Prosím o kontrolu logu

[jehoun]

Dobrý den, prosím o kontrolu logu. V startup manageru mám spouštění sshnas21.dll a Ed1.exe...

Bohužel sem log nemohu nahrát Tak ho dám jako odkaz, snad to nevadí? Předem děkuji za kontrolu.

Kód: Vybrat vše

http://rapidshare.com/files/360750571/log.txt.html

[jehoun]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jehoun at 2010-03-08 21:03:09
Microsoft Windows 7 Professional Service Pack 3
System drive C: has 19 GB (55%) free of 35 GB
Total RAM: 4095 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:10, on 8.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\TC UP\totalcmd.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Windows\Evomia.exe
C:\Users\Jehoun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jehoun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jehoun\AppData\Local\Google\Chrome\Application\chrome.exe
E:\Download\SmitfraudFix\Policies.exe
D:\Dokumenty\RSIT.exe
C:\Program Files (x86)\trend micro\Jehoun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [TC UP] "C:\Program Files (x86)\TC UP\TC UP.exe" /wnd=max
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7063 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146738775-2154181807-1878494979-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146738775-2154181807-1878494979-1001UA.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
Zynga Toolbar - C:\Program Files (x86)\Zynga\tbZyng.dll [2010-02-22 2353176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7b13ec3e-999a-4b70-b9cb-2617b8323822} - Zynga Toolbar - C:\Program Files (x86)\Zynga\tbZyng.dll [2010-02-22 2353176]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2009-06-04 25600]
"TC UP"=C:\Program Files (x86)\TC UP\TC UP.exe [2009-10-04 37376]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-02-11 2756488]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoTerm.exe"=C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe [2009-09-02 218384]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-03-08 21:03:09 ----D---- C:\rsit
2010-03-08 20:39:55 ----D---- C:\Program Files (x86)\trend micro
2010-03-08 20:11:42 ----A---- C:\Windows\system32\tmp.txt
2010-03-08 20:10:57 ----A---- C:\Windows\system32\WS2Fix.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\VCCLSID.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\VACFix.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\swxcacls.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\swsc.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\swreg.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\SrchSTS.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\Process.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\o4Patch.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\IEDFix.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\IEDFix.C.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\dumphive.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe
2010-03-08 20:10:57 ----A---- C:\Windows\system32\404Fix.exe
2010-03-08 18:16:39 ----D---- C:\Users\Jehoun\AppData\Roaming\XnView
2010-03-08 16:03:56 ----D---- C:\Users\Jehoun\AppData\Roaming\mkvtoolnix
2010-03-08 15:47:06 ----D---- C:\Program Files (x86)\Intelore
2010-03-08 15:08:38 ----D---- C:\Program Files (x86)\VideoLAN
2010-03-08 12:47:54 ----A---- C:\Windows\BsMobileModel.ini
2010-03-08 12:47:32 ----D---- C:\Windows\system32\ivtMobCache
2010-03-08 12:23:14 ----A---- C:\Windows\Evomia.exe
2010-03-08 11:51:41 ----D---- C:\Program Files (x86)\IVT Corporation
2010-03-08 11:51:22 ----D---- C:\Program Files (x86)\Nokia
2010-03-08 11:51:14 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2010-03-08 11:51:08 ----D---- C:\ProgramData\Installations
2010-03-08 10:13:00 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-03-08 10:13:00 ----D---- C:\Program Files (x86)\Adobe
2010-03-08 10:07:14 ----SHD---- C:\Config.Msi
2010-03-08 09:25:22 ----D---- C:\Program Files (x86)\Technisat
2010-03-08 09:00:05 ----D---- C:\Program Files (x86)\Zynga
2010-03-08 08:27:52 ----D---- C:\Program Files (x86)\Conduit
2010-03-08 08:25:22 ----D---- C:\Program Files (x86)\FFmpeg for Audacity
2010-03-08 08:24:31 ----D---- C:\Users\Jehoun\AppData\Roaming\Audacity
2010-03-08 08:24:23 ----D---- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2010-03-08 07:38:50 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-03-08 07:38:50 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-03-08 07:38:50 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-03-08 07:38:50 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-03-08 07:38:50 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-03-08 07:38:50 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-03-08 07:38:50 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-03-08 07:38:48 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-03-08 07:38:48 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-03-08 07:38:47 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-03-08 07:38:47 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-03-08 07:38:47 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-03-08 07:38:47 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-03-08 07:38:46 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-03-08 07:38:46 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-03-08 07:38:46 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-03-08 07:38:46 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-03-08 07:38:46 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-03-08 07:38:46 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-03-08 07:38:46 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-03-08 07:38:45 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-03-08 07:38:45 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-03-08 07:38:45 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-03-08 07:38:45 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-03-08 07:38:45 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-03-08 07:38:45 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-03-08 07:38:45 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-03-08 07:38:44 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-03-08 07:38:44 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-03-08 07:38:44 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-03-08 07:38:44 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-03-08 07:38:44 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-03-08 07:38:44 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-03-08 07:38:43 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-03-08 07:38:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-03-08 07:38:42 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-03-08 07:38:42 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-03-08 07:38:42 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-03-08 07:38:42 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-03-08 07:38:42 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-03-08 07:38:41 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-03-08 07:38:41 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-03-08 07:38:41 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-03-08 07:38:41 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-03-08 07:38:41 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-03-08 07:38:41 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-03-08 07:38:41 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-03-08 07:38:40 ----A---- C:\Windows\system32\xinput1_3.dll
2010-03-08 07:38:40 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-03-08 07:38:40 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-03-08 07:38:40 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-03-08 07:38:40 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-03-08 07:38:40 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-03-08 07:38:40 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-03-08 07:38:39 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-03-08 07:38:39 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-03-08 07:38:39 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-03-08 07:38:39 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-03-08 07:38:39 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-03-08 07:38:39 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-03-08 07:38:39 ----A---- C:\Windows\system32\d3dx10.dll
2010-03-08 07:38:38 ----A---- C:\Windows\system32\xinput1_2.dll
2010-03-08 07:38:38 ----A---- C:\Windows\system32\xinput1_1.dll
2010-03-08 07:38:38 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-03-08 07:38:38 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-03-08 07:38:38 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-03-08 07:38:38 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-03-08 07:38:36 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-03-08 07:38:36 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-03-08 07:38:36 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-03-08 07:38:36 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-03-08 07:38:35 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-03-08 07:38:35 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-03-08 07:38:35 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-03-08 07:38:35 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-03-08 07:38:34 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-03-08 07:36:42 ----D---- C:\Windows\system32\directx
