Prosím o kontrolu, zamrznul mi PC, tak jsem restartoval projel SUPERAnti spywarem, ale stejně tam určitě pořád něco je. PC se chová úplně jinak než předtím. Děkuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Uživatel at 2011-02-07 12:19:31
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (22%) free of 30 GB
Total RAM: 2047 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:33, on 7.2.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\OSCAR Editor\OscarEditor.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Uživatel\Plocha\RSIT.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\Uživatel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [wuaucldt] c:\windows\system32\wuaucldt.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [wuaucldt] c:\documents and settings\uživatel\wuaucldt.exe
O4 - HKCU\..\Policies\Explorer\Run: [System Rescue] C:\WINDOWS\system32\rescue32.exe
O4 - HKUS\S-1-5-21-329068152-1417001333-725345543-1011\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'postgreuser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Betway.com Poker - {4CBB5C71-1BA0-49ca-93CD-159AF8AA0CC9} - D:\Program Files\Betway\Poker\MPPoker.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: bw+0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 21396 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-10-17 2120768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-29 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-17 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-17 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-10-17 2120768]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-12 17531392]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"wuaucldt"=c:\windows\system32\wuaucldt.exe []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"OscarEditor"=C:\Program Files\OSCAR Editor\OscarEditor.exe [2018-11-02 2820096]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2009-10-30 93376]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2424560]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"wuaucldt"=c:\documents and settings\uživatel\wuaucldt.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"System Rescue"=C:\WINDOWS\system32\rescue32.exe [2009-03-21 108032]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
Photo Loader supervisory.lnk - C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\BROOD\starcraft.exe"="C:\BROOD\starcraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Disabled:mIRC"
"D:\Teamspeak2_RC2\server_windows.exe"="D:\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"D:\Steam\steamapps\krtek3\counter-strike\hl.exe"="D:\Steam\steamapps\krtek3\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="D:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"D:\SIERRA\Half-Life\hl.exe"="D:\SIERRA\Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Sierra On-Line\SIGSPat.exe"="C:\Program Files\Sierra On-Line\SIGSPat.exe:*:Disabled:SIGSPat"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"D:\Program Files\Warcraft III\Warcraft III.exe"="D:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Program Files\Warcraft III\War3.exe"="D:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"D:\Steam\steamapps\krtek3\counter-strike source\hl2.exe"="D:\Steam\steamapps\krtek3\counter-strike source\hl2.exe:*:Enabled:hl2"
"D:\Steam\steam.exe"="D:\Steam\steam.exe:*:Enabled:Steam"
"D:\Steam\steamapps\krtek3\half-life deathmatch source\hl2.exe"="D:\Steam\steamapps\krtek3\half-life deathmatch source\hl2.exe:*:Enabled:hl2"
"D:\Steam\steamapps\krtek3\half-life 2 deathmatch\hl2.exe"="D:\Steam\steamapps\krtek3\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"D:\Steam\steamapps\krtek3\dedicated server\hltv.exe"="D:\Steam\steamapps\krtek3\dedicated server\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\Program Files\EA SPORTS\UEFA EURO 2008\EURO08.exe"="D:\Program Files\EA SPORTS\UEFA EURO 2008\EURO08.exe:*:Enabled:EURO08"
"D:\Steam\steamapps\ruza_\dedicated server\hltv.exe"="D:\Steam\steamapps\ruza_\dedicated server\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Documents and Settings\All Users\Dokumenty\CS1.6\hl.exe"="C:\Documents and Settings\All Users\Dokumenty\CS1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\CS1.6{47}\cstrike.exe"="D:\CS1.6{47}\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe"="C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe:*:Enabled:Dyyno Plugin Receiver"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Steam\steamapps\ruza_\dedicated server\hlds.exe"="D:\Steam\steamapps\ruza_\dedicated server\hlds.exe:*:Enabled:Dedicated Server"
"D:\Steam\steamapps\ruza_\counter-strike\hl.exe"="D:\Steam\steamapps\ruza_\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:System Rescue"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.scr - open - "" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2011-01-20 19:26:30 ----D---- C:\Program Files\ICQ7.2
2011-01-16 12:36:35 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\SUPERAntiSpyware.com
2011-01-16 12:36:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-01-16 12:35:54 ----D---- C:\Program Files\SUPERAntiSpyware
2011-01-11 20:46:38 ----D---- C:\WINDOWS\ie8updates
2011-01-11 20:45:59 ----A---- C:\WINDOWS\imsins.BAK
2011-01-11 20:45:48 ----D---- C:\WINDOWS\WBEM
2011-01-11 20:44:52 ----HDC---- C:\WINDOWS\ie8
2011-01-11 20:44:52 ----D---- C:\WINDOWS\system32\cs-CZ
2011-01-11 20:27:17 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-01-11 20:13:54 ----D---- C:\rsit
2011-01-11 20:05:16 ----D---- C:\Program Files\CCleaner
2011-01-11 18:29:14 ----SHD---- C:\RECYCLER
2011-01-11 18:18:34 ----D---- C:\WINDOWS\temp
2011-01-11 17:02:13 ----RASHD---- C:\cmdcons
2011-01-11 16:37:54 ----D---- C:\WINDOWS\CSC
2011-01-10 19:24:00 ----N---- C:\SafeSurf ABUSE README.txt
2011-01-10 19:22:30 ----D---- C:\Program Files\SafeSurf
