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\magnify.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LTOCX12n.INF:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lsass.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logonui.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logon.scr:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\locator.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\localspl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\locale.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\loadperf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lmhsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\licwmi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LFTIF12n.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfmpg12n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfgif12n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LFFAX12n.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LFCMP12n.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfavi12n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kmddsp.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdukx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdsmsno.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdsmsfi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdno1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdmlt48.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdmlt47.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdmaori.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdinmal.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdinben.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdinbe1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdfi1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdcz.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jview.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\joy.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jgsd400.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\javaee.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ivfsrc.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iuengine.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir50_qcx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir50_qc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir41_32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsink.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsecsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipconf.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\intl.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\input.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetpp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetmib1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcplc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcpl.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imapi.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagXR7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagXpr7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagX7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imaadp32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ieencode.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iedkcs32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ie4uinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iccvid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iac25_32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\httpapi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\html.iec:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hsfcisp2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hotplug.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetwiz.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetcfg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\himem.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hidphone.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HAL.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\h323.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\glu32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\geo.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gcdef.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fwcfg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fsquirt.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fldrclnr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\flash.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\filemgmt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\feclient.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\faultrep.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\exts.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\extrac32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ersvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\encdec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\els.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxdllreg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxdiagn.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxdiag.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dx8vb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dx7vb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dx3j.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dwwin.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dumprep.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dswave.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dssenh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsound3d.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dskquoui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dskquota.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsdmoprp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsdmo.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ds16gt.dLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drprov.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wceusbsh.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\watv10nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\watv06nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv11nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv09nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv08nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wadv07nt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wacompen.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\videoprt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\viaagp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\vchnt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\vga.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbvideo.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbser.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbprint.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbport.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbohci.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbhub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbehci.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usb8023x.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\uagp35.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdtcp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdpipe.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sysaudio.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\swmidi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\swenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\sr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\SONYPVU1.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\smbali.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slwdmsup.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slnthal.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slntamr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\slnt7554.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\sisagp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\siint5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sffp_sd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sffdisk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\serenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sdbus.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\scsiport.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\s3gnbm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rndismpx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rfcomm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\redbook.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\recagent.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rdpdr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\raspptp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\processr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\pciidex.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\partmgr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\ohci1394.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nv4_mini.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ntmtlfax.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\netwlan5.img:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\NetMotCM.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\netbt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\netbios.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ndproxy.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ndis.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mutohpen.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mup.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mtxparhm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mtlstrm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mtlmnt5.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\msgpc.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mountmgr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouclass.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mdmxsdk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\limsgt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\kbdclass.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\isapnp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\irbus.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\i8042prt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ch7xxnt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hsfdpsp2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hsfcxts2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hsfbs2s2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidusb.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidparse.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidir.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidclass.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidbth.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gagp30kx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fips.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxg.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Drivers\dtscsi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\drmkaud.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmio.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmboot.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cxthsfs2.cty:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\classpnp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthusb.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthprint.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthport.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthpan.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthmodem.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bthenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\battc.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv10nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv06nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv04nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv02nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atv01nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ativmc20.cod:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinxsxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinxbxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atintuxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinttxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinsnxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinrvxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinraxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinpdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinmdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atinbtxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati2mtag.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati2mtaa.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1xsxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1xbxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1tuxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1ttxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1snxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1rvxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1raxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1pdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1mdxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ati1btxx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\athsgt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\aswRdr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\amdagp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\alim1541.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ALCXWDM.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\agpcpq.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\agp440.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\afd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv11nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv09nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv08nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv07nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv05nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv02nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\adv01nt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\61883.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\1394bus.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpwsockx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvvox.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvsetup.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvoice.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpvacm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpserial.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnsvr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnlobby.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnhupnp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnhpast.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnet.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnaddr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpmodemx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dplaysvr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dplay.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpcdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\docprop.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmusic.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmsynth.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmstyle.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmserver.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmscript.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmloader.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmime.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmcompos.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmband.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmadmin.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllhost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\gcdef.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dpcdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dimap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\diactfrm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dxof.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3drm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dramp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dpmesh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\d3dim.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_0411.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_040c.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dispex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\diskcopy.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dimap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\digest.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\diactfrm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrgui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrgsnap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrg.msc:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devenum.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskperf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskadp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\defrag.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ddrawex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dbgeng.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\davclnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dxof.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dx9_26.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dramp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dim700.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dim.dll:KAVICHS
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d9.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d8thk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d8.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctl3dv2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctfmon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\csrss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cscui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptnet.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\credui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\corpol.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\control.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\conime.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comuid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comsdupd.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comrepl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\command.com:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comdlg32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comctl32.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cnbjmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CmdLineExt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cmd.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clspack.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clipsrv.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cleanmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clbcatex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cisvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\certcli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_950.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_949.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_936.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_932.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28592.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28591.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1258.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1257.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1256.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1255.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1254.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\btpanui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bthserv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browser.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browselc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\blastcln.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bitsprx3.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bitsprx2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\basesrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\AVASTSS.scr:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\autofmt.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\auditusr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\audiosrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atmfd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativvaxx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativtmxx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativmvxx.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativdaxx.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati3duag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati3d1ag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2dvag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2dvaa.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2cqag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\asycfilt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\aswBoot.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\appwiz.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\amstream.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\alg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\alf2cd.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\adsldpc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\actxprxy.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\actskin4.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\accwiz.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ac3filter.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\602sec8.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System\crlds3d.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\spupdsvc.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\slrundll.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\setupapi.log.0.old:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\setdebug.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\sessmgr.setup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\userinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\svchost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\smss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\scecli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\ndis.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\lsass.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\changer.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\hal.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\explorer.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\cdrom.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\agp440.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\popcinfo.dat:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ocgen.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ntdtcsetup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\notepad.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB903235.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB898461.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB896688.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB893803v2.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB886185.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB823980.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\IsUninst.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ir50_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\iis6.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\FaxSetup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\comsetup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\_default.pif:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\userinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\svchost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\smss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\ndis.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\lsass.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\hal.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\explorer.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Program Files\QuickTime\qttask.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\NTDETECT.COM:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\zspoof.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\wrar342cz.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Winamp.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\UltraISO.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Skype.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Ski Racing 2006.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\sd4hide.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\rld-pes5.iso:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Nero StartSmart.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\jaaajjajaja.bmp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Gadwin PrintScreen.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Data aplikací\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\PowerDVD.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Picture Package Menu.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Picture Package Menu destination Folder.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Need for Speed™ Most Wanted.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Easy-PhotoPrint.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Canon Easy-PrintToolBox.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Call of Duty(R) 2 Singleplayer.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Call of Duty(R) 2 Multiplayer.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\AvRack.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Acrobat Reader 5.0 CE.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package VCD Maker.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package Menu.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Dokumenty\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Data aplikací\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\boot.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Zrnko kávy.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Zelený kámen.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Zapotec.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WORDPAD.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WMSysPrx.prx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WMSysPr8.prx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\wmprfCSY.prx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt256.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winhelp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Windows Update.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vmmreg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vminst.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vbaddin.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vb.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\updspapi.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\unvise32qt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain_32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tsoc.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Textura peří.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\taskman.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tabletoc.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Zobrazit kanály.scf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xenroll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xcopy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xactsrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wzcdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wstdecod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wsnmp32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshom.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshnetbs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshisn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wship6.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshcon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshatm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\write.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpnpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpabaln.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfaxui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowdeb.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvcore2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8ds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmstream.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmsdmoe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpstub.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpscheme.xml:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcore.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmp.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmm2fxb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmm2fxa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmm2filt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiscmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmimgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmidx.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmerrcsy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winver.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winstrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winspool.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winoldap.mod:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winbrand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win87em.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavusd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiascr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiadss.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wextract.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webvw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webhits.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webfldrs.msi:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdl.trm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdefs.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wavemsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32topl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32tm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssadmin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vjoy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ver.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vdmredir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vcdex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbscs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbisurf.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VB5DB.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\v7vga.rom:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvpa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvoica.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv80a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv42a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsvpia.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrshuta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsdpia.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrrtosa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrprbda.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrmlnka.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlogon.cmd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlbva.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrfaxa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdtea.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdpa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcoina.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcntra.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usbui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ureg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\upnpui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\upnpcont.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\untfs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unlodctr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umandlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ufat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\udhisapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typeperf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typelib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsshutdn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskill.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsdiscon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsddd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscupgrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscfgwmi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tree.