neviem si rady DELTA HOMES

Zpráva

cudak01 · #1 Příspěvek od **cudak01** » 28 zář 2013 19:46

Logfile of random's system information tool 1.09 (written by random/random)
Run by Miroslav at 2013-09-28 20:45:17
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 221 GB (46%) free of 477 GB
Total RAM: 8190 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:20, on 28. 9. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
C:\Program Files\ASUS\Turbo Key\TurboKey.exe
C:\Program Files (x86)\Trust\Trust R-Series Keyboard\StartAutorun.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMConfig.exe
C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMProcess.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\eSafe\temp_000.exe
C:\Users\Miroslav\AppData\Roaming\eUpdate\CD5CD1F0ACAA4243A22FFE55CEB472AD\delta-homes.exe
C:\Users\Miroslav\AppData\Local\Temp\eIntaller\306DA8A0015A4a10B848F843881F50F6\eXQ.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Miroslav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380380352
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380380352
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1380380352
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Turbo Key] "C:\Program Files\ASUS\Turbo Key\TurboKey.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files (x86)\Trust\Trust R-Series Keyboard\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [msahhvSrv] C:\Windows\inf\msahhv.vbe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Handy Updater] "C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3551986815-2001698405-2829997118-1011\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3551986815-2001698405-2829997118-1011\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMWDSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--
End of file - 10867 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\ProgramData\eSafe\eGdpSvc.exe
"taskhost.exe"
taskeng.exe {336C502D-DC48-4BE5-9FE6-2E575C254DDA}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe" -b
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
"C:\Program Files\ASUS\Turbo Key\TurboKey.exe"
"C:\Program Files (x86)\Trust\Trust R-Series Keyboard\StartAutorun.exe" KMConfig.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
KMConfig.exe
"C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMProcess.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe" -s
C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
"C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe"
\??\C:\Windows\system32\conhost.exe "-484721894-1010604714-61214668-248379064152678676512381533752013417826-1669217381
"C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMWDSrv.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-166433237011246751981764912193-94348257-911938687-32275620-2073564688-1885409619
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?utm_source= ... 1380380352
"C:\ProgramData\eSafe\temp_000.exe" -v:13.3.2.2700
"C:\Users\Miroslav\AppData\Roaming\eUpdate\CD5CD1F0ACAA4243A22FFE55CEB472AD\delta-homes.exe" -ptid=newgdp -hp=10 -addr=delta-homes -h -p -s -sc=1 -reg=0 -check=1
"C:\Windows\system32\WinMsgBalloonServer.exe"
\\.\pipe\raidxpertPipe1
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Miroslav\AppData\Local\Temp\eIntaller\306DA8A0015A4a10B848F843881F50F6\eXQ.exe" -ptid=newgdp -hp=10 -addr=delta-homes -h -p -s -sc=1 -reg=0 -check=1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?utm_source= ... 1380380352
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5576.0.1512763417\753354477" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2723 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="5576.1.1465234131\316254944" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5576.3.1469424720\1778970140" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="5576.4.221655267\1239079578" /prefetch:673131151
"C:\Windows\system32\zshp1020.exe" input=0x5fc output=0x618
"C:\Users\Miroslav\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RtlNICDiagVistaStart.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-12 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-12 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-27 1028896]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Handy Updater"=C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2013-05-13 3111456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-09-06 1811368]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 5015040]
"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2009-12-28 887936]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-09-03 40312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Turbo Key"=C:\Program Files\ASUS\Turbo Key\TurboKey.exe [2009-11-24 1874432]
"KMCONFIG"=C:\Program Files (x86)\Trust\Trust R-Series Keyboard\StartAutorun.exe [2007-03-06 212992]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"msahhvSrv"=C:\Windows\inf\msahhv.vbe [2013-08-27 1558]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-28 19:13:52 ----D---- C:\Users\Miroslav\AppData\Roaming\eUpdate
2013-09-28 18:32:55 ----D---- C:\rsit
2013-09-28 18:32:55 ----D---- C:\Program Files\trend micro
2013-09-28 17:24:55 ----D---- C:\ProgramData\VS Revo Group
2013-09-28 17:24:08 ----D---- C:\Program Files (x86)\Revo.Uninstaller.Pro. 3.0.7 SK
2013-09-28 00:25:13 ----A---- C:\autoexec.bat
2013-09-28 00:23:57 ----D---- C:\Program Files\Enigma Software Group
2013-09-28 00:23:23 ----D---- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-09-27 21:47:18 ----D---- C:\ProgramData\eSafe
2013-09-25 21:19:45 ----D---- C:\Program Files\Common Files\DESIGNER
2013-09-25 21:19:33 ----D---- C:\Windows\PCHEALTH
2013-09-25 21:17:05 ----D---- C:\Program Files (x86)\Microsoft Office
2013-09-25 21:17:04 ----D---- C:\ProgramData\Microsoft Help
2013-09-25 21:17:04 ----D---- C:\Program Files\Microsoft Office
2013-09-25 21:16:55 ----RHD---- C:\MSOCache
2013-09-21 01:31:19 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-21 01:23:02 ----A---- C:\Windows\system32\ZSHP1020.EXE
2013-09-21 01:23:02 ----A---- C:\Windows\system32\ZLhp1020.DLL
2013-09-20 16:03:54 ----D---- C:\Users\Miroslav\AppData\Roaming\The Creative Assembly
2013-09-18 01:53:48 ----D---- C:\Users\Miroslav\AppData\Roaming\TeamViewer
2013-09-17 22:22:52 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-09-17 22:22:50 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-09-17 22:22:48 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-09-17 22:22:48 ----A---- C:\Windows\system32\nvopencl.dll
2013-09-17 22:22:48 ----A---- C:\Windows\system32\nvoglv64.dll