2010-03-08 07:34:32 ----D---- C:\Users\Jehoun\AppData\Roaming\Media Player Classic
2010-03-07 22:58:00 ----D---- C:\ProgramData\Adobe
2010-03-07 21:48:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-03-07 21:38:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-07 21:37:54 ----D---- C:\Program Files (x86)\MSECache
2010-03-07 21:34:03 ----D---- C:\Program Files (x86)\Microsoft Works
2010-03-07 21:33:57 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-03-07 21:33:57 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2010-03-07 21:33:52 ----D---- C:\Windows\PCHEALTH
2010-03-07 21:33:52 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-03-07 21:32:20 ----D---- C:\ProgramData\Microsoft Help
2010-03-07 21:32:20 ----D---- C:\Program Files (x86)\Microsoft Office
2010-03-07 21:32:03 ----RHD---- C:\MSOCache
2010-03-07 21:04:29 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2010-03-07 21:04:20 ----D---- C:\Users\Jehoun\AppData\Roaming\DAEMON Tools Lite
2010-03-07 21:04:18 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-03-07 20:58:06 ----D---- C:\Users\Jehoun\AppData\Roaming\TweakNow RegCleaner
2010-03-07 20:58:06 ----D---- C:\Program Files (x86)\TweakNow RegCleaner
2010-03-07 20:40:38 ----D---- C:\ProgramData\NVIDIA Corporation
2010-03-07 20:40:28 ----A---- C:\Windows\system32\msvcp71.dll
2010-03-07 20:40:28 ----A---- C:\Windows\system32\MFC71.dll
2010-03-07 20:40:28 ----A---- C:\Windows\system32\DSETUP.dll
2010-03-07 20:40:28 ----A---- C:\Windows\system32\DolbyHph.dll
2010-03-07 20:40:28 ----A---- C:\Windows\system32\atl71.dll
2010-03-07 20:40:18 ----A---- C:\Windows\system32\msvcr71.dll
2010-03-07 20:23:47 ----D---- C:\Program Files (x86)\PCTV Systems
2010-03-07 20:23:47 ----D---- C:\Program Files (x86)\Common Files\PCTV Systems
2010-03-07 20:19:24 ----D---- C:\ProgramData\Sun
2010-03-07 20:19:24 ----D---- C:\Program Files (x86)\Common Files\Java
2010-03-07 20:19:12 ----A---- C:\Windows\system32\javaws.exe
2010-03-07 20:19:12 ----A---- C:\Windows\system32\javaw.exe
2010-03-07 20:19:12 ----A---- C:\Windows\system32\java.exe
2010-03-07 20:19:12 ----A---- C:\Windows\system32\deploytk.dll
2010-03-07 20:19:05 ----D---- C:\Program Files (x86)\Java
2010-03-07 20:16:03 ----D---- C:\Users\Jehoun\AppData\Roaming\Macromedia
2010-03-07 20:16:03 ----D---- C:\Users\Jehoun\AppData\Roaming\Adobe
2010-03-07 20:16:02 ----D---- C:\Windows\system32\Macromed
2010-03-07 20:11:17 ----D---- C:\ProgramData\PCTV Systems
2010-03-07 20:10:26 ----D---- C:\Users\Jehoun\AppData\Roaming\WinRAR
2010-03-07 20:04:16 ----D---- C:\Users\Jehoun\AppData\Roaming\ArcSoft
2010-03-07 19:51:43 ----D---- C:\Windows\ehome
2010-03-07 19:51:39 ----D---- C:\ProgramData\ArcSoft
2010-03-07 19:51:23 ----D---- C:\Program Files (x86)\ArcSoft
2010-03-07 19:50:50 ----D---- C:\Windows\Downloaded Installations
2010-03-07 19:42:45 ----A---- C:\Windows\system32\aswBoot.exe
2010-03-07 19:42:44 ----D---- C:\ProgramData\Alwil Software
2010-03-07 19:40:53 ----D---- C:\Users\Jehoun\AppData\Roaming\HEXelon
2010-03-07 19:40:35 ----D---- C:\Program Files (x86)\TC UP
2010-03-07 19:30:28 ----HD---- C:\Program Files (x86)\Creative Installation Information
2010-03-07 19:30:28 ----D---- C:\Program Files (x86)\Common Files\Creative
2010-03-07 19:30:22 ----D---- C:\Program Files (x86)\Common Files\Creative Labs Shared
2010-03-07 19:30:08 ----D---- C:\Program Files (x86)\Creative
2010-03-07 19:29:50 ----D---- C:\ProgramData\Creative
2010-03-07 19:29:50 ----A---- C:\Windows\system32\cttele32.dll
2010-03-07 19:29:42 ----D---- C:\Program Files (x86)\OpenAL
2010-03-07 19:29:42 ----A---- C:\Windows\system32\wrap_oal.dll
2010-03-07 19:29:42 ----A---- C:\Windows\system32\OpenAL32.dll
2010-03-07 19:29:42 ----A---- C:\Windows\system32\CmdRtr.DLL
2010-03-07 19:29:42 ----A---- C:\Windows\system32\APOMngr.DLL
2010-03-07 19:29:04 ----D---- C:\Windows\system32\Data
2010-03-07 19:29:04 ----A---- C:\Windows\system32\INRES.DLL
2010-03-07 19:28:54 ----A---- C:\Windows\system32\AppSetup.exe
2010-03-07 19:28:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-03-07 19:28:48 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-03-07 19:15:01 ----D---- C:\ProgramData\NVIDIA
2010-03-07 19:14:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-03-07 19:14:27 ----D---- C:\Program Files (x86)\AGEIA Technologies
2010-03-07 19:14:22 ----SHD---- C:\Windows\Installer
2010-03-07 19:14:19 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-03-07 19:13:42 ----A---- C:\Windows\system32\OpenCL.dll
2010-03-07 19:13:41 ----A---- C:\Windows\system32\nvwgf2um.dll
2010-03-07 19:13:39 ----A---- C:\Windows\system32\nvoglv32.dll
2010-03-07 19:13:39 ----A---- C:\Windows\system32\nvencodemft.dll
2010-03-07 19:13:39 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-03-07 19:13:38 ----A---- C:\Windows\system32\nvd3dum.dll
2010-03-07 19:13:38 ----A---- C:\Windows\system32\nvcuvid.dll
2010-03-07 19:13:38 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-03-07 19:13:38 ----A---- C:\Windows\system32\nvcuda.dll
2010-03-07 19:13:36 ----A---- C:\Windows\system32\nvcompiler.dll
2010-03-07 19:13:36 ----A---- C:\Windows\system32\nvapi.dll
2010-03-07 18:41:29 ----D---- C:\Windows\CheckSur
2010-03-07 18:30:47 ----A---- C:\Windows\system32\msv1_0.dll
2010-03-07 18:27:57 ----A---- C:\Windows\system32\wmploc.DLL
2010-03-07 18:27:56 ----A---- C:\Windows\system32\wmp.dll
2010-03-07 18:27:56 ----A---- C:\Windows\system32\CertEnroll.dll
2010-03-07 18:27:39 ----A---- C:\Windows\system32\psisdecd.dll
2010-03-07 18:27:39 ----A---- C:\Windows\system32\CPFilters.dll
2010-03-07 18:27:38 ----A---- C:\Windows\system32\explorer.exe
2010-03-07 18:27:38 ----A---- C:\Windows\explorer.exe
2010-03-07 18:27:37 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-03-07 18:27:37 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-03-07 18:27:37 ----A---- C:\Windows\system32\secproc_isv.dll
2010-03-07 18:27:37 ----A---- C:\Windows\system32\secproc.dll
2010-03-07 18:27:37 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-03-07 18:27:37 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-03-07 18:27:37 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-03-07 18:27:37 ----A---- C:\Windows\system32\RMActivate.exe
2010-03-07 18:27:27 ----A---- C:\Windows\system32\mshtml.dll
2010-03-07 18:27:27 ----A---- C:\Windows\system32\ieframe.dll
2010-03-07 18:27:26 ----A---- C:\Windows\system32\wininet.dll
2010-03-07 18:27:26 ----A---- C:\Windows\system32\urlmon.dll
2010-03-07 18:27:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-03-07 18:27:26 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-07 18:27:25 ----A---- C:\Windows\system32\tzres.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\tsbyuv.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\t2embed.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\quartz.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\msyuv.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\msvidc32.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\msrle32.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\mciavi32.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\jscript.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\iyuv_32.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\fontsub.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\avifil32.dll
2010-03-07 18:27:13 ----A---- C:\Windows\system32\atmfd.dll
2010-03-07 18:27:12 ----A---- C:\Windows\system32\wow32.dll
2010-03-07 18:27:12 ----A---- C:\Windows\system32\user.exe
2010-03-07 18:27:12 ----A---- C:\Windows\system32\setup16.exe
2010-03-07 18:27:12 ----A---- C:\Windows\system32\ntvdm64.dll
2010-03-07 18:27:12 ----A---- C:\Windows\system32\msasn1.dll
2010-03-07 18:27:12 ----A---- C:\Windows\system32\instnm.exe
2010-03-07 18:14:51 ----D---- C:\Users\Jehoun\AppData\Roaming\Identities
2010-03-07 18:14:34 ----SD---- C:\Users\Jehoun\AppData\Roaming\Microsoft
2010-03-07 18:14:34 ----D---- C:\Users\Jehoun\AppData\Roaming\Media Center Programs
2010-03-07 18:13:19 ----SHD---- C:\Recovery
2010-03-07 18:13:18 ----SHD---- C:\ProgramData\Šablony
2010-03-07 18:13:18 ----SHD---- C:\ProgramData\Plocha
2010-03-07 18:13:18 ----SHD---- C:\ProgramData\Oblíbené položky
2010-03-07 18:13:18 ----SHD---- C:\ProgramData\Nabídka Start
2010-03-07 18:13:18 ----SHD---- C:\ProgramData\Dokumenty
2010-03-07 18:13:18 ----SHD---- C:\ProgramData\Data aplikací
2010-03-07 18:10:28 ----D---- C:\Windows\SoftwareDistribution
2010-03-07 18:08:00 ----D---- C:\Windows\Prefetch
2010-03-07 18:07:46 ----SHD---- C:\System Volume Information
2010-03-07 18:07:01 ----D---- C:\Windows\Panther
2010-03-07 18:06:49 ----RASH---- C:\BOOTSECT.BAK
2010-03-07 18:06:48 ----SHD---- C:\Boot