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracerpt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\toolhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntsvrp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntsess.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntadmn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termcap:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\telephon.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tdc.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmonui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcmsetup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskman.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tasklist.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskkill.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi3.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systray.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systeminfo.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprtj.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprint.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysocmgr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syskey.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinfo.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\synceng.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncapp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\swprv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\svcpack.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subrange.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\streamci.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\storage.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\stimon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\stclient.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sstext3d.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssstars.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sspipes.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmyst.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmypics.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmarque.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssflwbox.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssbezier.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ss3dfo.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwoa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwid.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlunirl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spxcoins.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spupdwxp.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio800.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio600.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprestrt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnike.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spiisupd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sort.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\snmpsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\smlogcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbrccsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbiop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skeys.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sisbkup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\simpdata.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sigverif.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\schtasks.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shutdown.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shscrap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shrpubw.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shiftjis.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shellstyle.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\share.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shadow.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfmapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setver.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setupdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serwvdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\services.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\servdeps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serialui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\senscfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sendmail.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sendcmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secpol.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdpblb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdbinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrncs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrobj.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrnsave.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scriptpw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scripto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scredir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scocs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sclgntfy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccsccp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccbase.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardssp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scarddlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbeio.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\savedump.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrslv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrcdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rwinsta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runas.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtipxmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtcshare.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpcnts.h:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d8thk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d8.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctl3dv2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctfmon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\csrss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cscui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptnet.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\credui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\corpol.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\control.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\conime.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comuid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comsdupd.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comrepl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\command.com:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comdlg32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comctl32.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cnbjmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CmdLineExt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cmd.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clspack.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clipsrv.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cleanmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clbcatex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cisvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\certcli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_950.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_949.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_936.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_932.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28592.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28591.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1258.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1257.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1256.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1255.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1254.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\btpanui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bthserv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browser.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browselc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\blastcln.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bitsprx3.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bitsprx2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\basesrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\AVASTSS.scr:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\autofmt.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\auditusr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\audiosrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atmfd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativvaxx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativtmxx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativmvxx.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ativdaxx.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati3duag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati3d1ag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2dvag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2dvaa.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ati2cqag.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\asycfilt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\aswBoot.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\appwiz.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\amstream.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\alg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\alf2cd.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\adsldpc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\actxprxy.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\actskin4.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\accwiz.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ac3filter.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\602sec8.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System\crlds3d.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\spupdsvc.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\slrundll.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\setupapi.log.0.old:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\setdebug.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\sessmgr.setup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\userinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\svchost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\smss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\scecli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\ndis.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\lsass.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\changer.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\hal.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\explorer.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\cdrom.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ServicePackFiles\i386\agp440.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\popcinfo.dat:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ocgen.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ntdtcsetup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\notepad.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB903235.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB898461.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB896688.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB893803v2.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB886185.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB823980.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\IsUninst.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ir50_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\iis6.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\FaxSetup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\comsetup.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\_default.pif:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\userinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\svchost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\smss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\ndis.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\lsass.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\hal.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\explorer.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Program Files\QuickTime\qttask.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\NTDETECT.COM:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\zspoof.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\wrar342cz.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Winamp.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\UltraISO.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Skype.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Ski Racing 2006.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\sd4hide.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\rld-pes5.iso:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Nero StartSmart.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\jaaajjajaja.bmp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Gadwin PrintScreen.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Nabídka Start\Programy\Po spuštění\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Honza Kryl\Data aplikací\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\PowerDVD.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Picture Package Menu.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Picture Package Menu destination Folder.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Need for Speed™ Most Wanted.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Easy-PhotoPrint.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Canon Easy-PrintToolBox.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Call of Duty(R) 2 Singleplayer.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Call of Duty(R) 2 Multiplayer.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\AvRack.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Plocha\Acrobat Reader 5.0 CE.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package VCD Maker.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Picture Package Menu.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Dokumenty\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Data aplikací\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\boot.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Zrnko kávy.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Zelený kámen.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Zapotec.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WORDPAD.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WMSysPrx.prx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WMSysPr8.prx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\wmprfCSY.prx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt256.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winhelp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Windows Update.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vmmreg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vminst.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vbaddin.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vb.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\updspapi.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\unvise32qt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain_32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tsoc.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Textura peří.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\taskman.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tabletoc.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Zobrazit kanály.scf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xenroll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xcopy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xactsrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wzcdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wstdecod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wsnmp32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshom.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshnetbs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshisn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wship6.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshcon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshatm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\write.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpnpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpabaln.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfaxui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowdeb.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvcore2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8ds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmstream.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmsdmoe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpstub.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpscheme.xml:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcore.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmp.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmm2fxb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmm2fxa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmm2filt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiscmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmimgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmidx.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmerrcsy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winver.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winstrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winspool.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winoldap.mod:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winbrand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win87em.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavusd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiascr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiadss.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wextract.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webvw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webhits.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webfldrs.msi:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdl.trm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdefs.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wavemsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32topl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32tm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssadmin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vjoy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ver.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vdmredir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vcdex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbscs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbisurf.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VB5DB.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\v7vga.rom:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvpa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvoica.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv80a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv42a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsvpia.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrshuta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsdpia.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrrtosa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrprbda.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrmlnka.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlogon.cmd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlbva.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrfaxa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdtea.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdpa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcoina.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcntra.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usbui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ureg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\upnpui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\upnpcont.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\untfs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unlodctr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umandlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ufat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\udhisapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typeperf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typelib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsshutdn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskill.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsdiscon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsddd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscupgrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscfgwmi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tree.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracerpt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\toolhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntsvrp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntsess.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntadmn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termcap:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\telephon.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tdc.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmonui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcmsetup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskman.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tasklist.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskkill.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi3.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systray.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systeminfo.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprtj.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprint.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysocmgr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syskey.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinfo.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\synceng.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncapp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\swprv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\svcpack.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subrange.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\streamci.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\storage.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\stimon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\stclient.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sstext3d.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssstars.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sspipes.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmyst.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmypics.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmarque.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssflwbox.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssbezier.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ss3dfo.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwoa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwid.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlunirl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spxcoins.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spupdwxp.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio800.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio600.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprestrt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnike.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spiisupd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sort.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\snmpsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\smlogcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbrccsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbiop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skeys.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sisbkup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\simpdata.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sigverif.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\schtasks.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shutdown.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shscrap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shrpubw.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shiftjis.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shellstyle.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\share.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shadow.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfmapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setver.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setupdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serwvdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\services.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\servdeps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serialui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\senscfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sendmail.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sendcmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secpol.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdpblb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdbinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrncs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrobj.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrnsave.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scriptpw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scripto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scredir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scocs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sclgntfy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccsccp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccbase.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardssp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scarddlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbeio.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\savedump.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrslv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrcdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rwinsta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runas.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtipxmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtcshare.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpcnts.h:KAVICHS
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsopprov.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsnotify.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmui.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmsink.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rshx32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsh.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsfsaps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsaci.rat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rpcns4.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routetab.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routemon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\route.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rnr20.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reset.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\replace.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rend.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\relog.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwizc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwiz.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regini.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regedt32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\redir.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\recover.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdsaddin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpwsx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpsnd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpdd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpclip.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpcfgex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdchost.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rcp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasser.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rassapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasrad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasphone.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmxs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasdial.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrnm.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasautou.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasauto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\racpldlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qwinsta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qtplugin.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qprocess.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qosname.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qmgrprxy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qedwipes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qedit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qappsrv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pxhpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pubprn.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psnppagn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdcnt.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pscript.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proxycfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proquota.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prodspec.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proctexe.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnqctl.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnport.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnmngr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnjobs.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prndrvr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prncnfg.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\print.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prflbmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ppcload.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\polstore.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmspl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmailext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plustab.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\photowiz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfts.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnet.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfmon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi009.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi005.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfdisk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd009.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd005.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pentnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pdh.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pcl.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pautoenr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pathping.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\paqsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\panmap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pagefileconfig.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\packager.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\openfiles.