======List of files/folders modified in the last 1 months======
2011-02-07 12:19:29 ----D---- C:\WINDOWS\Prefetch
2011-02-07 11:34:39 ----SD---- C:\WINDOWS\Tasks
2011-02-07 11:34:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2011-02-07 11:34:36 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org2
2011-02-04 11:23:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-04 02:29:00 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-04 02:23:55 ----SHD---- C:\System Volume Information
2011-02-04 02:23:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-02-04 01:35:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-01 23:06:52 ----D---- C:\WINDOWS\system32
2011-02-01 21:48:37 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
2011-02-01 16:06:17 ----SD---- C:\Program Files\HLSW
2011-01-27 14:23:20 ----D---- C:\Program Files\Opera
2011-01-27 14:23:18 ----SHD---- C:\WINDOWS\Installer
2011-01-24 19:50:43 ----D---- C:\WINDOWS\system32\drivers
2011-01-21 02:31:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-20 19:27:15 ----RD---- C:\Program Files
2011-01-17 21:12:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-01-16 12:28:35 ----D---- C:\Program Files\Trend Micro
2011-01-13 02:44:03 ----HD---- C:\WINDOWS\inf
2011-01-13 02:43:58 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-11 23:46:46 ----D---- C:\WINDOWS\Help
2011-01-11 23:46:46 ----D---- C:\Program Files\Internet Explorer
2011-01-11 20:45:53 ----D---- C:\WINDOWS\system32\config
2011-01-11 20:45:42 ----D---- C:\WINDOWS\Media
2011-01-11 20:43:23 ----D---- C:\WINDOWS\Debug
2011-01-11 20:27:23 ----D---- C:\WINDOWS\WinSxS
2011-01-11 20:27:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-01-11 20:12:59 ----D---- C:\Program Files\QIP
2011-01-11 20:12:06 ----D---- C:\Program Files\Ganymede
2011-01-11 18:22:20 ----AC---- C:\WINDOWS\system.ini
2011-01-11 18:11:10 ----D---- C:\WINDOWS\AppPatch
2011-01-11 18:11:08 ----D---- C:\Program Files\Common Files
2011-01-11 17:02:29 ----RASH---- C:\boot.ini
2011-01-11 16:24:52 ----D---- C:\Program Files\ESET
2011-01-11 14:03:55 ----D---- C:\Program Files\Alwil Software
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys []
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-09-23 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-09-23 55936]
R2 PStrip;PStrip; C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 27992]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-09-20 223128]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-12 5051904]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-23 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-05 142336]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
S1 cdfss;cdfss; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\cdfss []
S1 mkdrv;mkdrv; \??\C:\WINDOWS\sgope.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-03-22 17480]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\L8042mou.sys [2004-12-10 52992]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2004-12-10 24704]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2004-12-10 36480]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys [2004-12-10 68992]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-09-26 28816]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\System32\DRIVERS\sr.sys [2004-08-17 73344]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-17 153376]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2008-09-19 65536]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-09-24 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-09-24 214520]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 Viewpoint Service;Viewpoint Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2008-04-04 30152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-03-15 72704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalený PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Zpomalený PC
Zdravím, je tam 
Stáhni a nainstaluj MBAM zde http://www.download.com/Malwarebytes-An ... tag=button
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Zpomalený PC
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5703
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
7.2.2011 18:40:03
mbam-log-2011-02-07 (18-40-00).txt
Typ kontroly: Rychlý test
Testované objekty: 205432
Uplynulý čas: 3 minut, 34 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 0
Infikované složky: 1
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdfss (Rootkit.Agent) -> No action taken.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
c:\sdvigsoidvg (Trojan.SpyEyes.WC) -> No action taken.
Infikované soubory:
c:\sdvigsoidvg\config.bin (Trojan.SpyEyes.WC) -> No action taken.
www.malwarebytes.org
Verze databáze: 5703
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
7.2.2011 18:40:03
mbam-log-2011-02-07 (18-40-00).txt
Typ kontroly: Rychlý test
Testované objekty: 205432
Uplynulý čas: 3 minut, 34 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 0
Infikované složky: 1
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdfss (Rootkit.Agent) -> No action taken.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
c:\sdvigsoidvg (Trojan.SpyEyes.WC) -> No action taken.
Infikované soubory:
c:\sdvigsoidvg\config.bin (Trojan.SpyEyes.WC) -> No action taken.
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Zpomalený PC
MBAM spustit znovu - dát Úplná kontrola
po ukončení -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Infikované adresáře:
C:\Program Files\xxxxxx -> Quarantined and deleted successfully.
ten bych taky rád viděl
Klikni na https://www.virustotal.com/cs/
klik "Procházet" > do zadávacího pole "Název souboru" jen zkopíruj:
C:\WINDOWS\system32\rescue32.exe
"Send file" (pokud byl již testován, nech testovat znovu - Reanalyse)
Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
Do fóra zkopíruj výsledný log. nebo odkaz z adresního řádku na stránku.