======List of files/folders modified in the last 3 months======

2010-03-08 21:03:09 ----D---- C:\Windows\Temp
2010-03-08 20:53:17 ----D---- C:\Windows\System32
2010-03-08 20:53:17 ----D---- C:\Windows\inf
2010-03-08 20:49:01 ----D---- C:\Windows\Tasks
2010-03-08 20:45:56 ----D---- C:\Windows\SysWOW64
2010-03-08 20:43:20 ----D---- C:\Windows
2010-03-08 20:39:55 ----RD---- C:\Program Files (x86)
2010-03-08 13:11:58 ----D---- C:\Windows\winsxs
2010-03-08 12:55:04 ----D---- C:\Windows\system32\drivers
2010-03-08 11:51:20 ----RD---- C:\Program Files
2010-03-08 11:51:08 ----HD---- C:\ProgramData
2010-03-08 10:13:00 ----D---- C:\Program Files (x86)\Common Files
2010-03-08 10:08:52 ----D---- C:\Windows\system32\cs-CZ
2010-03-08 10:08:52 ----D---- C:\Windows\ShellNew
2010-03-08 10:08:52 ----D---- C:\Windows\PolicyDefinitions
2010-03-08 08:27:51 ----RD---- C:\Users
2010-03-08 07:38:38 ----RSD---- C:\Windows\assembly
2010-03-08 07:38:34 ----D---- C:\Windows\Microsoft.NET
2010-03-08 07:36:42 ----D---- C:\Windows\Logs
2010-03-07 22:17:34 ----SD---- C:\ProgramData\Microsoft
2010-03-07 21:36:40 ----N---- C:\Windows\win.ini
2010-03-07 21:36:39 ----D---- C:\Program Files (x86)\Common Files\System
2010-03-07 21:35:46 ----RSD---- C:\Windows\Fonts
2010-03-07 21:35:42 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-03-07 20:49:47 ----D---- C:\Program Files (x86)\Windows Media Player
2010-03-07 19:33:02 ----D---- C:\Windows\Downloaded Program Files
2010-03-07 19:14:42 ----D---- C:\Windows\Help
2010-03-07 18:37:10 ----D---- C:\Windows\AppPatch
2010-03-07 18:32:15 ----D---- C:\Program Files (x86)\Internet Explorer
2010-03-07 18:30:05 ----D---- C:\Windows\debug
2010-03-07 18:14:47 ----SHD---- C:\$Recycle.Bin
2010-03-07 18:13:36 ----D---- C:\Windows\rescache
2010-03-07 18:08:19 ----D---- C:\Windows\CSC
2010-03-07 18:06:35 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 archlp;archlp; C:\Windows\system32\drivers\archlp.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys []
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys []
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys []
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys []
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys []
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys []
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys []
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys []
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys []
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys []
R3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\Windows\system32\DRIVERS\bthmodem.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys []
R3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice; C:\Windows\system32\DRIVERS\CompositeBus.sys []
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys []
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys []
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS []
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys []
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys []
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys []
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys []
R3 HidBth;Miniport Microsoft Bluetooth HID; C:\Windows\system32\DRIVERS\hidbth.sys []
R3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys []
R3 intelppm;Ovladač procesoru Intel; C:\Windows\system32\DRIVERS\intelppm.sys []
R3 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys []
R3 mouhid;Ovladač myši standardu HID; C:\Windows\system32\DRIVERS\mouhid.sys []
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys []
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys []
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys []
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB64.sys []
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys []
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys []
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys []
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys []
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys []
R3 usbehci;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys []
R3 usbhub;Ovladač standardního rozbočovače USB; C:\Windows\system32\DRIVERS\usbhub.sys []
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS []
R3 usbuhci;Ovladač miniportu univerzálního hostitelského řadiče Microsoft USB; C:\Windows\system32\DRIVERS\usbuhci.sys []
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S1 nvport;NVIDIA PORT IO Control Driver; \??\C:\Windows\system32\Drivers\nvport.sys [2006-05-05 4608]
S1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys []
S3 a875rf3p;a875rf3p; C:\Windows\system32\drivers\a875rf3p.sys []
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys []
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys []
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys []
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys []
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys []
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys []
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys []
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys []
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys []
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys []
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys []
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys []
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys []
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys []
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys []
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys []
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
S3 Compbatt;Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS []
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS []
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS []
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys []
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys []
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys []
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys []
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys []
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys []
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys []
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys []
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys []
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys []
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys []
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys []
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys []
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys []
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys []
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys []
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys []
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys []
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys []
S3 msahci;msahci; C:\Windows\system32\DRIVERS\msahci.sys []
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys []
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []
S3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys []
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys []
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys []
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys []
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys []
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys []
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys []
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2006-03-29 9856]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys []
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys []
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys []
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys []
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys []
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys []
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys []
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys []
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys []
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys []
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys []
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys []
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys []
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys []
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys []
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbohci.sys []
S3 usbprint;Třída USB Printer; C:\Windows\system32\DRIVERS\usbprint.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys []
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys []
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys []
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys []
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys []
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys []
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys []

[jehoun]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 2287360]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-03-07 79360]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42840]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 856384]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe []
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe []
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 194048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe []
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 fdPHost;Hostitel poskytovatele rozpoznávání funkce; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 SCPolicySvc;Zásady odebrání čipové karty; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 SDRSVC;Windows Zálohování; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 TabletInputService;Služba Vstupní panel počítače Tablet PC; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 UI0Detect;Zjišťování interaktivních služeb; C:\Windows\system32\UI0Detect.exe []
S4 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WerSvc;Služba Zasílání zpráv o chybách systému Windows; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WinHttpAutoProxySvc;Služba WinHTTP WPAD; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WinRM;Vzdálená správa systému Windows (WS-Management); C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe []

-----------------EOF-----------------

Výpis logu viz odkaz výše...

[motji]

Dobrý večer

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[jehoun]

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3838
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

8.3.2010 23:40:08
mbam-log-2010-03-08 (23-40-08).txt

Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 188422
Uplynulý čas: 18 minute(s), 3 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 0
Infikované datové položky registru: 1
Infikované adresáře: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> No action taken.

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.

[motji]

Vše smažte

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.



Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
- otevře se okno, v něm zaškrtněte Scan All Users ,
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
CREATERESTOREPOINT

-klikněte na tlačítko Run scan.
-proběhne sken a objeví se dva logy, obsah obou vložte zde

[jehoun]

OTL logfile created on: 8.3.2010 23:57:00 - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Users\Jehoun\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 18,85 Gb Free Space | 55,14% Space Free | Partition Type: NTFS
Drive D: | 897,33 Gb Total Space | 877,62 Gb Free Space | 97,80% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 45,26 Gb Free Space | 4,86% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 0,97 Gb Free Space | 0,07% Space Free | Partition Type: NTFS
Drive G: | 1397,26 Gb Total Space | 2,71 Gb Free Space | 0,19% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: Jehoun
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.03.08 23:56:10 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Jehoun\Desktop\OTL.exe
PRC - [2010.02.11 19:53:42 | 002,756,488 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.02.11 19:53:39 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.09.24 06:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files (x86)\TC UP\TOTALCMD.EXE
PRC - [2009.09.02 16:29:58 | 000,218,384 | ---- | M] (PCTV Systems S.à r.l.) -- C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe
PRC - [2009.06.04 00:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2009.06.04 00:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (SafeList) ==========

MOD - [2010.03.08 23:56:10 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Jehoun\Desktop\OTL.exe
MOD - [2009.07.14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009.07.14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.02.11 19:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.02.11 19:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.02.11 19:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.09.12 00:40:22 | 002,287,360 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag)
SRV:64bit: - [2009.07.14 02:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009.07.14 02:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009.07.14 02:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 02:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009.07.14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009.07.14 02:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009.07.14 02:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009.07.14 02:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 02:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009.07.14 02:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009.07.14 02:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009.07.14 02:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009.07.14 02:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009.07.14 02:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009.07.14 02:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009.07.14 02:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009.07.14 02:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 02:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009.07.14 02:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009.07.14 02:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 02:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009.07.14 02:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009.07.14 02:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009.07.14 02:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV - [2010.03.07 19:30:22 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009.07.14 04:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009.07.14 04:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) Služba DTC (Distributed Transaction Coordinator)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.13 21:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009.06.10 21:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.03.07 21:04:47 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.02.11 19:42:38 | 000,051,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2010.02.11 19:42:19 | 000,120,912 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2010.02.11 19:39:04 | 000,028,752 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2010.02.11 19:38:49 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.02.11 19:38:25 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2010.01.13 08:19:10 | 000,142,848 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcHlp.sys -- (archlp)
DRV:64bit: - [2010.01.04 17:31:50 | 000,043,272 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb)
DRV:64bit: - [2009.09.24 13:38:48 | 000,027,776 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2009.09.24 05:40:14 | 000,023,304 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2009.08.26 11:16:52 | 000,030,344 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,153,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009.07.14 02:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009.07.14 02:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009.07.14 02:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 02:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 02:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009.07.14 02:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009.07.14 02:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009.07.14 02:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009.07.14 02:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009.07.14 01:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009.07.14 01:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009.07.14 01:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009.07.14 01:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009.07.14 01:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009.07.14 01:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009.07.14 01:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009.07.14 01:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Zařízení Bluetooth (síť PAN)
DRV:64bit: - [2009.07.14 01:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2009.07.14 01:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Zařízení Bluetooth (RFCOMM protokol TDI)
DRV:64bit: - [2009.07.14 01:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2009.07.14 01:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2009.07.14 01:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009.07.14 01:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009.07.14 01:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009.07.14 01:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009.07.14 01:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009.07.14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009.07.14 00:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009.07.14 00:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009.07.14 00:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 00:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 00:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009.07.14 00:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009.07.14 00:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009.07.14 00:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009.07.14 00:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.07.14 00:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:32:37 | 001,627,520 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ph3xIB64.sys -- (Ph3xIB64)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 02:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2009.06.04 02:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2009.06.04 02:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2009.06.04 02:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2009.06.04 02:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2009.06.04 02:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2009.06.04 02:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2009.06.04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2009.06.04 02:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2009.06.04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2009.06.04 02:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2009.06.04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2009.06.04 02:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2010.03.07 18:08:19 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009.06.10 22:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009.06.10 22:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006.05.05 19:21:00 | 000,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\nvport.sys -- (nvport)
DRV - [2006.03.29 08:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2006.01.13 14:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\vd_filedisk.sys -- (VD_FileDisk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AC 3C 66 D5 19 BE CA 01 [binary data]
IE - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010.03.08 20:29:22 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [TC UP] C:\Program Files (x86)\TC UP\TC UP.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4146738775-2154181807-1878494979-1001..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe (PCTV Systems S.à r.l.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 04:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010.03.08 23:56:06 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Users\Jehoun\Desktop\OTL.exe
[2010.03.08 23:53:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.03.08 22:26:29 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\Malwarebytes
[2010.03.08 22:26:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.08 22:26:24 | 000,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.08 22:26:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.03.08 22:26:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.03.08 21:52:56 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.08 21:44:51 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\FreeFixer
[2010.03.08 21:42:08 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010.03.08 21:24:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.03.08 21:24:45 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\SUPERAntiSpyware.com
[2010.03.08 21:24:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware
[2010.03.08 20:39:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.03.08 20:10:57 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
[2010.03.08 20:10:57 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
[2010.03.08 20:10:57 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
[2010.03.08 20:10:57 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
[2010.03.08 20:10:57 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
[2010.03.08 18:16:39 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\XnView
[2010.03.08 16:03:56 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\mkvtoolnix
[2010.03.08 15:47:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intelore
[2010.03.08 15:08:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.03.08 12:54:28 | 000,043,272 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys
[2010.03.08 12:54:28 | 000,016,392 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\btinstall.dll
[2010.03.08 12:47:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ivtMobCache
[2010.03.08 12:10:14 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2010.03.08 11:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IVT Corporation
[2010.03.08 11:51:23 | 000,066,560 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsx64.dll
[2010.03.08 11:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010.03.08 11:51:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.03.08 11:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2010.03.08 10:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.03.08 10:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.03.08 10:07:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.03.08 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Adobe
[2010.03.08 09:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Technisat
[2010.03.08 09:00:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zynga
[2010.03.08 08:31:04 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Conduit
[2010.03.08 08:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.03.08 08:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FFmpeg for Audacity
[2010.03.08 08:24:31 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\Audacity
[2010.03.08 08:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2010.03.08 07:38:50 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.03.08 07:38:50 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.03.08 07:38:50 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.03.08 07:38:50 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.03.08 07:38:50 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.03.08 07:38:50 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.03.08 07:38:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.03.08 07:38:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.03.08 07:38:50 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.03.08 07:38:50 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.03.08 07:38:50 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.03.08 07:38:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.03.08 07:38:50 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.03.08 07:38:50 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.03.08 07:38:48 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.03.08 07:38:48 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.03.08 07:38:48 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.03.08 07:38:48 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.03.08 07:38:47 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.03.08 07:38:47 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.03.08 07:38:47 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.03.08 07:38:47 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.03.08 07:38:47 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.03.08 07:38:47 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.03.08 07:38:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.03.08 07:38:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.03.08 07:38:46 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.03.08 07:38:46 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.03.08 07:38:46 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.03.08 07:38:46 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.03.08 07:38:46 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.03.08 07:38:46 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.03.08 07:38:46 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.03.08 07:38:46 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.03.08 07:38:46 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.03.08 07:38:46 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.03.08 07:38:46 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.03.08 07:38:46 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.03.08 07:38:46 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.03.08 07:38:46 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.03.08 07:38:45 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.03.08 07:38:45 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.03.08 07:38:45 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.03.08 07:38:45 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.03.08 07:38:45 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.03.08 07:38:45 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.03.08 07:38:45 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.03.08 07:38:45 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.03.08 07:38:45 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.03.08 07:38:45 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.03.08 07:38:45 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.03.08 07:38:45 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.03.08 07:38:45 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.03.08 07:38:45 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.03.08 07:38:44 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.03.08 07:38:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.03.08 07:38:44 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.03.08 07:38:44 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.03.08 07:38:44 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.03.08 07:38:44 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.03.08 07:38:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.03.08 07:38:44 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.03.08 07:38:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.03.08 07:38:44 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.03.08 07:38:44 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.03.08 07:38:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.03.08 07:38:43 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.03.08 07:38:43 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.03.08 07:38:43 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.03.08 07:38:43 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.03.08 07:38:43 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.03.08 07:38:43 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.03.08 07:38:43 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.03.08 07:38:43 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.03.08 07:38:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.03.08 07:38:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.03.08 07:38:43 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.03.08 07:38:43 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.03.08 07:38:43 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.03.08 07:38:43 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.03.08 07:38:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.03.08 07:38:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.03.08 07:38:42 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.03.08 07:38:42 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.03.08 07:38:42 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.03.08 07:38:42 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.03.08 07:38:42 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.03.08 07:38:42 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.03.08 07:38:42 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.03.08 07:38:42 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.03.08 07:38:42 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.03.08 07:38:42 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.03.08 07:38:42 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.03.08 07:38:42 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.03.08 07:38:41 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.03.08 07:38:41 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.03.08 07:38:41 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.03.08 07:38:41 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.03.08 07:38:41 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.03.08 07:38:41 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.03.08 07:38:41 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.03.08 07:38:41 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.03.08 07:38:41 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.03.08 07:38:41 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.03.08 07:38:41 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.03.08 07:38:41 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.03.08 07:38:41 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.03.08 07:38:41 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.03.08 07:38:40 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.03.08 07:38:40 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.03.08 07:38:40 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.03.08 07:38:40 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.03.08 07:38:40 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.03.08 07:38:40 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.03.08 07:38:40 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.03.08 07:38:40 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.03.08 07:38:40 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.03.08 07:38:40 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.03.08 07:38:40 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.03.08 07:38:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.03.08 07:38:40 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.03.08 07:38:40 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.03.08 07:38:39 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.03.08 07:38:39 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.03.08 07:38:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.03.08 07:38:39 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.03.08 07:38:39 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.03.08 07:38:39 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.03.08 07:38:39 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.03.08 07:38:39 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.03.08 07:38:39 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.03.08 07:38:39 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.03.08 07:38:39 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.03.08 07:38:39 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.03.08 07:38:39 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.03.08 07:38:39 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.03.08 07:38:38 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.03.08 07:38:38 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.03.08 07:38:38 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.03.08 07:38:38 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.03.08 07:38:38 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.03.08 07:38:38 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.03.08 07:38:38 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.03.08 07:38:38 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.03.08 07:38:38 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.03.08 07:38:38 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.03.08 07:38:38 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.03.08 07:38:38 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.03.08 07:38:36 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.03.08 07:38:36 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.03.08 07:38:36 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.03.08 07:38:36 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.03.08 07:38:36 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.03.08 07:38:36 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.03.08 07:38:36 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.03.08 07:38:36 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.03.08 07:38:35 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.03.08 07:38:35 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.03.08 07:38:35 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.03.08 07:38:35 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.03.08 07:38:35 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.03.08 07:38:35 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.03.08 07:38:35 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.03.08 07:38:35 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.03.08 07:38:34 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.03.08 07:38:34 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