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oleprn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2nls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2disp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\offfilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odtext32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odpdx32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odfox32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odexl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oddbse32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbctrac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcp32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcjt32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcji32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccu32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccr32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccp32.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.rsp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcbcp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc32gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc16gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\objsel.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwscript.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwevent.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwapi16.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nw16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcodins.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nusrmgr.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntprint.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmssvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsoprq.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsevt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsdba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntimage.gif:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdsbcli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nslookup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nscompat.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\npptools.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.tha:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.cht:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.chs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.eng:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmmkcert.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmevtmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlsfunc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlhtml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netware.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netstat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netsh.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netplwiz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\neth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net1.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nddenb32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nddeapir.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncxpnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncpa.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nbtstat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrhook.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrator.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxlegih.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxbde40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mswstr10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mswinsck.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mswebdvd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msw3prt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvidctl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcrt20.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp71.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msutb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msuni11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstscax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstinit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstext40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswchx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswch.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msstdfmt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssip32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msscript.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msscds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrepl40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrecr40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrd3x40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrd2x40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrclr40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2cenu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2c.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mspbde40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msorcl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msorc32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msobjs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msnsspc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msmapi32.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msltus40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mslbui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjtes40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjter40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjetoledb40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjet40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msisam11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msinet.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mshtmler.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mshta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msgsvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MsgStRPC.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msexch40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msexcl40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msencode.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdxmlc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdatsrc.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msctfp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msctfime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscpxl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscpx32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msconf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscomctl.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscomct2.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscdexnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaudite.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msapsspc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msafd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msadds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msacm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaatext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mrinfo.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqtrig.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqtgsvc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqsvc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqrtdep.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqprfsym.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa20.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa10.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqlogmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqgentr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqcertui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqbkup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprdim.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprddm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpnotify.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mplay32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpg4ds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpg4dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpeg2data.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mp4sdmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mp43dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mountvol.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\more.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\modex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mode.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mobsync.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mnmdd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmutilse.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmtask.tsk:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmfutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdriver.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmcshext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_qic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_mtf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_hp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mindex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mimefilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\migpwd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\miglibnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mib.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mchgrcoi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mgmtapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc71.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mem.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdwmdmsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdhcp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciqtz32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole16.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciavi.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcdsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcastmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapistub.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\makecab.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mag_hook.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lzexpand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lusrmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprmonui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpq.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logoff.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logman.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\login.cmd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loghours.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lodctr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\localui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\localsec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loadfix.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lnkstub.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lmrt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\licmgr10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LegitCheckControl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lanman.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\langwrbk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LameEncShim.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\label.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_except.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\korean.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keymgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\key01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kd1394.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdro.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdno.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdnec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdne.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdla.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit142.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgae.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbddv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdda.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcan.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdca.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbene.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\KBDAL.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kb16.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_2.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_1.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jobexec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsh400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgmd400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgaw400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jet500.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ixsso.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\isrdbg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\isign32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irclass.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxwan.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxsap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrtmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxroute.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrip.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxpromn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipv6mon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipv6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsmsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsecsnp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsec6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtrmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtprio.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ippromon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipconfig.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iologmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\instcat.sql:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\initpki.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\infosoft.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetppui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imeshare.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ImagXRA7.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ils.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ijl15.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iissuba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igmpagnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iexpress.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieuinit.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iesetup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iernonce.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieakui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieaksie.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieakeng.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\idq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ideograf.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ide21201.vxd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icwphbk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icwdial.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassvcs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassdo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassam.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrecst.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iaspolcy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iashlpr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasads.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasacct.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkntfs.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkdsk.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chcp.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\htui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hostname.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\homepage.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hnetmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\help.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hdwwiz.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hccoin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\h323msp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\grpconv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.pro:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graftabl.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpupdate.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gptext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpresult.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkrsrc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpedit.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpedit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\glmf32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\getuname.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\getmac.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\GdiPlus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gb2312.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\g711codc.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftsrch.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsutil.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsusd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\framebuf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\format.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\forcedos.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontview.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontsub.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FMVSlider.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fixmapi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\finger.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\findstr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\find.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fdeploy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fde.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsopprov.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsnotify.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmui.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmsink.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rshx32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsh.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsfsaps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsaci.rat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rpcns4.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routetab.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routemon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\route.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rnr20.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reset.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\replace.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rend.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\relog.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwizc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwiz.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regini.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regedt32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\redir.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\recover.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdsaddin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpwsx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpsnd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpdd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpclip.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpcfgex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdchost.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rcp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasser.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rassapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasrad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasphone.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmxs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasdial.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrnm.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasautou.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasauto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\racpldlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qwinsta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qtplugin.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qprocess.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qosname.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qmgrprxy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qedwipes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qedit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qappsrv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pxhpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pubprn.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psnppagn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdcnt.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pscript.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proxycfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proquota.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prodspec.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proctexe.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnqctl.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnport.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnmngr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnjobs.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prndrvr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prncnfg.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\print.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prflbmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ppcload.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\polstore.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmspl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmailext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plustab.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\photowiz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfts.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnet.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfmon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi009.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi005.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfdisk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd009.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd005.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pentnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pdh.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pcl.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pautoenr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pathping.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\paqsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\panmap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pagefileconfig.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\packager.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\openfiles.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oleprn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2nls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2disp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\offfilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odtext32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odpdx32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odfox32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odexl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oddbse32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbctrac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcp32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcjt32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcji32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccu32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccr32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccp32.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.rsp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcbcp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc32gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc16gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\objsel.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwscript.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwevent.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwapi16.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nw16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcodins.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nusrmgr.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntprint.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmssvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsoprq.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsevt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsdba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntimage.gif:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdsbcli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nslookup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nscompat.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\npptools.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.tha:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.cht:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.chs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.eng:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmmkcert.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmevtmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlsfunc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlhtml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netware.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netstat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netsh.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netplwiz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\neth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net1.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nddenb32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nddeapir.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncxpnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncpa.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nbtstat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrhook.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrator.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxlegih.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxbde40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mswstr10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mswinsck.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mswebdvd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msw3prt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvidctl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcrt20.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp71.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msutb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msuni11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstscax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstinit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstext40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswchx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswch.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msstdfmt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssip32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msscript.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msscds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrepl40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrecr40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrd3x40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrd2x40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrclr40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2cenu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2c.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mspbde40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msorcl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msorc32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msobjs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msnsspc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msmapi32.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msltus40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mslbui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjtes40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjter40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjetoledb40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjet40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msisam11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msinet.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mshtmler.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mshta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msgsvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MsgStRPC.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msexch40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msexcl40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msencode.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdxmlc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdatsrc.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msctfp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msctfime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscpxl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscpx32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msconf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscomctl.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscomct2.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscdexnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaudite.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msapsspc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msafd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msadds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msacm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaatext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mrinfo.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqtrig.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqtgsvc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqsvc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqrtdep.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqprfsym.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa20.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa10.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqlogmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqgentr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqcertui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqbkup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprdim.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprddm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpnotify.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mplay32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpg4ds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpg4dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpeg2data.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mp4sdmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mp43dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mountvol.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\more.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\modex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mode.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mobsync.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mnmdd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmutilse.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmtask.tsk:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmfutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdriver.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmcshext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_qic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_mtf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_hp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mindex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mimefilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\migpwd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\miglibnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mib.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mchgrcoi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mgmtapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc71.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mem.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdwmdmsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdhcp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciqtz32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole16.