Pokud nebude nález stačí jen oznámit
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Zpomalený PC
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5703
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
7.2.2011 20:08:47
mbam-log-2011-02-07 (20-08-47).txt
Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 396720
Uplynulý čas: 1 hodin, 12 minut, 24 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 0
Infikované složky: 1
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdfss (Rootkit.Agent) -> Quarantined and deleted successfully.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
c:\sdvigsoidvg (Trojan.SpyEyes.WC) -> Quarantined and deleted successfully.
Infikované soubory:
c:\sdvigsoidvg\config.bin (Trojan.SpyEyes.WC) -> Quarantined and deleted successfully.
Soubor jsem odeslal, žádný scan se nedělal, jen se obnovila obrazovka opět na hlavní stranku.
www.malwarebytes.org
Verze databáze: 5703
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
7.2.2011 20:08:47
mbam-log-2011-02-07 (20-08-47).txt
Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 396720
Uplynulý čas: 1 hodin, 12 minut, 24 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 0
Infikované složky: 1
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdfss (Rootkit.Agent) -> Quarantined and deleted successfully.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
c:\sdvigsoidvg (Trojan.SpyEyes.WC) -> Quarantined and deleted successfully.
Infikované soubory:
c:\sdvigsoidvg\config.bin (Trojan.SpyEyes.WC) -> Quarantined and deleted successfully.
Soubor jsem odeslal, žádný scan se nedělal, jen se obnovila obrazovka opět na hlavní stranku.-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Zpomalený PC
MBAM v pořádku o otestování rescue32.exe bych dost stálinfo na googlu jsou rozporuplné
zkus to podle návodu znovu jinak klik na AVPTool v mém podpisu tě hodí na návod(jsem zvědav, jestli ho Kaspersky vyhodnotí jako nezávadný)
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Zpomalený PC
Zatím stále probíhá kontrola, každopádně Kasperky hodnotí soubor rescue32.exe jako vir.-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Zpomalený PC
Po dokončení akce s AVPTool mi dej výsledný log + přidej aktuální RSIT - dočistíme
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Zpomalený PC
AVPToolAutomatická kontrola: dokončeno před 29 min. (události: 19, objekty: 379269, čas: 02:15:30)
7.2.2011 23:05:00 Úloha byla dokončena
7.2.2011 22:30:50 Bude umístěno do karantény při restartování systému: HEUR:Trojan.Win32.Generic C:\WINDOWS\system32\rescue32.exe
7.2.2011 22:30:26 Dezinfikováno: HEUR:Trojan.Win32.Generic HKEY_USERS\S-1-5-21-329068152-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\System Rescue
7.2.2011 22:30:01 Zjištěno: HEUR:Trojan.Win32.Generic C:\WINDOWS\system32\rescue32.exe
7.2.2011 22:07:08 Odstraněno: not-a-virus:AdWare.Win32.Mostofate.cx C:\Program Files\InstallShield Installation Information\ICQToolbar\tbuCA5\toolbaru.dll
7.2.2011 22:05:41 Zjištěno: not-a-virus:AdWare.Win32.Mostofate.cx C:\Program Files\InstallShield Installation Information\ICQToolbar\tbuCA5\toolbaru.dll
7.2.2011 22:05:40 Neošetřeno: not-a-virus:AdWare.Win32.Mostofate.cx C:\Program Files\InstallShield Installation Information\ICQToolbar\tbuCA5\tbupdate.cab/toolbaru.dll Zápis není podporován
7.2.2011 22:05:40 Zjištěno: not-a-virus:AdWare.Win32.Mostofate.cx C:\Program Files\InstallShield Installation Information\ICQToolbar\tbuCA5\tbupdate.cab/toolbaru.dll
7.2.2011 21:53:48 Zjištěno: HEUR:Trojan.Win32.Generic C:\Documents and Settings\Uživatel\Local Settings\temp\rescue32.exe
7.2.2011 21:05:29 Neošetřeno: HEUR:Trojan.Win32.Generic C:\OTM+Submit.rar/[4]-Submit_2011-01-11_18.04.48.zip/wuaucldt.exe Zápis není podporován
7.2.2011 21:05:29 Zjištěno: HEUR:Trojan.Win32.Generic C:\OTM+Submit.rar/[4]-Submit_2011-01-11_18.04.48.zip/wuaucldt.exe
7.2.2011 21:03:49 Bude umístěno do karantény při restartování systému: HEUR:Trojan.Win32.Generic C:\WINDOWS\System32\rescue32.exe
7.2.2011 21:03:30 Dezinfikováno: HEUR:Trojan.Win32.Generic HKEY_USERS\S-1-5-21-329068152-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\System Rescue
7.2.2011 21:03:23 Zjištěno: HEUR:Trojan.Win32.Generic C:\WINDOWS\System32\rescue32.exe
7.2.2011 20:55:19 Bude umístěno do karantény při restartování systému: HEUR:Trojan.Win32.Generic C:\WINDOWS\System32\rescue32.exe
7.2.2011 20:55:05 Dezinfikováno: HEUR:Trojan.Win32.Generic HKEY_USERS\S-1-5-21-329068152-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\System Rescue
7.2.2011 20:55:05 Dezinfikováno: HEUR:Trojan.Win32.Generic HKEY_USERS\S-1-5-21-329068152-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\System Rescue
7.2.2011 20:54:56 Zjištěno: HEUR:Trojan.Win32.Generic C:\WINDOWS\System32\rescue32.exe
7.2.2011 20:49:30 Úloha byla spuštěna
RSITLogfile of random's system information tool 1.06 (written by random/random)
Run by Uživatel at 2011-02-07 23:39:40
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (26%) free of 30 GB
Total RAM: 2047 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:39:50, on 7.2.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\OSCAR Editor\OscarEditor.exe
C:\Program Files\Olympus\ib\olycamdetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Uživatel\Plocha\Virus Removal Tool\setup_9.0.0.722_07.02.2011_14-06\setup_9.0.0.722_07.02.2011_14-06.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Uživatel\Plocha\RSIT.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\Uživatel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Policies\Explorer\Run: [System Rescue] C:\WINDOWS\system32\rescue32.exe
O4 - HKUS\S-1-5-21-329068152-1417001333-725345543-1011\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'postgreuser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Startup: setup_9.0.0.722_07.02.2011_14-06.lnk = ?