2013-09-17 22:22:46 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-09-17 22:22:46 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-09-17 22:22:46 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-09-17 22:22:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-09-17 22:22:44 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-09-17 22:22:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-09-17 22:22:44 ----A---- C:\Windows\system32\nvinitx.dll
2013-09-17 22:22:44 ----A---- C:\Windows\system32\NvIFR64.dll
2013-09-17 22:22:42 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-09-17 22:22:42 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2013-09-17 22:22:42 ----A---- C:\Windows\system32\nvhdap64.dll
2013-09-17 22:22:42 ----A---- C:\Windows\system32\NvFBC64.dll
2013-09-17 22:22:42 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2013-09-17 22:22:42 ----A---- C:\Windows\system32\nvdispgenco6432723.dll
2013-09-17 22:22:42 ----A---- C:\Windows\system32\nvdispco6432723.dll
2013-09-17 22:22:42 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-09-17 22:22:42 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-09-17 22:22:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-09-17 22:22:40 ----A---- C:\Windows\system32\nvcuvid.dll
2013-09-17 22:22:38 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-09-17 22:22:38 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-09-17 22:22:38 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-09-17 22:22:38 ----A---- C:\Windows\system32\nvcuda.dll
2013-09-17 22:22:28 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-09-17 22:22:26 ----A---- C:\Windows\system32\nvcompiler.dll
2013-09-16 21:09:23 ----D---- C:\TeamViewer
2013-09-13 12:42:29 ----D---- C:\ProgramData\Solidshield
2013-09-13 00:39:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-13 00:39:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-09-13 00:39:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-09-13 00:39:22 ----A---- C:\Windows\system32\ieui.dll
2013-09-13 00:39:22 ----A---- C:\Windows\system32\iesetup.dll
2013-09-13 00:39:22 ----A---- C:\Windows\system32\iernonce.dll
2013-09-13 00:39:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-09-13 00:39:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-09-13 00:39:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-13 00:39:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 00:39:21 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-13 00:39:21 ----A---- C:\Windows\system32\iertutil.dll
2013-09-13 00:39:21 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-13 00:39:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-13 00:39:20 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-13 00:39:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-13 00:39:19 ----A---- C:\Windows\system32\jscript9.dll
2013-09-13 00:39:19 ----A---- C:\Windows\system32\jscript.dll
2013-09-13 00:39:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-13 00:39:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-13 00:39:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-13 00:39:17 ----A---- C:\Windows\system32\urlmon.dll
2013-09-13 00:39:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-13 00:39:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-13 00:39:16 ----A---- C:\Windows\system32\wininet.dll
2013-09-13 00:39:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-13 00:39:14 ----A---- C:\Windows\system32\ieframe.dll
2013-09-13 00:39:13 ----A---- C:\Windows\system32\mshtml.dll
2013-09-13 00:39:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-13 00:03:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-13 00:03:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-13 00:03:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-13 00:03:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-13 00:03:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-13 00:03:29 ----A---- C:\Windows\system32\wow64.dll
2013-09-13 00:03:29 ----A---- C:\Windows\system32\ntdll.dll
2013-09-13 00:03:29 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-13 00:03:29 ----A---- C:\Windows\system32\kernel32.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 00:03:28 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 00:03:28 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-13 00:03:28 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-13 00:03:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-13 00:03:28 ----A---- C:\Windows\system32\wow64win.dll
2013-09-13 00:03:28 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-13 00:03:28 ----A---- C:\Windows\system32\winsrv.dll
2013-09-13 00:03:28 ----A---- C:\Windows\system32\smss.exe
2013-09-13 00:03:28 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-13 00:03:28 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-13 00:03:28 ----A---- C:\Windows\system32\conhost.exe
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 00:03:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 00:03:27 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-13 00:03:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-13 00:03:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-13 00:03:27 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-13 00:03:27 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-13 00:03:26 ----A---- C:\Windows\system32\win32k.sys
2013-09-13 00:03:21 ----A---- C:\Windows\system32\shell32.dll
2013-09-13 00:03:20 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-13 00:03:20 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-13 00:03:20 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-12 01:56:15 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-09-12 01:56:15 ----A---- C:\Windows\system32\javaws.exe
2013-09-12 01:56:15 ----A---- C:\Windows\system32\deployJava1.dll
2013-09-12 01:56:11 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-09-12 01:56:11 ----A---- C:\Windows\system32\javaw.exe
2013-09-12 01:56:11 ----A---- C:\Windows\system32\java.exe
2013-09-12 01:56:02 ----D---- C:\Program Files\Java
2013-09-12 01:17:50 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-09-08 21:58:03 ----D---- C:\Users\Miroslav\AppData\Roaming\.minecraft
2013-09-07 02:44:39 ----D---- C:\ProgramData\AVS4YOU
2013-09-07 02:44:33 ----D---- C:\Users\Miroslav\AppData\Roaming\AVS4YOU
2013-09-06 22:04:20 ----D---- C:\Program Files (x86)\AVS4YOU
2013-09-06 22:02:55 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2013-09-06 22:02:55 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll

======List of files/folders modified in the last 1 month======

2013-09-28 20:45:19 ----D---- C:\Windows\Temp
2013-09-28 19:25:11 ----D---- C:\Windows\system32\config
2013-09-28 19:09:37 ----D---- C:\ProgramData\NVIDIA
2013-09-28 18:32:55 ----RD---- C:\Program Files
2013-09-28 17:59:02 ----SHD---- C:\Windows\Installer
2013-09-28 17:59:02 ----D---- C:\Windows
2013-09-28 17:58:50 ----SHD---- C:\System Volume Information
2013-09-28 17:45:52 ----D---- C:\Windows\system32\drivers
2013-09-28 17:27:12 ----D---- C:\Users\Miroslav\AppData\Roaming\uTorrent
2013-09-28 17:27:11 ----D---- C:\Program Files (x86)\Steam
2013-09-28 17:24:55 ----HD---- C:\ProgramData
2013-09-28 17:24:10 ----D---- C:\Windows\Prefetch
2013-09-28 17:24:10 ----D---- C:\Windows\inf
2013-09-28 17:24:08 ----RD---- C:\Program Files (x86)
2013-09-28 17:10:12 ----D---- C:\Windows\Minidump
2013-09-28 01:00:10 ----SD---- C:\Users\Miroslav\AppData\Roaming\Microsoft
2013-09-28 00:23:22 ----D---- C:\Program Files (x86)\Common Files
2013-09-27 22:10:39 ----D---- C:\Program Files (x86)\Google
2013-09-27 21:53:30 ----D---- C:\Windows\Tasks
2013-09-27 21:53:30 ----D---- C:\Windows\system32\Tasks
2013-09-27 21:23:09 ----D---- C:\Windows\Microsoft.NET
2013-09-27 21:23:08 ----RSD---- C:\Windows\assembly
2013-09-27 17:26:20 ----D---- C:\Hry
2013-09-27 16:42:22 ----D---- C:\Windows\System32
2013-09-27 16:42:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-26 23:49:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-09-26 23:28:15 ----D---- C:\Program Files (x86)\The KMPlayer
2013-09-25 22:19:38 ----D---- C:\Windows\winsxs
2013-09-25 22:18:44 ----D---- C:\Windows\SysWOW64
2013-09-25 21:19:49 ----RSD---- C:\Windows\Fonts
2013-09-25 21:19:45 ----D---- C:\Program Files\Common Files
2013-09-25 21:19:33 ----SD---- C:\ProgramData\Microsoft
2013-09-25 21:19:33 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-09-24 21:25:45 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-09-24 21:23:33 ----D---- C:\Windows\system32\catroot
2013-09-24 21:23:29 ----D---- C:\Windows\system32\DriverStore
2013-09-21 02:07:41 ----D---- C:\Program Files\WinRAR
2013-09-21 01:31:04 ----D---- C:\Windows\system32\catroot2
2013-09-20 16:03:54 ----D---- C:\ProgramData\Steam
2013-09-19 20:24:43 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-17 22:22:56 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2013-09-17 22:22:56 ----A---- C:\Windows\system32\OpenCL.dll
2013-09-17 22:22:52 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-09-17 22:22:50 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-09-17 22:22:40 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-09-17 22:22:26 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-09-17 22:22:26 ----A---- C:\Windows\system32\nvapi64.dll
2013-09-13 07:32:50 ----D---- C:\Windows\rescache
2013-09-13 06:33:03 ----D---- C:\Program Files\Internet Explorer
2013-09-13 06:33:03 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-13 06:33:02 ----D---- C:\Windows\AppPatch
2013-09-13 06:33:01 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-09-13 06:33:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-09-13 06:33:01 ----D---- C:\Windows\system32\sk-SK
2013-09-13 06:33:01 ----D---- C:\Windows\system32\cs-CZ
2013-09-13 00:39:10 ----D---- C:\Windows\system32\MRT
2013-09-13 00:38:03 ----A---- C:\Windows\system32\MRT.exe
2013-09-12 09:25:43 ----A---- C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25:43 ----A---- C:\Windows\system32\nvcpl.dll
2013-09-12 09:25:40 ----A---- C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25:40 ----A---- C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25:40 ----A---- C:\Windows\system32\nvshext.dll
2013-09-12 09:25:40 ----A---- C:\Windows\system32\nvmctray.dll
2013-09-08 22:12:07 ----D---- C:\Users\Miroslav\AppData\Roaming\NVIDIA
2013-08-30 09:47:14 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-05-20 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-23 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-04 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-02-04 14376]
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-17 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-17 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-05-14 39712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 2182768]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 40616]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 X6va012;X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 []
S3 X6va013;X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD_RAIDXpert;AMD RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-12-15 122880]
R2 AsSysCtrlService;ASUS System Control Service; C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [2009-12-28 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMWDSrv.exe [2007-04-05 208896]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14984480]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-27 1889568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-02 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760]
R2 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-09-27 480376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-31 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-31 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-05-27 5127200]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-07 543656]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-31 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TeamViewer8;TeamViewer 8; C:\TeamViewer\TeamViewer_Service.exe [2013-09-12 5071712]