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciavi.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcdsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcastmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapistub.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\makecab.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mag_hook.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lzexpand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lusrmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprmonui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpq.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logoff.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logman.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\login.cmd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loghours.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lodctr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\localui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\localsec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loadfix.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lnkstub.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lmrt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\licmgr10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LegitCheckControl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lanman.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\langwrbk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LameEncShim.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\label.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_except.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\korean.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keymgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\key01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kd1394.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdro.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdno.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdnec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdne.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdla.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit142.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgae.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbddv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdda.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcan.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdca.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbene.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\KBDAL.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kb16.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_2.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_1.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jobexec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsh400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgmd400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgaw400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jet500.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ixsso.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\isrdbg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\isign32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irclass.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxwan.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxsap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrtmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxroute.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrip.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxpromn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipv6mon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipv6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsmsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsecsnp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsec6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtrmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtprio.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ippromon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipconfig.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iologmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\instcat.sql:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\initpki.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\infosoft.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetppui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imeshare.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ImagXRA7.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ils.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ijl15.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iissuba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igmpagnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iexpress.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieuinit.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iesetup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iernonce.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieakui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieaksie.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ieakeng.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\idq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ideograf.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ide21201.vxd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icwphbk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icwdial.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassvcs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassdo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassam.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrecst.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iaspolcy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iashlpr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasads.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasacct.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkntfs.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkdsk.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chcp.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\htui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hostname.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\homepage.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hnetmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\help.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hdwwiz.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hccoin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\h323msp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\grpconv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.pro:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graftabl.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpupdate.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gptext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpresult.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkrsrc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpedit.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpedit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\glmf32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\getuname.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\getmac.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\GdiPlus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gb2312.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\g711codc.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftsrch.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsutil.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsusd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\framebuf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\format.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\forcedos.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontview.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontsub.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FMVSlider.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fixmapi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\finger.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\findstr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\find.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fdeploy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fde.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fc.exe:KAVICHS
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fastopen.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expsrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expand.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\exe2bin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventtriggers.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventquery.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcreate.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eula.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eudcedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentutl.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.hxx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esent97.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eqnclass.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\encapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\emptyregdb.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\efsadu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edlin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdupgrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdplay.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsuiext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsquery.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsprpres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.vxd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsauth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ds32gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwatson.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ws2ifsl.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vdmindvd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\Vcs.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbintel.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbcamd2.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbcamd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usb8023.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tunmp.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tsbvcap.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tosdvd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tape.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sonydcam.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\smclib.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rootmdm.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rndismp.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\riodrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rio8drv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rawwan.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\p3.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkspx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnknb.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkipx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nmnt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nikedrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mpe.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mf.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mcd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\imagesrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\imagedrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gmreadme.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fsvga.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\enum1394.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\diskdump.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\crusoe.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cpqdap01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cinemst2.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cbidf2k.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\bridge.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmuni.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmlane.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmepvc.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\amdk7.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\amdk6.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\alcxinit.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\driverquery.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnwsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnmodem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\doskey.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\docprop2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmview.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmremote.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdskres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdskmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdlgs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmconfig.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhst3g.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\XMLDSOC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuaueng1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuauclt1.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ws2ifsl.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wowexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wowdeb.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmvdmoe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmvcore2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmv8dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpvis.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpstub.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmmutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmmres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmmfilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmilib.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmidx.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winzm.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winspool.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winsp.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winpy.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winnls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winhelp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wingb.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winar30.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\win87em.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wifeman.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wfwnet.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\WFC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\weitekp9.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wceusbsh.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wbemdisp.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wbemads.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wamregps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wamps51.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\w3svapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\w3ext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\w3ctrs51.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vwipxspx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\voicesub.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\voicepad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vgaoem.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vga.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ver.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vcdex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\user.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\usbser.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\uniime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\unicdime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\typelib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\twunk_16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\twain.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tools.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\toolhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tmigrate.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tintsetp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tintlphr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tintlgnt.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\timer.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tdspx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tdipx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tdasync.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\TCLASSES.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\system.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sysedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\swmidi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\storage.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\stdole32.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\stdole2.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\stdole.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\status.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\srframe.mmf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sprestrt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sound.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sonypvu1.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\smclib.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\shell.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\share.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\scripto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\script.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sccbase.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sam.spd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sam.sdf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\routemon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rootmdm.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\romanime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rdpcdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rawwan.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\raspti.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rasacd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\r1033tts.lxa:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\quick.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pubprn.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ptilink.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnqctl.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnport.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnmngr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnjobs.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prndrvr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prncnfg.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pmspl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pmigrate.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlphr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlgnt.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlcsd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlcsa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\phon.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\permchk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\parvdm.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\partmgr.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pagefile.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pagecnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\padrs804.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\padrs404.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\olesvr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\olecli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ole2nls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ole2disp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ole2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\oembios.sig:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\oembios.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\OEMBIOS.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\oembios.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\odbc16gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnkspx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnknb.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnkfwd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnkflt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nw16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nv4_mini.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\null.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\NT5IIS.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nlsfunc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nls302en.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nextlink.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\netfxocm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\netapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ndproxy.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ndistapi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\MW770.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mtsadmin.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msvideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msuni11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\MSJDBC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msisam11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msir3jp.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mscdexnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msacm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mqoa20.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mqoa10.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mqoa.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mouse.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\modern.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mnmdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mmtask.tsk:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mindex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mga.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mem.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mdsync.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciwave.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciseq.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciole16.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciavi.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mcdsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mcd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\MAPIMIG.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\lzexpand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ltts1033.lxa:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\logscrpt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\korwbrkr.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\keyboard.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\keyboard.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\key01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kdcom.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdycl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdycc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdvntc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbduzb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdur.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbduk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdtuq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdtuf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdtat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdru1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdru.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdro.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdpo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdpl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdpl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdno.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnecnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnecat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnec95.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdne.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdmac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlv1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlt1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlk41j.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlk41a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdla.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdkaz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdit142.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdibm02.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhu1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhept.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhela3.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhela2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhe319.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhe220.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgr1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgkl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgeo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgae.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdest.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbddv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdda.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcz2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcz1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcan.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdca.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdblr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbene.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdazel.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdaze.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdax2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdarmw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdarme.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdal.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbd106n.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbd101a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbd101.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iwrps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iuengine.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\isapips.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ipfltdrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\infoctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\inetsloc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\inetmgr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imscinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imlang.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imkrinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjputyc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjputy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpuex.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjprw.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpmig.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdsvr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdct.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdct.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdadm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpcus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpcic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjp81k.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjp81.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imepadsv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekrmig.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekrcic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekr61.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekr.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iissync.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iissuba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisrstap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisreset.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iismui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iiscrmap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisclex4.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\IASNT4.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chtskf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chtskdic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chtmbx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chajei.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\HPCRDP.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\himem.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\hanja.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\gpkcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\gdi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ftpsapi2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ftpctrs2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fs_rec.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\framdit.ttf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\framd.ttf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fips.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fastopen.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_seos.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_seo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_scripto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\exe2bin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\evtquery.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\et4000.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\edlin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dxgthk.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dxapi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\DX3.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dwil1033.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dwil1029.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ds16gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\drwatson.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dosapp.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmload.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\debug.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ddeml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dayi.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\DAJAVAC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ctl3dv2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cplexe.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\country.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\counters.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\convlog.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\controt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\compobj.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\commdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\CLASSES.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cintsetp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cintlgnt.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cintime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\certmap.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cap7146.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\browscap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\bootvid.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\beep.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\avicap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\authfilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\atmuni.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\atmepvc.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\asptxn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\aspperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\append.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ansi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\adrot.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\admxprox.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\activeds.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\12520850.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\12520437.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskperf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskpart.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcopy.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcomp.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diantz.