[jehoun]

[2010.03.08 07:36:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.03.08 07:34:32 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\Media Player Classic
[2010.03.07 22:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.03.07 21:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.03.07 21:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2010.03.07 21:37:19 | 000,000,000 | ---D | C] -- D:\Dokumenty\Zaloha SAT
[2010.03.07 21:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010.03.07 21:33:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010.03.07 21:33:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.03.07 21:33:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.03.07 21:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.03.07 21:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.03.07 21:32:22 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Microsoft Help
[2010.03.07 21:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010.03.07 21:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.03.07 21:32:03 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.03.07 21:04:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.03.07 21:04:20 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\DAEMON Tools Lite
[2010.03.07 21:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.03.07 20:58:06 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\TweakNow RegCleaner
[2010.03.07 20:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow RegCleaner
[2010.03.07 20:55:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oodag
[2010.03.07 20:54:40 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\O&O
[2010.03.07 20:54:24 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2010.03.07 20:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.03.07 20:40:28 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll
[2010.03.07 20:40:28 | 000,671,744 | ---- | C] (Lake Technology Limited, http://www.lake.com.au) -- C:\Windows\SysWow64\DolbyHph.dll
[2010.03.07 20:40:28 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.03.07 20:40:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl71.dll
[2010.03.07 20:40:28 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DSETUP.dll
[2010.03.07 20:40:27 | 000,009,856 | ---- | C] (Padus, Inc.) -- C:\Windows\SysWow64\drivers\pfc.sys
[2010.03.07 20:40:27 | 000,004,608 | ---- | C] (NVIDIA Corporation.) -- C:\Windows\SysWow64\drivers\nvport.sys
[2010.03.07 20:40:18 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.03.07 20:26:28 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\PCTV Systems
[2010.03.07 20:23:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCTV Systems
[2010.03.07 20:23:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PCTV Systems
[2010.03.07 20:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.03.07 20:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.03.07 20:19:12 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2010.03.07 20:19:12 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.03.07 20:19:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.03.07 20:19:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.03.07 20:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.03.07 20:16:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010.03.07 20:16:03 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\Macromedia
[2010.03.07 20:16:03 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\Adobe
[2010.03.07 20:16:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.03.07 20:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems
[2010.03.07 20:10:26 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\WinRAR
[2010.03.07 20:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.03.07 20:04:16 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\ArcSoft
[2010.03.07 19:51:43 | 000,000,000 | ---D | C] -- C:\Windows\ehome
[2010.03.07 19:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2010.03.07 19:51:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2010.03.07 19:50:50 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010.03.07 19:43:19 | 000,022,096 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.03.07 19:43:18 | 000,120,912 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.03.07 19:43:18 | 000,028,752 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.03.07 19:43:17 | 000,051,280 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.03.07 19:43:15 | 000,063,568 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.03.07 19:42:45 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.03.07 19:42:45 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\SysWow64\avastSS.scr
[2010.03.07 19:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.03.07 19:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.03.07 19:41:52 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\GHISLER
[2010.03.07 19:40:53 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\HEXelon
[2010.03.07 19:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TC UP
[2010.03.07 19:30:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2010.03.07 19:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2010.03.07 19:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2010.03.07 19:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010.03.07 19:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2010.03.07 19:29:50 | 000,102,400 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\cttele32.dll
[2010.03.07 19:29:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2010.03.07 19:29:49 | 000,107,008 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\cttele64.dll
[2010.03.07 19:29:42 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.03.07 19:29:42 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.03.07 19:29:42 | 000,121,880 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.03.07 19:29:42 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.03.07 19:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010.03.07 19:29:04 | 000,012,288 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\INRES.DLL
[2010.03.07 19:29:04 | 000,011,776 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysWow64\INRES.DLL
[2010.03.07 19:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2010.03.07 19:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2010.03.07 19:28:54 | 022,691,984 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\AppSetup.exe
[2010.03.07 19:28:52 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.03.07 19:28:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.03.07 19:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.03.07 19:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.03.07 19:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2010.03.07 19:14:22 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.03.07 19:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.03.07 19:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.03.07 19:13:42 | 000,930,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe
[2010.03.07 19:13:42 | 000,068,200 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.03.07 19:13:42 | 000,065,640 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.03.07 19:13:42 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2010.03.07 19:13:41 | 020,469,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2010.03.07 19:13:41 | 006,020,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2010.03.07 19:13:41 | 004,321,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2010.03.07 19:13:39 | 014,924,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2010.03.07 19:13:39 | 011,862,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2010.03.07 19:13:39 | 004,645,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvencodemft.dll
[2010.03.07 19:13:39 | 004,338,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvencodemft.dll
[2010.03.07 19:13:39 | 000,386,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2010.03.07 19:13:39 | 000,318,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2010.03.07 19:13:38 | 009,388,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2010.03.07 19:13:38 | 004,325,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2010.03.07 19:13:38 | 004,077,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2010.03.07 19:13:38 | 004,061,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2010.03.07 19:13:38 | 002,332,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2010.03.07 19:13:38 | 002,243,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2010.03.07 19:13:36 | 016,051,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2010.03.07 19:13:36 | 011,639,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2010.03.07 19:13:36 | 005,416,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2010.03.07 19:13:36 | 001,579,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2010.03.07 19:13:36 | 001,280,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2010.03.07 19:13:36 | 000,202,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod189.dll
[2010.03.07 19:13:36 | 000,202,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll
[2010.03.07 18:47:24 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Google
[2010.03.07 18:47:14 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Deployment
[2010.03.07 18:47:14 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Apps
[2010.03.07 18:42:35 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\ElevatedDiagnostics
[2010.03.07 18:41:29 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010.03.07 18:27:57 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.03.07 18:27:57 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.03.07 18:27:56 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.03.07 18:27:56 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.03.07 18:27:56 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.03.07 18:27:56 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.03.07 18:27:39 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.03.07 18:27:39 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.03.07 18:27:39 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.03.07 18:27:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.03.07 18:27:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.03.07 18:27:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.03.07 18:27:38 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.03.07 18:27:38 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.03.07 18:27:38 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.03.07 18:27:37 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.03.07 18:27:37 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.03.07 18:27:37 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.03.07 18:27:37 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.03.07 18:27:37 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.03.07 18:27:37 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.03.07 18:27:37 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.03.07 18:27:37 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.03.07 18:27:37 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.03.07 