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Betway.com Poker - {4CBB5C71-1BA0-49ca-93CD-159AF8AA0CC9} - D:\Program Files\Betway\Poker\MPPoker.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: bw+0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {5E56CC67-E732-445F-ADAC-C8F64BB99F5E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 21591 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-10-17 2120768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-29 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-17 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-17 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-10-17 2120768]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-12 17531392]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"OscarEditor"=C:\Program Files\OSCAR Editor\OscarEditor.exe [2018-11-02 2820096]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2009-10-30 93376]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2424560]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"System Rescue"=C:\WINDOWS\system32\rescue32.exe [2009-03-21 108032]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
Photo Loader supervisory.lnk - C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
setup_9.0.0.722_07.02.2011_14-06.lnk - C:\Documents and Settings\Uživatel\Plocha\Virus Removal Tool\setup_9.0.0.722_07.02.2011_14-06\startup.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\BROOD\starcraft.exe"="C:\BROOD\starcraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Disabled:mIRC"
"D:\Teamspeak2_RC2\server_windows.exe"="D:\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"D:\Steam\steamapps\krtek3\counter-strike\hl.exe"="D:\Steam\steamapps\krtek3\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="D:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"D:\SIERRA\Half-Life\hl.exe"="D:\SIERRA\Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Sierra On-Line\SIGSPat.exe"="C:\Program Files\Sierra On-Line\SIGSPat.exe:*:Disabled:SIGSPat"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"D:\Program Files\Warcraft III\Warcraft III.exe"="D:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Program Files\Warcraft III\War3.exe"="D:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"D:\Steam\steamapps\krtek3\counter-strike source\hl2.exe"="D:\Steam\steamapps\krtek3\counter-strike source\hl2.exe:*:Enabled:hl2"
"D:\Steam\steam.exe"="D:\Steam\steam.exe:*:Enabled:Steam"
"D:\Steam\steamapps\krtek3\half-life deathmatch source\hl2.exe"="D:\Steam\steamapps\krtek3\half-life deathmatch source\hl2.exe:*:Enabled:hl2"
"D:\Steam\steamapps\krtek3\half-life 2 deathmatch\hl2.exe"="D:\Steam\steamapps\krtek3\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"D:\Steam\steamapps\krtek3\dedicated server\hltv.exe"="D:\Steam\steamapps\krtek3\dedicated server\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\Program Files\EA SPORTS\UEFA EURO 2008\EURO08.exe"="D:\Program Files\EA SPORTS\UEFA EURO 2008\EURO08.exe:*:Enabled:EURO08"
"D:\Steam\steamapps\ruza_\dedicated server\hltv.exe"="D:\Steam\steamapps\ruza_\dedicated server\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Documents and Settings\All Users\Dokumenty\CS1.6\hl.exe"="C:\Documents and Settings\All Users\Dokumenty\CS1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\CS1.6{47}\cstrike.exe"="D:\CS1.6{47}\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe"="C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Dyyno Receiver\DPPM.exe:*:Enabled:Dyyno Plugin Receiver"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Steam\steamapps\ruza_\dedicated server\hlds.exe"="D:\Steam\steamapps\ruza_\dedicated server\hlds.exe:*:Enabled:Dedicated Server"
"D:\Steam\steamapps\ruza_\counter-strike\hl.exe"="D:\Steam\steamapps\ruza_\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:System Rescue"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.scr - open - "" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2011-02-07 20:45:35 ----D---- C:\WINDOWS\LastGood
2011-01-20 19:26:30 ----D---- C:\Program Files\ICQ7.2
2011-01-16 12:36:35 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\SUPERAntiSpyware.com
2011-01-16 12:36:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-01-16 12:35:54 ----D---- C:\Program Files\SUPERAntiSpyware
2011-01-11 20:46:38 ----D---- C:\WINDOWS\ie8updates
2011-01-11 20:45:48 ----D---- C:\WINDOWS\WBEM
2011-01-11 20:44:52 ----HDC---- C:\WINDOWS\ie8
2011-01-11 20:44:52 ----D---- C:\WINDOWS\system32\cs-CZ
2011-01-11 20:27:17 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-01-11 20:13:54 ----D---- C:\rsit
2011-01-11 20:05:16 ----D---- C:\Program Files\CCleaner
2011-01-11 18:29:14 ----SHD---- C:\RECYCLER
2011-01-11 18:18:34 ----D---- C:\WINDOWS\temp
2011-01-11 17:02:13 ----RASHD---- C:\cmdcons
2011-01-11 16:37:54 ----D---- C:\WINDOWS\CSC