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dhcpmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgsetup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgnet.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dfsshlex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dfrgfat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\debug.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddeshare.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddeml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dcomcnfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dcache.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbnmpntw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbnetlib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbmsrpcn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\daxctle.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\datime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dataclen.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctl3d32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\csseqchk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cscript.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cryptext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cryptdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\convert.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\console.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\confmsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\system.sav:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\software.sav:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\default.sav:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.TMP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.NT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compstui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compobj.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compact.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comdlg32.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comaddin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnvfat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CNMVS61.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CNMLM61.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnetcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmstp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmprops.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmpbk32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmos.ram:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmmon32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CmdLineExt03.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdlib.wsc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdl32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdial32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmcfg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clipbrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.rll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconf.chm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ckcnv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cipher.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cidaemon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadv.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadmin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cfgbkend.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\certmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\certmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cdmodem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ccfgnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\catsrvps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\capesnpn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\camocx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cacls.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cabview.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_875.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_874.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_869.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_866.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_865.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_863.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_861.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_860.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_857.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_855.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_852.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_850.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_775.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_737.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_500.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_437.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28605.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28603.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28599.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28598.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28597.NLS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28595.NLS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28594.NLS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28593.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_21866.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20905.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20866.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20261.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20127.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1026.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10082.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10081.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10079.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10029.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10017.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10010.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10007.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10006.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10000.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expsrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expand.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\exe2bin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventtriggers.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventquery.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcreate.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eula.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eudcedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentutl.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.hxx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esent97.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eqnclass.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\encapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\emptyregdb.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\efsadu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edlin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdupgrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdplay.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsuiext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsquery.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsprpres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.vxd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsauth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ds32gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwatson.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ws2ifsl.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vdmindvd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\Vcs.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbintel.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbcamd2.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbcamd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usb8023.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tunmp.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tsbvcap.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tosdvd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tape.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sonydcam.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\smclib.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rootmdm.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rndismp.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\riodrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rio8drv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rawwan.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\p3.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkspx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnknb.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkipx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nmnt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nikedrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mpe.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mf.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mcd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\imagesrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\imagedrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gmreadme.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fsvga.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\enum1394.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\diskdump.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\crusoe.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cpqdap01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cinemst2.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cbidf2k.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\bridge.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmuni.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmlane.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmepvc.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\amdk7.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\amdk6.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\alcxinit.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\driverquery.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnwsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnmodem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\doskey.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\docprop2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmview.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmremote.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdskres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdskmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdlgs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmconfig.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhst3g.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\XMLDSOC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuaueng1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuauclt1.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ws2ifsl.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wowexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wowdeb.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmvdmoe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmvcore2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmv8dmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpvis.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpstub.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmmutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmmres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmmfilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmilib.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmidx.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winzm.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winspool.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winsp.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winpy.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winnls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winhelp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wingb.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\winar30.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\win87em.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wifeman.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wfwnet.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\WFC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\weitekp9.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wceusbsh.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wbemdisp.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wbemads.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wamregps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wamps51.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\w3svapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\w3ext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\w3ctrs51.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vwipxspx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\voicesub.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\voicepad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vgaoem.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vga.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ver.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\vcdex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\user.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\usbser.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\uniime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\unicdime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\typelib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\twunk_16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\twain.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tools.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\toolhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tmigrate.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tintsetp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tintlphr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tintlgnt.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\timer.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tdspx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tdipx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tdasync.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\TCLASSES.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\tapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\system.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sysedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\swmidi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\storage.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\stdole32.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\stdole2.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\stdole.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\status.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\srframe.mmf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sprestrt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sound.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sonypvu1.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\smclib.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\shell.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\share.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\scripto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\script.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sccbase.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sam.spd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sam.sdf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\routemon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rootmdm.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\romanime.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rdpcdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rawwan.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\raspti.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\rasacd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\r1033tts.lxa:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\quick.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pubprn.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ptilink.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnqctl.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnport.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnmngr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prnjobs.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prndrvr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\prncnfg.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pmspl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pmigrate.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlphr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlgnt.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlcsd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pintlcsa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\phon.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\permchk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\parvdm.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\partmgr.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pagefile.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\pagecnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\padrs804.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\padrs404.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\olesvr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\olecli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ole2nls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ole2disp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ole2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\oembios.sig:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\oembios.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\OEMBIOS.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\oembios.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\odbc16gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnkspx.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnknb.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnkfwd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nwlnkflt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nw16.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nv4_mini.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\null.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ntdos.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\NT5IIS.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nlsfunc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nls302en.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nextlink.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\netfxocm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\netapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ndproxy.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ndistapi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\MW770.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mtsadmin.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msvideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msuni11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\MSJDBC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msisam11.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msir3jp.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mscdexnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msacm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mqoa20.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mqoa10.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mqoa.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mouse.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\modern.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mnmdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mmtask.tsk:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mindex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mga.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mem.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mdsync.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciwave.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciseq.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciole16.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciavi.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mcdsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mcd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\MAPIMIG.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\lzexpand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ltts1033.lxa:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\logscrpt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\korwbrkr.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\keyboard.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\keyboard.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\key01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kdcom.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdycl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdycc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdvntc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbduzb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdusa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdur.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbduk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdtuq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdtuf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdtat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdsf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdru1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdru.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdro.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdpo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdpl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdpl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdno.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnecnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnecat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnec95.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdne.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdmac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlv1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlt1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlk41j.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdlk41a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdla.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdkaz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdit142.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdibm02.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhu1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhept.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhela3.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhela2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhe319.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhe220.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdhe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgr1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgkl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgeo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdgae.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdfc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdest.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbddv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdda.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcz2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcz1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdcan.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdca.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdblr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbene.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdazel.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdaze.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdax2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdarmw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdarme.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdal.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbd106n.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbd101a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbd101.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iwrps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iuengine.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\isapips.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ipfltdrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\infoctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\inetsloc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\inetmgr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imscinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imlang.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imkrinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjputyc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjputy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpuex.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjprw.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpmig.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdsvr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdct.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdct.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpdadm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpcus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjpcic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjp81k.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imjp81.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imepadsv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekrmig.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekrcic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekr61.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imekr.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iissync.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iissuba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisrstap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisreset.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iismui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iiscrmap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iisclex4.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\IASNT4.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chtskf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chtskdic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chtmbx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\chajei.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\HPCRDP.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\himem.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\hanja.lex:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\gpkcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\gdi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ftpsapi2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ftpctrs2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fs_rec.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\framdit.ttf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\framd.ttf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fips.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fastopen.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_seos.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_seo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_scripto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\exe2bin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\evtquery.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\et4000.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\edlin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dxgthk.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dxapi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\DX3.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dwil1033.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dwil1029.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ds16gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\drwatson.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dosapp.fon:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmload.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\debug.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ddeml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dayi.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\DAJAVAC.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ctl3dv2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cplexe.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\country.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\counters.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\convlog.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\controt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\compobj.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\commdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\CLASSES.CAT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cintsetp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cintlgnt.ime:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cintime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\certmap.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cap7146.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\browscap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\bootvid.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\beep.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\avicap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\authfilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\atmuni.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\atmepvc.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\asptxn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\aspperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\append.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ansi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\adrot.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\admxprox.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\activeds.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\12520850.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\12520437.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskperf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskpart.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcopy.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcomp.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diantz.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dhcpmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgsetup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgnet.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dfsshlex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dfrgfat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\debug.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddeshare.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddeml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dcomcnfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dcache.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbnmpntw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbnetlib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbmsvinn.dLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbmsrpcn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dbmsadsn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\daxctle.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\datime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dataclen.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctl3d32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\csseqchk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cscript.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cryptext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cryptdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\convert.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\console.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\confmsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\system.sav:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\software.sav:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\config\default.sav:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.TMP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.NT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compstui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compobj.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compact.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comdlg32.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comaddin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnvfat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CNMVS61.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CNMLM61.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnetcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmstp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmprops.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmpbk32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmos.ram:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmmon32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CmdLineExt03.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdlib.wsc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdl32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdial32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmcfg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clipbrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.rll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconf.chm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ckcnv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cipher.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cidaemon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadv.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadmin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cfgbkend.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\certmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\certmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cdmodem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ccfgnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\catsrvps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\capesnpn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\camocx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cacls.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cabview.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_875.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_874.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_869.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_866.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_865.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_863.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_861.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_860.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_857.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_855.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_852.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_850.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_775.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_737.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_500.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_437.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28605.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28603.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28599.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28598.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28597.NLS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28595.NLS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28594.NLS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28593.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_21866.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20905.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20866.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20261.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20127.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1026.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10082.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10081.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10079.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10029.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10017.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10010.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10007.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10006.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10000.nls:KAVICHS