18:27:37 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.03.07 18:27:37 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.03.07 18:27:37 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.03.07 18:27:37 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.03.07 18:27:37 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.03.07 18:27:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.03.07 18:27:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.03.07 18:27:27 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.03.07 18:27:26 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.03.07 18:27:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.03.07 18:27:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.03.07 18:27:26 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.03.07 18:27:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.03.07 18:27:14 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.03.07 18:27:13 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.03.07 18:27:13 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.03.07 18:27:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.03.07 18:27:13 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.03.07 18:27:13 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.03.07 18:27:13 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.03.07 18:27:13 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.03.07 18:27:13 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.03.07 18:27:13 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.03.07 18:27:13 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.03.07 18:27:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.03.07 18:27:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010.03.07 18:27:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010.03.07 18:27:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010.03.07 18:27:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010.03.07 18:27:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010.03.07 18:27:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.03.07 18:27:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.03.07 18:27:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.03.07 18:27:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.03.07 18:27:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.03.07 18:27:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.03.07 18:27:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.03.07 18:14:59 | 000,000,000 | R--D | C] -- C:\Users\Jehoun\Searches
[2010.03.07 18:14:51 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\Identities
[2010.03.07 18:14:45 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\VirtualStore
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\AppData\Local\Temporary Internet Files
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Šablony
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Soubory cookie
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\SendTo
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Poslední
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Okolní tiskárny
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Okolní síť
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Nabídka Start
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Local Settings
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\AppData\Local\History
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Dokumenty
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\Data aplikací
[2010.03.07 18:14:35 | 000,000,000 | -HSD | C] -- C:\Users\Jehoun\AppData\Local\Data aplikací
[2010.03.07 18:14:34 | 000,000,000 | --SD | C] -- C:\Users\Jehoun\AppData\Roaming\Microsoft
[2010.03.07 18:14:34 | 000,000,000 | R--D | C] -- C:\Users\Jehoun\Favorites
[2010.03.07 18:14:34 | 000,000,000 | R--D | C] -- C:\Users\Jehoun\Desktop
[2010.03.07 18:14:34 | 000,000,000 | -H-D | C] -- C:\Users\Jehoun\AppData
[2010.03.07 18:14:34 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Temp
[2010.03.07 18:14:34 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Local\Microsoft
[2010.03.07 18:14:34 | 000,000,000 | ---D | C] -- C:\Users\Jehoun\AppData\Roaming\Media Center Programs
[2010.03.07 18:13:19 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2010.03.07 18:13:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2010.03.07 18:10:28 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.03.07 18:08:00 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.03.07 18:07:46 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.03.07 18:07:01 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.03.07 18:06:48 | 000,000,000 | -HSD | C] -- C:\Boot
[2009.06.04 00:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010.03.08 23:58:03 | 001,310,720 | ---- | M] () -- C:\Users\Jehoun\NTUSER.DAT
[2010.03.08 23:57:40 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.08 23:57:40 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.08 23:56:10 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Users\Jehoun\Desktop\OTL.exe
[2010.03.08 23:53:20 | 000,001,898 | ---- | M] () -- C:\Users\Jehoun\Desktop\CCleaner.lnk
[2010.03.08 23:52:06 | 001,395,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.03.08 23:52:06 | 000,604,786 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.03.08 23:52:06 | 000,588,852 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.03.08 23:52:06 | 000,111,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.03.08 23:52:06 | 000,097,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.03.08 23:52:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146738775-2154181807-1878494979-1001UA.job
[2010.03.08 23:47:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.08 23:47:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.08 23:47:05 | 3220,672,512 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.08 23:47:05 | 000,045,267 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010.03.08 23:46:23 | 000,062,644 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000000-00001102-00000005-002C1102}.rfx
[2010.03.08 23:46:23 | 000,062,644 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000000-00001102-00000005-002C1102}.rfx
[2010.03.08 23:46:23 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000000-00001102-00000005-002C1102}.rfx
[2010.03.08 23:45:52 | 004,463,467 | -H-- | M] () -- C:\Users\Jehoun\AppData\Local\IconCache.db
[2010.03.08 22:26:28 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.08 20:40:33 | 000,781,909 | ---- | M] () -- D:\Dokumenty\RSIT.exe
[2010.03.08 19:18:29 | 000,171,136 | RHS- | M] () -- C:\w7ldr
[2010.03.08 19:13:28 | 000,214,031 | RHS- | M] () -- C:\LCDMN
[2010.03.08 19:13:28 | 000,000,020 | RHS- | M] () -- C:\winx.ld
[2010.03.08 18:52:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146738775-2154181807-1878494979-1001Core.job
[2010.03.08 17:01:47 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010.03.08 12:47:54 | 000,000,095 | ---- | M] () -- C:\Windows\BsMobileModel.ini
[2010.03.08 12:23:10 | 000,160,768 | ---- | M] () -- C:\Windows\Evomia.exe
[2010.03.08 11:51:38 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\0
[2010.03.08 11:28:29 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WmpDui.dll
[2010.03.08 09:25:26 | 000,002,020 | ---- | M] () -- C:\Users\Jehoun\Desktop\Mediaport.lnk
[2010.03.08 08:37:21 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2010.03.08 08:37:21 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2010.03.08 08:24:26 | 000,001,055 | ---- | M] () -- C:\Users\Jehoun\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2010.03.07 22:31:42 | 000,524,288 | -HS- | M] () -- C:\Users\Jehoun\NTUSER.DAT{18568586-2a2b-11df-bdcf-111111111111}.TMContainer00000000000000000002.regtrans-ms
[2010.03.07 22:31:42 | 000,524,288 | -HS- | M] () -- C:\Users\Jehoun\NTUSER.DAT{18568586-2a2b-11df-bdcf-111111111111}.TMContainer00000000000000000001.regtrans-ms
[2010.03.07 22:31:42 | 000,065,536 | -HS- | M] () -- C:\Users\Jehoun\NTUSER.DAT{18568586-2a2b-11df-bdcf-111111111111}.TM.blf
[2010.03.07 22:06:42 | 000,064,352 | ---- | M] () -- C:\Users\Jehoun\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.07 21:52:19 | 000,298,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.03.07 21:48:44 | 000,000,512 | ---- | M] () -- D:\Dokumenty\outlook.reg
[2010.03.07 21:46:10 | 067,822,592 | ---- | M] () -- D:\Dokumenty\Outlook Backup.pst
[2010.03.07 21:38:21 | 001,411,896 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.03.07 21:36:40 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.03.07 21:04:47 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.03.07 20:58:07 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\TweakNow RegCleaner.lnk
[2010.03.07 20:23:54 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\TVCenter.lnk
[2010.03.07 20:19:06 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2010.03.07 20:19:06 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.03.07 20:19:06 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.03.07 20:19:06 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.03.07 19:51:38 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\TotalMedia Theatre 3.lnk
[2010.03.07 19:43:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.03.07 19:29:42 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.03.07 19:29:42 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.03.07 19:29:42 | 000,121,880 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.03.07 19:29:42 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.03.07 19:29:42 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010.03.07 18:47:43 | 000,002,254 | ---- | M] () -- C:\Users\Jehoun\Desktop\Google Chrome.lnk
[2010.03.07 18:16:24 | 000,524,288 | -HS- | M] () -- C:\Users\Jehoun\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.03.07 18:16:24 | 000,524,288 | -HS- | M] () -- C:\Users\Jehoun\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.07 18:16:24 | 000,065,536 | -HS- | M] () -- C:\Users\Jehoun\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.07 18:14:35 | 000,000,020 | -HS- | M] () -- C:\Users\Jehoun\ntuser.ini
[2010.03.07 18:11:26 | 000,062,544 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.03.07 18:11:26 | 000,062,544 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.03.07 18:09:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.03.07 18:06:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.03.07 11:26:24 | 000,006,516 | ---- | M] () -- D:\Dokumenty\Zalozky Google Chrome.html
[2010.03.04 22:10:19 | 000,010,456 | ---- | M] () -- D:\Dokumenty\Konfigurace TP-LINK.bin
[2010.02.11 19:53:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\avastSS.scr
[2010.02.11 19:53:36 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.02.11 19:42:38 | 000,051,280 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.02.11 19:42:19 | 000,120,912 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.02.11 19:39:04 | 000,028,752 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.02.11 19:38:49 | 000,063,568 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.02.11 19:38:25 | 000,022,096 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