2011-01-10 19:24:00 ----N---- C:\SafeSurf ABUSE README.txt
2011-01-10 19:22:30 ----D---- C:\Program Files\SafeSurf
======List of files/folders modified in the last 1 months======
2011-02-07 22:05:50 ----D---- C:\WINDOWS\Prefetch
2011-02-07 21:38:38 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
2011-02-07 21:18:32 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org2
2011-02-07 20:54:57 ----D---- C:\WINDOWS
2011-02-07 20:46:53 ----SHD---- C:\System Volume Information
2011-02-07 20:45:47 ----D---- C:\WINDOWS\system32\drivers
2011-02-07 20:45:46 ----HD---- C:\WINDOWS\inf
2011-02-07 20:45:34 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-07 20:39:50 ----D---- C:\WINDOWS\Minidump
2011-02-07 20:39:50 ----D---- C:\WINDOWS\Debug
2011-02-07 20:36:16 ----AC---- C:\WINDOWS\system.ini
2011-02-07 20:14:20 ----SD---- C:\WINDOWS\Tasks
2011-02-07 20:12:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-07 20:12:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2011-02-07 20:12:11 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-02-07 11:34:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2011-02-04 02:23:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-02-04 01:35:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-01 23:06:52 ----D---- C:\WINDOWS\system32
2011-02-01 16:06:17 ----SD---- C:\Program Files\HLSW
2011-01-27 14:23:20 ----D---- C:\Program Files\Opera
2011-01-27 14:23:18 ----SHD---- C:\WINDOWS\Installer
2011-01-21 02:31:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-20 19:27:15 ----RD---- C:\Program Files
2011-01-17 21:12:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-01-16 12:28:35 ----D---- C:\Program Files\Trend Micro
2011-01-13 02:43:58 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-11 23:46:46 ----D---- C:\WINDOWS\Help
2011-01-11 23:46:46 ----D---- C:\Program Files\Internet Explorer
2011-01-11 20:45:53 ----D---- C:\WINDOWS\system32\config
2011-01-11 20:45:42 ----D---- C:\WINDOWS\Media
2011-01-11 20:27:23 ----D---- C:\WINDOWS\WinSxS
2011-01-11 20:27:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-01-11 20:12:59 ----D---- C:\Program Files\QIP
2011-01-11 20:12:06 ----D---- C:\Program Files\Ganymede
2011-01-11 18:11:10 ----D---- C:\WINDOWS\AppPatch
2011-01-11 18:11:08 ----D---- C:\Program Files\Common Files
2011-01-11 17:02:29 ----RASH---- C:\boot.ini
2011-01-11 16:24:52 ----D---- C:\Program Files\ESET
2011-01-11 14:03:55 ----D---- C:\Program Files\Alwil Software
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 67041521;67041521; C:\WINDOWS\system32\DRIVERS\67041521.sys [2009-09-25 128016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys []
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 setup_9.0.0.722_07.02.2011_14-06drv;setup_9.0.0.722_07.02.2011_14-06drv; C:\WINDOWS\system32\DRIVERS\6704152.sys [2009-10-09 315408]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-09-23 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-09-23 55936]
R2 PStrip;PStrip; C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 27992]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-09-20 223128]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-12 5051904]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-23 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-05 142336]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-03 17024]
S1 mkdrv;mkdrv; \??\C:\WINDOWS\sgope.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-03-22 17480]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\L8042mou.sys [2004-12-10 52992]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2004-12-10 24704]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2004-12-10 36480]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys [2004-12-10 68992]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-09-26 28816]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\System32\DRIVERS\sr.sys [2004-08-17 73344]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-17 153376]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2008-09-19 65536]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-09-24 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-09-24 214520]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 Viewpoint Service;Viewpoint Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2008-04-04 30152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-03-15 72704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Zpomalený PC
odinstaluj AVPTool
8) Po zkontrolování logu od rádce můžete AVPTool odinstalovat. V hlavním okně programu (pokud jste ho zavřeli, tak v adresáři, do kterého jste AVPTool nainstalovali, spusťte soubor Start.lnk - soubor s ikonou velkého K) klikněte vpravo dole na tlačítko Exit. Potvrďte, že chcete program ukončit i odinstalovat stiskem Yes a následně dvakrát stiskem Ano. Odsouhlasíte tak odinstalování AVPTool a nutný restart počítače.