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_037.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\browsewm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bopomofo.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootvrfy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootok.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootcfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios4.rom:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios1.rom:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bidispl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avwav.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avtapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avmeter.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avifile.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avicap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autolfn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autodisc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autoconv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Audio3D.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\attrib.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atrace.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atmpvcno.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atmadm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atkctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\at.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_pfu.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_ldm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_fmt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asferror.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asctrls.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\arp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\appmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\appmgmts.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\append.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\apcups.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ansi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\amcompat.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ALSNDMGR.WAV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ALSNDMGR.CPL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\alrsvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ahui.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnds.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsmsext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsldp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adptif.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\admparse.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\actmovie.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\activeds.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acledit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acelpdec.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\access.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\aaaamon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\a3d.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\602odbc8.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520850.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520437.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\winspool.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\WFWNET.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VGA.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VER.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TIMER.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TAPI.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SYSTEM.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\stdole.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SOUND.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SHELL.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\setup.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLESVR.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLECLI.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MSVIDEO.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MOUSE.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMTASK.TSK:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\mmsystem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIWAVE.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCISEQ.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIAVI.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\LZEXPAND.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\KEYBOARD.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\COMMDLG.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\avifile.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVICAP.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\svcpack.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\SOUNDMAN.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\setuperr.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\setupact.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Řeka Sumida.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Rododendron.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\regopt.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\REGLOCS.OLD:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Prérijní vítr.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Omítka Santa Fe.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\OEWABLog.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBCINST.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBC.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ocmsn.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\netfxocm.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Na rybách.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Mýdlové bubliny.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msmqinst.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msgsocm.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msdfmap.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Modrá krajka 16.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ModemLog_Motorola USB Modem.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Microsoft.MIF:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\MFC42D.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB913446.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912919.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911927.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911565.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911564.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB910437.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB908519.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB905915.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\jautoexp.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\iun6002.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\IsUn0405.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ir50_qcx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ir50_qc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\game.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\explorer.scf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\emm386x.ddl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\DtcInstall.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\discwriter.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\cmsetacl.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\clock.avi:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\BJPSUNST.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\avrack.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\AM_D8.PRF:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\alcupd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\alcrmv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\002386_.tmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\_MSRSTRT.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\ISACER.ID:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\INSTALL.LOG:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\hWaitEventRetryInstall:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\plugin131_15.trace:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Jay Z VS Russ Castella - 99 Forgotten Problems.mp3:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\Untitled.vib:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\Untitled Document.nvc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\New.ncd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\bt2net_errors.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\AdobeFnt10.lst:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\ntuser.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\ntuser.dat.LOG:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\data:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\winamp.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\win.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\TextSpy.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\wmv9vcm.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\vmhelper.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\umpnpmgr.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\telnet.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\tapisrv.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\srvsvc.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\spupdwxp.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\spoolsv.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\spnpinst.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\rpcss.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\pidgen.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\olecnv32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\olecli32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\ole32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\ntdll.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\netman.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\msjava.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\mscms.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\msawt.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\linkinfo.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\licdll.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\l3codecx.ax:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\kerberos.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\jit.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javasup.vxd:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javart.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javaprxy.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javacypt.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\itss.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\itircl.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\imagehlp.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\hhsetup.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\faxpatch.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\es.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\ksecdd.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\ipnat.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\pidgen.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dbghelp.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\comsvcs.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\colbact.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\clbcatq.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\catsrvut.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\catsrv.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\cabinet.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\autochk.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\authz.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\atl.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\setupapi.log.1.old:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\regedit.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\PhotoSnapViewer.INI:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\NeroDigital.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\medctroc.Log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB905414.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB901214.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB901017.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899591.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899588.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899587.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896428.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896423.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896422.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896358.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB893756.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB893066.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB890046.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB885835.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB883939.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\hh.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\DirectX.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\$_hpcst$.hpc:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Program Files\Messenger\msmsgs.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\Honza Kryl\ntuser.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\desktop.ini:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\shfolder.dll:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\icm32.dll:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB905749.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB904706.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB896727.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB894391.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB891781.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB888302.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB888113.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB885836.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB873339.log:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\wuaueng1.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\wtsapi32.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\KB896424.log:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\KB873333.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\VorbisEnc.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\uxtheme.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\syssetup.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\setupapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\sensapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\regsvr32.exe:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\QuickTimeCheck.ocx:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\powrprof.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\msimg32.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\Ltwvc12n.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTTWN12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTKRN12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTIMG12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTEFX12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTDIS12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\dsound.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\udfs.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\rdpwd.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\modem.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\fastfat.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\ddraw.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\clusapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\apphelp.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB902400.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB900725.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB899589.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB893086.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB890923.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB890175.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB887742.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB887472.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB885250.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\$NtUninstallKB938828$\explorer.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\xvidcore.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\xpsp2res.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\xpob2res.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wzcsvc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wsock32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wshcs.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscui.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscsvc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscript.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscntfy.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ws2help.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ws2_32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wmpasf.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wmi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wmerror.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wlnotify.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wldap32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wintrust.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winsta.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winscard.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winmm.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winhttp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\vorbis.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\version.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\vdmdbg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\usp10.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\userenv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\txflog.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\tapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\storprop.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ssdpapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shimeng.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\security.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\secur32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\sdhcinst.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scrrun.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Scg726.acm:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scesrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scecli.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scardsvr.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\samsrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\samlib.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\resutils.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\regapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rcbdyctl.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rasdlg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rasapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTimeVR.qtx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTimeMusicalInstruments.qtx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTime.qts:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTime.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\qt-dx331.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\profmap.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\printui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oscript.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\OggDS.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ogg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\odbc32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oakley.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\nvtuicpl.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\NvCpl.DLL:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\nvappbar.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ntdsapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui1.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui0.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netshell.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netsetup.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netrap.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netcfgx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\nddeapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ncobjapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mswsock.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvfw32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcrt40.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcrt.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcr71.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcr70.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcp70.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcp60.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msoert2.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msoeacct.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msgina.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msctf.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mscat32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msasn1.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msacm32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mprapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mpr.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mobileV.acm:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mmsys.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mlang.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ltocx12n.ocx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\LTFIL12n.DLL:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lame_enc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jscs.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jdbgmgr.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\irprops.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ir41_qcx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ir41_qc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Indeo4.qtx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\imm32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\imgutil.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\icmp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\icaapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\hypertrm.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\firewall.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\esent.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DVobSub.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\duser.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\wstcodec.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\wanarp.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\usbstor.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\termdd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\streamip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\slip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\sisnic.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\sfloppy.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\serial.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\raspppoe.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rasl2tp.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\psched.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\pcmcia.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\pciide.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\pci.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\parport.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\npfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nic1394.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndiswan.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndisuio.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndistapi.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndisip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nabtsfec.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mstee.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mssmbios.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mspqm.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mspclock.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mskssrv.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\msfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\msdv.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\irenum.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ipsec.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ipinip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ip6fw.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\intelppm.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\imapi.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\ftdisk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\flpydisk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\fdc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\dmusic.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\disk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\compbatt.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cmbatt.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdrom.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdrbsvsd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ccdecode.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\avc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\atmarpc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\asyncmac.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\arp1394.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\ACPIEC.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\ACPI.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dplayx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\divxsm.tlb:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DivXsm.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\divxdec.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\divx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dinput8.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dinput.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgntfs.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\desk.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dciman32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\d3drm.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\csrsrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cscdll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cryptui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crypt32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crtdll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\comres.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\compatui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cmsetacl.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cfgmgr32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ceutil.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cdosys.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cards.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bthprops.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bthci.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\batt.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\batmeter.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avifil32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\atmlib.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\advpack.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\advapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\activeds.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\aclui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ac3filter.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\AC3ACM.acm:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\setuplog.txt:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\KB890859.log:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Program Files\Ahead\Nero BackItUp\NBJ.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\ntldr:KAVICHS
< End of report >