========== Files Created - No Company Name ==========

[2010.03.08 23:53:20 | 000,001,898 | ---- | C] () -- C:\Users\Jehoun\Desktop\CCleaner.lnk
[2010.03.08 22:26:28 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.08 20:40:32 | 000,781,909 | ---- | C] () -- D:\Dokumenty\RSIT.exe
[2010.03.08 19:18:29 | 000,171,136 | RHS- | C] () -- C:\w7ldr
[2010.03.08 19:13:28 | 000,214,031 | RHS- | C] () -- C:\LCDMN
[2010.03.08 19:09:05 | 000,000,020 | RHS- | C] () -- C:\winx.ld
[2010.03.08 12:47:54 | 000,000,095 | ---- | C] () -- C:\Windows\BsMobileModel.ini
[2010.03.08 12:23:14 | 000,160,768 | ---- | C] () -- C:\Windows\Evomia.exe
[2010.03.08 11:51:38 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\0
[2010.03.08 09:25:26 | 000,002,020 | ---- | C] () -- C:\Users\Jehoun\Desktop\Mediaport.lnk
[2010.03.08 08:37:21 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settingsbkup.sfm
[2010.03.08 08:37:21 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settings.sfm
[2010.03.08 08:24:26 | 000,001,055 | ---- | C] () -- C:\Users\Jehoun\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2010.03.07 22:11:38 | 000,524,288 | -HS- | C] () -- C:\Users\Jehoun\NTUSER.DAT{18568586-2a2b-11df-bdcf-111111111111}.TMContainer00000000000000000002.regtrans-ms
[2010.03.07 22:11:38 | 000,524,288 | -HS- | C] () -- C:\Users\Jehoun\NTUSER.DAT{18568586-2a2b-11df-bdcf-111111111111}.TMContainer00000000000000000001.regtrans-ms
[2010.03.07 22:11:38 | 000,065,536 | -HS- | C] () -- C:\Users\Jehoun\NTUSER.DAT{18568586-2a2b-11df-bdcf-111111111111}.TM.blf
[2010.03.07 21:49:01 | 000,000,512 | ---- | C] () -- D:\Dokumenty\outlook.reg
[2010.03.07 21:38:21 | 001,411,896 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.03.07 21:09:58 | 000,045,267 | ---- | C] () -- C:\Windows\SysNative\oodbs.lor
[2010.03.07 21:04:47 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.03.07 20:58:07 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\TweakNow RegCleaner.lnk
[2010.03.07 20:24:03 | 000,006,516 | ---- | C] () -- D:\Dokumenty\Zalozky Google Chrome.html
[2010.03.07 20:24:00 | 067,822,592 | ---- | C] () -- D:\Dokumenty\Outlook Backup.pst
[2010.03.07 20:23:54 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\TVCenter.lnk
[2010.03.07 20:23:50 | 000,521,916 | ---- | C] () -- D:\Dokumenty\miska 049.jpg
[2010.03.07 20:23:50 | 000,010,456 | ---- | C] () -- D:\Dokumenty\Konfigurace TP-LINK.bin
[2010.03.07 20:13:10 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010.03.07 19:54:07 | 000,142,848 | ---- | C] () -- C:\Windows\SysNative\drivers\ArcHlp.sys
[2010.03.07 19:54:07 | 000,007,426 | ---- | C] () -- C:\Windows\SysNative\drivers\win7_64logo.cat
[2010.03.07 19:54:07 | 000,002,239 | ---- | C] () -- C:\Windows\SysNative\drivers\win7Logo.inf
[2010.03.07 19:51:38 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\TotalMedia Theatre 3.lnk
[2010.03.07 19:43:14 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.03.07 19:31:24 | 000,062,644 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000000-00001102-00000005-002C1102}.rfx
[2010.03.07 19:31:24 | 000,062,644 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000000-00001102-00000005-002C1102}.rfx
[2010.03.07 19:31:24 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000000-00001102-00000005-002C1102}.rfx
[2010.03.07 19:30:54 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2010.03.07 19:29:42 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2010.03.07 19:29:42 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.03.07 19:29:42 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2010.03.07 19:29:42 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.03.07 19:29:42 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2010.03.07 19:13:42 | 000,009,163 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010.03.07 18:47:43 | 000,002,254 | ---- | C] () -- C:\Users\Jehoun\Desktop\Google Chrome.lnk
[2010.03.07 18:47:25 | 000,000,966 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146738775-2154181807-1878494979-1001UA.job
[2010.03.07 18:47:24 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146738775-2154181807-1878494979-1001Core.job
[2010.03.07 18:14:35 | 000,000,020 | -HS- | C] () -- C:\Users\Jehoun\ntuser.ini
[2010.03.07 18:14:34 | 001,310,720 | ---- | C] () -- C:\Users\Jehoun\NTUSER.DAT
[2010.03.07 18:14:34 | 000,524,288 | -HS- | C] () -- C:\Users\Jehoun\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.03.07 18:14:34 | 000,524,288 | -HS- | C] () -- C:\Users\Jehoun\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.03.07 18:14:34 | 000,065,536 | -HS- | C] () -- C:\Users\Jehoun\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.03.07 18:09:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.03.07 18:07:46 | 3220,672,512 | -HS- | C] () -- C:\hiberfil.sys
[2010.03.07 18:06:49 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.03.07 18:06:48 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.04 01:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2009.06.04 01:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009.06.04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2009.05.27 09:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini

========== Custom Scans ==========


< Kód: >

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >
< End of report >

[jehoun]