proveď scan GMER podle návodu http://www.viry.cz/forum/viewtopic.php?f=29&t=62878oba logy sem vlož (pokud bude druhý moc velký, rozděl do více odpovědí)
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Zpomalený PC
GMER 1.0.15.15530 - http://www.gmer.netRootkit quick scan 2011-02-08 09:44:33
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-10 SAMSUNG_HD160JJ rev.ZM100-41
Running: gmer.exe; Driver: C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\pxtdrpoc.sys
---- System - GMER 1.0.15 ----
SSDT sptd.sys ZwEnumerateKey [0xB9EDCC7E]
SSDT sptd.sys ZwEnumerateValueKey [0xB9EDCFF6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB242E652]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9E2E2F0] atapi.sys[unknown section] {MOV EAX, 0x8a56a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xb9eed442; RET }
Device \Driver\atapi \Device\Ide\IdePort0 [B9E2E2F0] atapi.sys[unknown section] {MOV EAX, 0x8a56a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xb9eed442; RET }
Device \Driver\atapi \Device\Ide\IdePort1 [B9E2E2F0] atapi.sys[unknown section] {MOV EAX, 0x8a56a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xb9eed442; RET }
Device \Driver\atapi \Device\Ide\IdePort2 [B9E2E2F0] atapi.sys[unknown section] {MOV EAX, 0x8a56a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xb9eed442; RET }
Device \Driver\atapi \Device\Ide\IdePort3 [B9E2E2F0] atapi.sys[unknown section] {MOV EAX, 0x8a56a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xb9eed442; RET }
Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-10 [B9E2E2F0] atapi.sys[unknown section] {MOV EAX, 0x8a56a008; XCHG [ESP], EAX; PUSH EAX; PUSH 0xb9eed442; RET }
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port4Path0Target3Lun0 8A2F84A0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port4Path0Target1Lun0 8A2F84A0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port4Path0Target2Lun0 8A2F84A0
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port4Path0Target0Lun0 8A2F84A0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 8A2F84A0
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 8A56A3D0
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15530 - http://www.gmer.netRootkit scan 2011-02-08 15:06:16
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-10 SAMSUNG_HD160JJ rev.ZM100-41
Running: gmer.exe; Driver: C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\pxtdrpoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xB241A728]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xB24217EA]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateFile [0xB261F868]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xB24216A2]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateProcess [0xB261EE90]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateProcessEx [0xB261ED9C]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwCreateThread [0xB261F3FC]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwDeleteFile [0xB2620210]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xB2421CA8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xB2421BBE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xB2421276]
SSDT sptd.sys ZwEnumerateKey [0xB9EDCC7E]
SSDT sptd.sys ZwEnumerateValueKey [0xB9EDCFF6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xB241A7D8]
SSDT \SystemRoot\system32\drivers\sbhips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software, Inc.) ZwLoadDriver [0xB58FA01C]
SSDT \SystemRoot\system32\drivers\sbhips.sys (Sunbelt Personal Firewall Host Intrusion Prevention Driver/Sunbelt Software, Inc.) ZwMapViewOfSection [0xB58FA168]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwOpenFile [0xB261FB54]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xB242177E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xB24211B2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xB2421218]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xB241A870]
SSDT sptd.sys ZwQueryKey [0xB9EDD0C0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xB24218C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB2421D76]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xB2421880]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwResumeThread [0xB261F4EC]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwSetInformationFile [0xB261FE8C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xB2421A04]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB2524620]
SSDT \SystemRoot\system32\drivers\SbFw.sys (Sunbelt Personal Firewall driver/Sunbelt Software, Inc.) ZwWriteFile [0xB261FDE0]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB242E652]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
Re: Zpomalený PC
Je toho šíleně moc, tak na 5 příspěvků někam bych uploadnul texťák šlo by to?-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Zpomalený PC
klidně na pět - jinak bych to sem stejně musel dát já
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Zpomalený PC
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2398 80501288 4 Bytes JMP 24B24217
PAGE ntkrnlpa.exe!NtCreateSection 8059F56A 7 Bytes JMP B242E656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805B0A76 5 Bytes JMP B242A1EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805B7764 5 Bytes JMP B242BC88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? C:\WINDOWS\system32\drivers\sptd.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
? C:\WINDOWS\System32\Drivers\SPTD3469.SYS Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB4E59360, 0x307F47, 0xE8000020]
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 B4DFC4D0 16 Bytes [F6, 30, FF, 48, BD, 23, 92, ...]
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 + 11 B4DFC4E1 31 Bytes [B0, DF, B4, 6E, DE, F7, A2, ...]