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\browsewm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bopomofo.uce:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootvrfy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootok.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootcfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios4.rom:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios1.rom:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bidispl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avwav.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avtapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avmeter.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avifile.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avicap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autolfn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autodisc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autoconv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Audio3D.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\attrib.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atrace.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atmpvcno.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atmadm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atkctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\at.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_pfu.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_ldm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_fmt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asferror.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asctrls.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\arp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\appmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\appmgmts.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\append.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\apcups.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ansi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\amcompat.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ALSNDMGR.WAV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ALSNDMGR.CPL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\alrsvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ahui.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnds.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsmsext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsldp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adptif.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\admparse.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\actmovie.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\activeds.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acledit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acelpdec.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\access.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\aaaamon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\a3d.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\602odbc8.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520850.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520437.cpx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\winspool.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\WFWNET.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VGA.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VER.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TIMER.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TAPI.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SYSTEM.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\stdole.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SOUND.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SHELL.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\setup.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLESVR.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLECLI.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MSVIDEO.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MOUSE.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMTASK.TSK:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\mmsystem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIWAVE.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCISEQ.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIAVI.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\LZEXPAND.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\KEYBOARD.DRV:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\COMMDLG.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\avifile.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVICAP.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\svcpack.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\SOUNDMAN.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\setuperr.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\setupact.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Řeka Sumida.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Rododendron.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\regopt.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\REGLOCS.OLD:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Prérijní vítr.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Omítka Santa Fe.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\OEWABLog.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBCINST.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBC.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ocmsn.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\netfxocm.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Na rybách.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Mýdlové bubliny.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msmqinst.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msgsocm.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msdfmap.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Modrá krajka 16.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ModemLog_Motorola USB Modem.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Microsoft.MIF:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\MFC42D.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB913446.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912919.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911927.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911565.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911564.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB910437.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB908519.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB905915.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\jautoexp.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\iun6002.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\IsUn0405.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ir50_qcx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ir50_qc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\game.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\explorer.scf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\emm386x.ddl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\DtcInstall.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\discwriter.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\cmsetacl.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\clock.avi:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\BJPSUNST.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\avrack.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\AM_D8.PRF:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\alcupd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\alcrmv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\002386_.tmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\_MSRSTRT.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\ISACER.ID:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\INSTALL.LOG:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\hWaitEventRetryInstall:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\plugin131_15.trace:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Plocha\Jay Z VS Russ Castella - 99 Forgotten Problems.mp3:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\Untitled.vib:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\Untitled Document.nvc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\New.ncd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\bt2net_errors.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Honza Kryl\AdobeFnt10.lst:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\ntuser.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\ntuser.dat.LOG:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\data:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\winamp.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\win.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\TextSpy.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\wmv9vcm.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\vmhelper.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\umpnpmgr.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\telnet.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\tapisrv.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\srvsvc.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\spupdwxp.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\spoolsv.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\spnpinst.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\rpcss.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\pidgen.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\olecnv32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\olecli32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\ole32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\ntdll.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\netman.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\msjava.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\mscms.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\msawt.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\linkinfo.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\licdll.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\l3codecx.ax:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\kerberos.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\jit.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javasup.vxd:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javart.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javaprxy.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\javacypt.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\itss.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\itircl.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\imagehlp.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\hhsetup.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\faxpatch.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\es.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\ksecdd.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\ipnat.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\pidgen.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dbghelp.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\comsvcs.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\colbact.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\clbcatq.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\catsrvut.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\catsrv.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\cabinet.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\autochk.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\authz.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\atl.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\setupapi.log.1.old:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\regedit.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\PhotoSnapViewer.INI:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\NeroDigital.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\medctroc.Log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB905414.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB901214.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB901017.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899591.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899588.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899587.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896428.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896423.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896422.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896358.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB893756.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB893066.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB890046.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB885835.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB883939.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\hh.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\DirectX.log:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\$_hpcst$.hpc:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Program Files\Messenger\msmsgs.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\Honza Kryl\ntuser.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\Honza Kryl\Dokumenty\desktop.ini:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\shfolder.dll:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\icm32.dll:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB905749.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB904706.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB896727.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB894391.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB891781.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB888302.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB888113.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB885836.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB873339.log:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\wuaueng1.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\wtsapi32.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\KB896424.log:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\KB873333.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\VorbisEnc.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\uxtheme.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\syssetup.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\setupapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\sensapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\regsvr32.exe:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\QuickTimeCheck.ocx:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\powrprof.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\msimg32.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\Ltwvc12n.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTTWN12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTKRN12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTIMG12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTEFX12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTDIS12n.DLL:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\dsound.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\udfs.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\rdpwd.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\modem.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\fastfat.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\ddraw.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\clusapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\apphelp.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB902400.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB900725.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB899589.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB893086.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB890923.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB890175.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB887742.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB887472.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB885250.log:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\$NtUninstallKB938828$\explorer.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\xvidcore.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\xpsp2res.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\xpob2res.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wzcsvc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wsock32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wshcs.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscui.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscsvc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscript.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wscntfy.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ws2help.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ws2_32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wmpasf.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wmi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wmerror.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wlnotify.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wldap32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wintrust.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winsta.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winscard.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winmm.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winhttp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\vorbis.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\version.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\vdmdbg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\usp10.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\userenv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\txflog.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\tapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\storprop.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ssdpapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shimeng.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\security.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\secur32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\sdhcinst.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scrrun.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Scg726.acm:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scesrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scecli.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scardsvr.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\samsrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\samlib.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\resutils.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\regapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rcbdyctl.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rasdlg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rasapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTimeVR.qtx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTimeMusicalInstruments.qtx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTime.qts:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTime.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\qt-dx331.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\profmap.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\printui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oscript.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\OggDS.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ogg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\odbc32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oakley.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\nvtuicpl.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\NvCpl.DLL:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\nvappbar.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ntdsapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui1.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui0.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netshell.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netsetup.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netrap.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netcfgx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\nddeapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ncobjapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mswsock.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvfw32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcrt40.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcrt.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcr71.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcr70.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcp70.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcp60.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msoert2.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msoeacct.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msgina.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msctf.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mscat32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msasn1.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msacm32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mprapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mpr.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mobileV.acm:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mmsys.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mlang.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ltocx12n.ocx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\LTFIL12n.DLL:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lame_enc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jscs.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jdbgmgr.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\irprops.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ir41_qcx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ir41_qc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Indeo4.qtx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\imm32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\imgutil.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\icmp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\icaapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\hypertrm.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\firewall.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\esent.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DVobSub.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\duser.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\wstcodec.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\wanarp.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\usbstor.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\termdd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\streamip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\slip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\sisnic.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\sfloppy.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\serial.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\raspppoe.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rasl2tp.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\psched.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\pcmcia.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\pciide.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\pci.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\parport.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\npfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nic1394.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndiswan.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndisuio.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndistapi.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndisip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nabtsfec.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mstee.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mssmbios.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mspqm.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mspclock.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\mskssrv.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\msfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\msdv.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\irenum.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ipsec.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ipinip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ip6fw.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\intelppm.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\imapi.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\ftdisk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\flpydisk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\fdc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\dmusic.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\disk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\compbatt.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cmbatt.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdrom.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdrbsvsd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ccdecode.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\avc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\atmarpc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\asyncmac.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\arp1394.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\ACPIEC.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DRIVERS\ACPI.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dplayx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\divxsm.tlb:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DivXsm.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\divxdec.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\divx.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dinput8.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dinput.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgntfs.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\desk.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dciman32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\d3drm.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\csrsrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cscdll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cryptui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crypt32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crtdll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\comres.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\compatui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cmsetacl.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cfgmgr32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ceutil.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cdosys.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cards.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bthprops.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bthci.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\batt.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\batmeter.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avifil32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\atmlib.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\advpack.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\advapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\activeds.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\aclui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ac3filter.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\AC3ACM.acm:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\setuplog.txt:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\KB890859.log:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Program Files\Ahead\Nero BackItUp\NBJ.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\ntldr:KAVICHS
< End of report >
-
serviscomp
- Návštěvník
- Příspěvky: 27
- Registrován: 19 bře 2010 15:57
Re: Prosím o kontrolu logu - totálně zavirovaný PC
OTL Extras logfile created on: 14.5.2010 17:42:38 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Honza Kryl\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
509,00 Mb Total Physical Memory | 219,00 Mb Available Physical Memory | 43,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 8,26 Gb Free Space | 11,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,73 Gb Total Space | 0,70 Gb Free Space | 18,83% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HONZA
Current User Name: Honza Kryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus -- File not found
"C:\Program Files\ICQLite\ICQLite.exe" = C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQLite -- (ICQ Ltd.)
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe" = C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe:*:Enabled:AIMICQ invisible checker -- ((c)2005 burewar; (c) MISPAQMC)
"C:\Program Files\BT2Net\bt2net.exe" = C:\Program Files\BT2Net\bt2net.exe:*:Enabled:BT2Net -- File not found
"C:\Program Files\EA SPORTS\NHL06\nhl06.exe" = C:\Program Files\EA SPORTS\NHL06\nhl06.exe:*:Enabled:nhl06 -- File not found
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- File not found
"C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe" = C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe:*:Enabled:fifa06 -- File not found
"C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe" = C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe:*:Enabled:casinove -- File not found
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe" = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe:*:Enabled:Kaspersky Anti-Virus Service -- File not found
"C:\Program Files\mswt kart 2004\MSWorldTour.exe" = C:\Program Files\mswt kart 2004\MSWorldTour.exe:*:Enabled:MSWorldTour -- File not found
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe" = C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe:*:Enabled:Usca2004 -- File not found
"C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe" = C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe:*:Enabled:Usca2004 -- (Asechka.ru)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- ()
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe" = C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0B7BA3EE-D7AC-494E-999D-DA58D6D01DAC}" = LG_Mobile Sync
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{26E20136-E332-4BC6-903F-ADDCAEE53263}" = ArCon 9 Profesionál
"{2952C529-2503-4C2F-BCBD-DE7093C27C2C}" = AEC creative : FaMaDa pro ArCon 1.0 CZ
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FA14A05-B6F7-4E27-AD00-FEA997D45A6F}" = Print2PDF
"{7689CA7A-1270-425A-9959-EB4CB25EA29A}" = Sony Ericsson PC Suite 1.20.224
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{97DDA53A-8346-467A-880C-655E847CC7D3}" = Ski Racing 2006
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1F7C120-80F4-48B1-00B8-4E278AED8779}" = NHL07
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7757137-0A71-4A9F-8A82-1AE4A1B73420}" = Nokia Connectivity Cable Driver
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Software Kodak EasyShare
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F30F2AC8-64BC-412B-A836-96770B4EB2DE}" = Print2PDF
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FF059F2A-62A7-4E6A-B305-559591D2769E}" = Nokia PC Suite
"{FF15CBA1-E649-40EF-859F-68A81CC9A7C3}" = GTDialer X
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE
"ArCon PDF-Export" = ArCon PDF-Export
"Ashampoo WinOptimizer Platinum 3" = Ashampoo WinOptimizer Platinum 3
"CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000
"CloneDVD2" = CloneDVD2
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.7
"DivX Codec" = DivX Decoder
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Uživatelská příručka" = EPSON Stylus SX100_TX100 Manuál
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Gadwin PrintScreen" = Gadwin PrintScreen
"GameSpy Arcade" = GameSpy Arcade
"HCS8DL" = Hoyle Casino 2004
"ICQLite" = ICQ 5.1
"InstallShield_{26E20136-E332-4BC6-903F-ADDCAEE53263}" = ArCon 9 Profesionál
"InstallShield_{2952C529-2503-4C2F-BCBD-DE7093C27C2C}" = AEC creative : FaMaDa pro ArCon 1.0 CZ
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Media Access" = Media Access
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = Nero Digital
"NVIDIA Drivers" = NVIDIA Drivers
"PSP_Movie_Creator" = PSP Movie Creator(remove only)
"PSPVideoExpress" = PSP Video Express(remove only)
"QuickTime" = QuickTime
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype_is1" = Skype 2.0
"Syncrosoft's License Control" = Syncrosoft's License Control
"T-Mobile Communication Centre" = T-Mobile Communication Centre
"ToolbarICQToolbar.ICQToolbarObjectIEToolbar" = ICQ Toolbar
"UltraISO_is1" = UltraISO V7.62 ME
"VMidi" = vanBasco's Karaoke Player
"Winamp" = Winamp (remove only)
"Windows CE Services" = Microsoft ActiveSync 3.8
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR
"Xtreme G Drivers" = Xtreme G Drivers 71.84 Setup Files
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.6.2006 8:59:18 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.0.0.8, chybující modul claud.ax,
verze 4.0.0.2824, adresa chyby 0x0000374b.
Error - 29.6.2006 14:31:08 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.0.0.8, chybující modul claud.ax,
verze 4.0.0.2824, adresa chyby 0x0000374b.