OTL Extras logfile created on: 8.3.2010 23:57:00 - Run 1
OTL by OldTimer - Version 3.1.35.0 Folder = C:\Users\Jehoun\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 18,85 Gb Free Space | 55,14% Space Free | Partition Type: NTFS
Drive D: | 897,33 Gb Total Space | 877,62 Gb Free Space | 97,80% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 45,26 Gb Free Space | 4,86% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 0,97 Gb Free Space | 0,07% Space Free | Partition Type: NTFS
Drive G: | 1397,26 Gb Total Space | 2,71 Gb Free Space | 0,19% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: Jehoun
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4146738775-2154181807-1878494979-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{186D2CCE-DEFE-4188-AB44-62008E9BC3E0}" = O&O Defrag Professional
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{E29B2B35-C365-4C9A-8C5C-224E3B9A9ED1}" = TVCenter
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_STANDARD_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_STANDARD_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_STANDARD_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_STANDARD_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_STANDARD_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_STANDARD_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E4E0578B-CD1F-4DA4-B29B-0871FB4331A8}" = ArcSoft TotalMedia Theatre 3
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"AudioCS" = Creative Audio Control Panel
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner (remove only)
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"HijackThis" = HijackThis 2.0.2
"InstallShield_{E4E0578B-CD1F-4DA4-B29B-0871FB4331A8}" = ArcSoft TotalMedia Theatre 3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mediaport" = Mediaport
"OpenAL" = OpenAL
"STANDARD" = Microsoft Office Standard 2007
"TC UP" = Total Commander Ultima Prime 5.0.0.0
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"Zynga Toolbar" = Zynga Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4146738775-2154181807-1878494979-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

[motji]

tyto složky znáte?
C:\w7ldr
C:\LCDMN
C:\winx.ld


Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TC UP] C:\Program Files (x86)\TC UP\TC UP.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe File not found
4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:COMMANDS
[Reboot]

-klikněte na tlačítko Run fix.
-Následně se pc restartuje.
- Log vložte zde

otestujte na http://www.virustotal.com
C:\Windows\Evomia.exe
C:\Windows\SysNative\settingsbkup.sfm

[jehoun]

Ano tyto soubory znám... Mám Vložit i výpis z toho VirusTotal?

========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TC UP deleted successfully.
C:\Program Files (x86)\TC UP\TC UP.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ deleted successfully.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:OODBS deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI7679.tmp moved successfully.
C:\WINDOWS\Temp\UDDBB23.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp110372785.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp20720969.tmp moved successfully.
C:\WINDOWS\Temp\_avast5_\unp79871458.tmp moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.1.35.0 log created on 03092010_071101

[motji]

Ano, vložte

[jehoun]

Tento soubor jsem bohužel nenašel ani jeho složku C:\Windows\SysNative\settingsbkup.sfm

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.07 -
AhnLab-V3 5.0.0.2 2010.03.07 -
AntiVir 8.2.1.180 2010.03.05 -
Antiy-AVL 2.0.3.7 2010.03.05 -
Authentium 5.2.0.5 2010.03.06 -
Avast 4.8.1351.0 2010.03.07 -
Avast5 5.0.332.0 2010.03.07 -
AVG 9.0.0.787 2010.03.07 -
BitDefender 7.2 2010.03.07 -
CAT-QuickHeal 10.00 2010.03.06 -
ClamAV 0.96.0.0-git 2010.03.06 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.07 -
eSafe 7.0.17.0 2010.03.04 -
eTrust-Vet 35.2.7342 2010.03.05 -
F-Prot 4.5.1.85 2010.03.06 -
F-Secure 9.0.15370.0 2010.03.07 Suspicious:W32/Malware!Gemini
Fortinet 4.0.14.0 2010.03.07 -
GData 19 2010.03.07 -
Ikarus T3.1.1.80.0 2010.03.07 -
Jiangmin 13.0.900 2010.03.07 -
K7AntiVirus 7.10.990 2010.03.04 -
Kaspersky 7.0.0.125 2010.03.07 -
McAfee 5912 2010.03.06 -
McAfee+Artemis 5912 2010.03.06 -
McAfee-GW-Edition 6.8.5 2010.03.07 -
Microsoft 1.5502 2010.03.07 -
NOD32 4922 2010.03.07 -
Norman 6.04.08 2010.03.07 -
nProtect 2009.1.8.0 2010.03.07 -
Panda 10.0.2.2 2010.03.07 -
PCTools 7.0.3.5 2010.03.04 -
Prevx 3.0 2010.03.09 High Risk Cloaked Malware
Rising 22.37.06.04 2010.03.07 Packer.Win32.Agent.GEN
Sophos 4.51.0 2010.03.07 -
Sunbelt 5780 2010.03.07 -
Symantec 20091.2.0.41 2010.03.07 Suspicious.Insight
TheHacker 6.5.1.9.223 2010.03.07 -
TrendMicro 9.120.0.1004 2010.03.07 -
VBA32 3.12.12.2 2010.03.05 -
ViRobot 2010.3.5.2214 2010.03.05 -
VirusBuster 5.0.27.0 2010.03.06 -
Rozšiřující informace
File size: 160768 bytes
MD5...: e1bac36ac6df7eb0e53bdf7e04306b50
SHA1..: 9f6dfd976e3132cad9b7f9fa7d628da836255d13
SHA256: de8a4f376467217d3dd6f6d6619062354f3fc999da4ad413f2c9cc9cf98e7a1a
ssdeep: 3072:AUF8O/rUUm0OLyzMjGEv2TtFBAh/IQXgPY4IpoMlh:ZF8O/rUUm0hzMj1vk
FB8/IQXED8
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2c2e
timedatestamp.....: 0x4ae7a645 (Wed Oct 28 02:02:45 2009)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
DATA 0x1000 0x4156 0x4200 5.25 796b44924d3559377e5239f8607f6ef5
.rdata 0x6000 0x211e6 0x21200 6.56 8af26c29687d4370dbcce5d194838dbc
.idata 0x28000 0xed1 0x1000 3.27 43c8ac37f3a5489619f7bb920c1cea37
INIT 0x29000 0x12601 0x800 0.00 c99a74c555371a433d121f551d6c6398
.tls 0x3c000 0x19f 0x200 0.06 3fa9992af608ac0dca1a38c1650c1571

( 8 imports )
> KERNEL32.DLL: LockResource, GetCurrentProcess, GetUserDefaultLCID, LocalAlloc, GetEnvironmentStrings, GetACP, VirtualAllocEx, WaitForSingleObject, lstrcpynA, WideCharToMultiByte, ExitProcess, VirtualFree, GetCurrentThreadId, LoadLibraryExA, GetProcessHeap, CompareStringA, HeapAlloc
> gdi32.dll: GetClipBox, RestoreDC, CreateBitmap, CreateCompatibleDC
> ole32.dll: StgOpenStorage, MkParseDisplayName, CoGetMalloc, OleCreateStaticFromData
> USER32.DLL: EqualRect, EnumChildWindows, MessageBoxA, ShowWindow, GetWindow, GetDlgItem, IsMenu, GetMenuState, IsWindowVisible, GetMessagePos, DispatchMessageA, CreatePopupMenu, SetWindowPos, GetSysColorBrush, GetPropA, GetClipboardData, FrameRect
> msvcrt.dll: wcsncmp, memmove, srand, wcstol, clock, swprintf, calloc, time, atol, sqrt, tolower, malloc
> ADVAPI32.DLL: RegEnumKeyA
> SHLWAPI.DLL: PathGetCharTypeA, SHGetValueA, PathFileExistsA, SHQueryValueExA, PathIsContentTypeA, SHEnumValueA, SHQueryInfoKeyA, SHDeleteKeyA, SHDeleteValueA, SHStrDupA
> COMDLG32.DLL: GetSaveFileNameA, FindTextA, GetFileTitleA, ChooseColorA

( 0 exports )
RDS...: NSRL Reference Data Set
-
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
<a href='http://info.prevx.com/aboutprogramtext. ... 00787AFA43' target='_blank'>http://info.prevx.com/aboutprogramtext. ... 87AFA43</a>
pdfid.: -
trid..: Windows Screen Saver (37.1%)
Win32 Executable Generic (24.1%)
Win32 Dynamic Link Library (generic) (21.4%)
Clipper DOS Executable (5.7%)
Generic Win/DOS Executable (5.6%)

[motji]

C:\Windows\Evomia.exe
Znáte ten program, používáte ho?

[jehoun]

Nemám tušení co to je, čas vytvoření odpovídá době infikace (stejný čas vytvoření měl Ed1.exe a i sshnas21.dll).