? C:\WINDOWS\System32\Drivers\dtscsi.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.text C:\WINDOWS\system32\drivers\ACEDRV05.sys section is writeable [0xB2674000, 0x30A4A, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV05.sys entry point in ".pklstb" section [0xB26B6000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV05.sys unknown last section [0xB26D1000, 0x8E, 0x42000040]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\RTHDCPL.EXE[176] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WS2_32.dll!socket 71A93B91 5 Bytes JMP 001408C4
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00140838
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00140950
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 001407AC
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 00140720
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00140F54
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetConnectW 40C1F862 5 Bytes JMP 00140FE0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenA 40C2D690 5 Bytes JMP 00140D24
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00140DB0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00140E3C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00140EC8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00140F54
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetConnectW 40C1F862 5 Bytes JMP 00140FE0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenA 40C2D690 5 Bytes JMP 00140D24
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00140DB0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00140E3C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00140EC8
.text ntkrnlpa.exe!ZwCallbackReturn + 2398 80501288 4 Bytes JMP 24B24217
PAGE ntkrnlpa.exe!NtCreateSection 8059F56A 7 Bytes JMP B242E656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805B0A76 5 Bytes JMP B242A1EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805B7764 5 Bytes JMP B242BC88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? C:\WINDOWS\system32\drivers\sptd.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
? C:\WINDOWS\System32\Drivers\SPTD3469.SYS Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB4E59360, 0x307F47, 0xE8000020]
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 B4DFC4D0 16 Bytes [F6, 30, FF, 48, BD, 23, 92, ...]
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 + 11 B4DFC4E1 31 Bytes [B0, DF, B4, 6E, DE, F7, A2, ...]
? C:\WINDOWS\System32\Drivers\dtscsi.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.text C:\WINDOWS\system32\drivers\ACEDRV05.sys section is writeable [0xB2674000, 0x30A4A, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV05.sys entry point in ".pklstb" section [0xB26B6000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV05.sys unknown last section [0xB26D1000, 0x8E, 0x42000040]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\RTHDCPL.EXE[176] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\WINDOWS\RTHDCPL.EXE[176] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\RTHDCPL.EXE[176] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WS2_32.dll!socket 71A93B91 5 Bytes JMP 001408C4
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00140838
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00140950
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 001407AC
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 00140720
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00140F54
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetConnectW 40C1F862 5 Bytes JMP 00140FE0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenA 40C2D690 5 Bytes JMP 00140D24
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00140DB0
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00140E3C
.text C:\Program Files\Alwil Software\Avast5\avastUI.exe[240] WININET.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00140EC8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00140F54
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetConnectW 40C1F862 5 Bytes JMP 00140FE0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenA 40C2D690 5 Bytes JMP 00140D24
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00140DB0
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00140E3C
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[252] WININET.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00140EC8
Re: Zpomalený PC
.text C:\WINDOWS\system32\nvsvc32.exe[272] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!SetUnhandledExceptionFilter 7C8447ED 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] WS2_32.dll!socket 71A93B91 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00130F54
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetConnectW 40C1F862 5 Bytes JMP 00130FE0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenA 40C2D690 5 Bytes JMP 00130D24
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00130DB0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00130E3C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00130EC8
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000301A8
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00030090
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00030694
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000302C0
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00030234
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00030004
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0003011C
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000304F0
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0003057C
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000303D8
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0003034C
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00030464
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00030608
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] WS2_32.dll!socket 71A93B91 5 Bytes JMP 000308C4
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00030838
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00030950
.text C:\WINDOWS\system32\ctfmon.exe[644] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] WS2_32.dll!socket 71A93B91 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\spoolsv.exe[1112] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\spoolsv.exe[1112] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00080950
.text C:\WINDOWS\Explorer.EXE[1116] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000801A8
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00080090
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00080694
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000802C0
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00080234
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00080004
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0008011C
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000804F0
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0008057C
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000803D8
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0008034C
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00080464
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00080608
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00080F54
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetConnectW 40C1F862 5 Bytes JMP 00080FE0
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenA 40C2D690 5 Bytes JMP 00080D24
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00080DB0
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00080E3C
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00080EC8
.text C:\WINDOWS\Explorer.EXE[1116] WS2_32.dll!socket 71A93B91 5 Bytes JMP 000808C4
.text C:\WINDOWS\Explorer.EXE[1116] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00080838
.text C:\WINDOWS\Explorer.EXE[1116] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00080950
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001601A8
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00160090
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00160694
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessW 7C802332 5 Bytes JMP 001602C0
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessA 7C802367 5 Bytes JMP 00160234
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00160004
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0016011C
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001604F0
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateThread 7C810647 5 Bytes JMP 0016057C
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001603D8
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0016034C
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!WinExec 7C86158D 5 Bytes JMP 00160464
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00160608
.text C:\WINDOWS\system32\csrss.exe[1216] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 001607AC
.text C:\WINDOWS\system32\csrss.exe[1216] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 00160720
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1252] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1252] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001301A8
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00130090
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00130694
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001302C0
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00130234
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00130004
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0013011C
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001304F0
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0013057C
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001303D8
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0013034C
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00130464