Error - 29.6.2006 15:17:30 | Computer Name = HONZA | Source = MsiInstaller | ID = 1013
Description = Produkt: Nokia PC Suite - Instalační program zjistil, že je k počítači
kabelem připojen telefon Nokia. Než budete pokračovat, odpojte kabel od počítače.
Error - 29.6.2006 15:30:48 | Computer Name = HONZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 21.7.2006 9:41:03 | Computer Name = HONZA | Source = MsiInstaller | ID = 11904
Description = Produkt: ESScore - Chyba 1904. Modul C:\Program Files\Kodak\Kodak
EasyShare software\bin\ESCom.dll nelze zaregistrovat. HRESULT . Obraťte se na pracovníky
odborné pomoci.
Error - 25.7.2006 11:56:34 | Computer Name = HONZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace EasyShare.exe, verze 5.3.33.29, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 30.7.2006 9:39:52 | Computer Name = HONZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SonyTray.exe, verze 1.0.31121.1, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 12.8.2006 9:23:14 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace cod2sp_s.exe, verze 0.0.0.0, chybující modul gfx_d3d_x86_s.dll,
verze 0.0.0.0, adresa chyby 0x0001e53a.
Error - 16.8.2006 6:56:54 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace viewerapp.exe, verze 1.0.0.31121, chybující modul
viewerapp.exe, verze 1.0.0.31121, adresa chyby 0x0000f700.
Error - 15.9.2006 15:48:31 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace idriver.exe, verze 8.1.0.293, chybující modul ntdll.dll,
verze 5.1.2600.2180, adresa chyby 0x000106c3.
[ System Events ]
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:25 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
< End of report >
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Honza Kryl\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
509,00 Mb Total Physical Memory | 219,00 Mb Available Physical Memory | 43,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 8,26 Gb Free Space | 11,09% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,73 Gb Total Space | 0,70 Gb Free Space | 18,83% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HONZA
Current User Name: Honza Kryl
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus -- File not found
"C:\Program Files\ICQLite\ICQLite.exe" = C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQLite -- (ICQ Ltd.)
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe" = C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\Jerrrrri_264668594\INIC.exe:*:Enabled:AIMICQ invisible checker -- ((c)2005 burewar; (c) MISPAQMC)
"C:\Program Files\BT2Net\bt2net.exe" = C:\Program Files\BT2Net\bt2net.exe:*:Enabled:BT2Net -- File not found
"C:\Program Files\EA SPORTS\NHL06\nhl06.exe" = C:\Program Files\EA SPORTS\NHL06\nhl06.exe:*:Enabled:nhl06 -- File not found
"C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_04\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- File not found
"C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe" = C:\Program Files\EA SPORTS\FIFA 06\fifa06.exe:*:Enabled:fifa06 -- File not found
"C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe" = C:\Program Files\Infogrames Interactive\Monopoly Casino Vegas Edition\casinove.exe:*:Enabled:casinove -- File not found
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe" = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe:*:Enabled:Kaspersky Anti-Virus Service -- File not found
"C:\Program Files\mswt kart 2004\MSWorldTour.exe" = C:\Program Files\mswt kart 2004\MSWorldTour.exe:*:Enabled:MSWorldTour -- File not found
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe" = C:\Documents and Settings\Honza Kryl\Dokumenty\ICQ Lite\263499798\_anonym_-WF_190135400\Usca2004.exe:*:Enabled:Usca2004 -- File not found
"C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe" = C:\Documents and Settings\Honza Kryl\Plocha\Usca2004.exe:*:Enabled:Usca2004 -- (Asechka.ru)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- ()
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe" = C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0B7BA3EE-D7AC-494E-999D-DA58D6D01DAC}" = LG_Mobile Sync
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{26E20136-E332-4BC6-903F-ADDCAEE53263}" = ArCon 9 Profesionál
"{2952C529-2503-4C2F-BCBD-DE7093C27C2C}" = AEC creative : FaMaDa pro ArCon 1.0 CZ
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FA14A05-B6F7-4E27-AD00-FEA997D45A6F}" = Print2PDF
"{7689CA7A-1270-425A-9959-EB4CB25EA29A}" = Sony Ericsson PC Suite 1.20.224
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{97DDA53A-8346-467A-880C-655E847CC7D3}" = Ski Racing 2006
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1F7C120-80F4-48B1-00B8-4E278AED8779}" = NHL07
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7757137-0A71-4A9F-8A82-1AE4A1B73420}" = Nokia Connectivity Cable Driver
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Software Kodak EasyShare
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F30F2AC8-64BC-412B-A836-96770B4EB2DE}" = Print2PDF
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FF059F2A-62A7-4E6A-B305-559591D2769E}" = Nokia PC Suite
"{FF15CBA1-E649-40EF-859F-68A81CC9A7C3}" = GTDialer X
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE
"ArCon PDF-Export" = ArCon PDF-Export
"Ashampoo WinOptimizer Platinum 3" = Ashampoo WinOptimizer Platinum 3
"CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000
"CloneDVD2" = CloneDVD2
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.7
"DivX Codec" = DivX Decoder
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Uživatelská příručka" = EPSON Stylus SX100_TX100 Manuál
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Gadwin PrintScreen" = Gadwin PrintScreen
"GameSpy Arcade" = GameSpy Arcade
"HCS8DL" = Hoyle Casino 2004
"ICQLite" = ICQ 5.1
"InstallShield_{26E20136-E332-4BC6-903F-ADDCAEE53263}" = ArCon 9 Profesionál
"InstallShield_{2952C529-2503-4C2F-BCBD-DE7093C27C2C}" = AEC creative : FaMaDa pro ArCon 1.0 CZ
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Media Access" = Media Access
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = Nero Digital
"NVIDIA Drivers" = NVIDIA Drivers
"PSP_Movie_Creator" = PSP Movie Creator(remove only)
"PSPVideoExpress" = PSP Video Express(remove only)
"QuickTime" = QuickTime
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype_is1" = Skype 2.0
"Syncrosoft's License Control" = Syncrosoft's License Control
"T-Mobile Communication Centre" = T-Mobile Communication Centre
"ToolbarICQToolbar.ICQToolbarObjectIEToolbar" = ICQ Toolbar
"UltraISO_is1" = UltraISO V7.62 ME
"VMidi" = vanBasco's Karaoke Player
"Winamp" = Winamp (remove only)
"Windows CE Services" = Microsoft ActiveSync 3.8
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR
"Xtreme G Drivers" = Xtreme G Drivers 71.84 Setup Files
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.6.2006 8:59:18 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.0.0.8, chybující modul claud.ax,
verze 4.0.0.2824, adresa chyby 0x0000374b.
Error - 29.6.2006 14:31:08 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.0.0.8, chybující modul claud.ax,
verze 4.0.0.2824, adresa chyby 0x0000374b.
Error - 29.6.2006 15:17:30 | Computer Name = HONZA | Source = MsiInstaller | ID = 1013
Description = Produkt: Nokia PC Suite - Instalační program zjistil, že je k počítači
kabelem připojen telefon Nokia. Než budete pokračovat, odpojte kabel od počítače.
Error - 29.6.2006 15:30:48 | Computer Name = HONZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 21.7.2006 9:41:03 | Computer Name = HONZA | Source = MsiInstaller | ID = 11904
Description = Produkt: ESScore - Chyba 1904. Modul C:\Program Files\Kodak\Kodak
EasyShare software\bin\ESCom.dll nelze zaregistrovat. HRESULT . Obraťte se na pracovníky
odborné pomoci.
Error - 25.7.2006 11:56:34 | Computer Name = HONZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace EasyShare.exe, verze 5.3.33.29, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 30.7.2006 9:39:52 | Computer Name = HONZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SonyTray.exe, verze 1.0.31121.1, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 12.8.2006 9:23:14 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace cod2sp_s.exe, verze 0.0.0.0, chybující modul gfx_d3d_x86_s.dll,
verze 0.0.0.0, adresa chyby 0x0001e53a.
Error - 16.8.2006 6:56:54 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace viewerapp.exe, verze 1.0.0.31121, chybující modul
viewerapp.exe, verze 1.0.0.31121, adresa chyby 0x0000f700.
Error - 15.9.2006 15:48:31 | Computer Name = HONZA | Source = Application Error | ID = 1000
Description = Chybující aplikace idriver.exe, verze 8.1.0.293, chybující modul ntdll.dll,
verze 5.1.2600.2180, adresa chyby 0x000106c3.
[ System Events ]
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:22 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
Error - 14.5.2010 10:02:25 | Computer Name = HONZA | Source = Cdrom | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\CdRom0.
< End of report >
Přispějete na provoz fóra?