.text C:\WINDOWS\system32\nvsvc32.exe[272] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00130608
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[272] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001301A8
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00130090
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00130694
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001302C0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00130234
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00130004
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0013011C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001304F0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0013057C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001303D8
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0013034C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!SetUnhandledExceptionFilter 7C8447ED 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00130464
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00130608
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] WS2_32.dll!socket 71A93B91 5 Bytes JMP 001308C4
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00130838
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00130950
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 001307AC
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 00130720
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00130F54
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetConnectW 40C1F862 5 Bytes JMP 00130FE0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenA 40C2D690 5 Bytes JMP 00130D24
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00130DB0
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00130E3C
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[412] wininet.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00130EC8
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000301A8
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00030090
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00030694
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000302C0
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00030234
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00030004
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0003011C
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000304F0
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0003057C
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000303D8
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0003034C
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00030464
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00030608
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] ADVAPI32.DLL!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] WS2_32.dll!socket 71A93B91 5 Bytes JMP 000308C4
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00030838
.text C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe[584] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00030950
.text C:\WINDOWS\system32\ctfmon.exe[644] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\ctfmon.exe[644] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[644] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarEditor.exe[688] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Olympus\ib\olycamdetect.exe[696] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000801A8
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00080090
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00080694
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000802C0
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00080234
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00080004
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0008011C
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000804F0
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0008057C
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000803D8
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0008034C
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00080464
.text C:\WINDOWS\system32\spoolsv.exe[1112] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00080608
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[1112] WS2_32.dll!socket 71A93B91 5 Bytes JMP 000808C4
.text C:\WINDOWS\system32\spoolsv.exe[1112] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00080838
.text C:\WINDOWS\system32\spoolsv.exe[1112] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00080950
.text C:\WINDOWS\Explorer.EXE[1116] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 000801A8
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00080090
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00080694
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 000802C0
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00080234
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00080004
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0008011C
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 000804F0
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0008057C
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 000803D8
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0008034C
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00080464
.text C:\WINDOWS\Explorer.EXE[1116] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00080608
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetConnectA 40C1DEAE 5 Bytes JMP 00080F54
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetConnectW 40C1F862 5 Bytes JMP 00080FE0
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenA 40C2D690 5 Bytes JMP 00080D24
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenW 40C2DB09 5 Bytes JMP 00080DB0
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenUrlA 40C2F3A4 5 Bytes JMP 00080E3C
.text C:\WINDOWS\Explorer.EXE[1116] WININET.dll!InternetOpenUrlW 40C76DDF 5 Bytes JMP 00080EC8
.text C:\WINDOWS\Explorer.EXE[1116] WS2_32.dll!socket 71A93B91 5 Bytes JMP 000808C4
.text C:\WINDOWS\Explorer.EXE[1116] WS2_32.dll!bind 71A93E00 5 Bytes JMP 00080838
.text C:\WINDOWS\Explorer.EXE[1116] WS2_32.dll!connect 71A9406A 5 Bytes JMP 00080950
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001601A8
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00160090
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00160694
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessW 7C802332 5 Bytes JMP 001602C0
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessA 7C802367 5 Bytes JMP 00160234
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00160004
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0016011C
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001604F0
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateThread 7C810647 5 Bytes JMP 0016057C
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001603D8
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0016034C
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!WinExec 7C86158D 5 Bytes JMP 00160464
.text C:\WINDOWS\system32\csrss.exe[1216] KERNEL32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00160608
.text C:\WINDOWS\system32\csrss.exe[1216] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 001607AC
.text C:\WINDOWS\system32\csrss.exe[1216] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 00160720
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes JMP 001401A8
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes JMP 00140090
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!WriteProcessMemory 7C80220F 5 Bytes JMP 00140694
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 001402C0
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessA 7C802367 5 Bytes JMP 00140234
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualAlloc 7C809A61 5 Bytes JMP 00140004
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!VirtualAllocEx 7C809A82 5 Bytes JMP 0014011C
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateRemoteThread 7C81043C 5 Bytes JMP 001404F0
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateThread 7C810647 5 Bytes JMP 0014057C
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessInternalW 7C819527 5 Bytes JMP 001403D8
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!CreateProcessInternalA 7C81DDE6 5 Bytes JMP 0014034C
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!WinExec 7C86158D 5 Bytes JMP 00140464
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] kernel32.dll!SetThreadContext 7C862C89 5 Bytes JMP 00140608
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!UnhookWindowsHookEx 7E36F21E 5 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!SetWindowsHookExW 7E37DDB5 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!SetWindowsHookExA 7E3811D1 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!SetWinEventHook 7E3817B7 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] USER32.dll!UnhookWinEvent 7E38186C 5 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!SetServiceObjectSecurity 77E26C29 5 Bytes JMP 64D09D40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfigA 77E26D11 5 Bytes JMP 64D07AE0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfigW 77E26EA9 5 Bytes JMP 64D07ED0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfig2A 77E26FA9 5 Bytes JMP 64D08290 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!ChangeServiceConfig2W 77E27031 5 Bytes JMP 64D083C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!CreateServiceA 77E270B9 5 Bytes JMP 64D06E40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!CreateServiceW 77E27251 5 Bytes JMP 64D072B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exe[1228] ADVAPI32.dll!DeleteService 77E27359 5 Bytes JMP 64D078E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1252] ntdll.dll!LdrLoadDll 7C915CBB 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[1252] ntdll.dll!LdrUnloadDll 7C916C83 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
Přispějete na provoz fóra?