-----------------EOF----------------- neviem to dostať von stále to je ako domovská stránka na chrome

#2 Příspěvek od **Márty84** » 28 zář 2013 20:04

Zdravim

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

cudak01 · #3 Příspěvek od **cudak01** » 28 zář 2013 23:55

OTL logfile created on: 29.9.2013 0:26:06 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Miroslav\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

8,00 Gb Total Physical Memory | 5,77 Gb Available Physical Memory | 72,11% Memory free
15,99 Gb Paging File | 13,66 Gb Available in Paging File | 85,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,54 Gb Total Space | 214,67 Gb Free Space | 46,11% Space Free | Partition Type: NTFS

Computer Name: MIROSLAV-PC | User Name: Miroslav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.28 23:55:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
PRC - [2013.09.27 21:47:18 | 000,480,376 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013.09.17 05:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.09.12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.07.27 10:41:25 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.07.27 10:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.07.27 10:35:26 | 001,209,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013.07.02 20:33:30 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.14 17:07:42 | 017,432,576 | ---- | M] (GIGABYTE Technology Co.,Ltd.) -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
PRC - [2012.01.03 19:19:24 | 005,875,840 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009.12.28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) -- C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
PRC - [2009.12.15 17:41:00 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009.12.15 17:40:00 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009.12.15 17:40:00 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009.12.15 17:40:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2009.11.24 15:25:28 | 001,874,432 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe
PRC - [2007.04.26 01:34:24 | 000,327,680 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMProcess.exe
PRC - [2007.04.05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMWDSrv.exe
PRC - [2007.03.28 00:38:48 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMCONFIG.exe
PRC - [2007.03.06 14:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Trust\Trust R-Series Keyboard\StartAutorun.exe

========== Modules (No Company Name) ==========

MOD - [2013.09.17 05:21:27 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
MOD - [2013.09.17 05:21:25 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013.09.17 05:20:34 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
MOD - [2013.09.17 05:20:33 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
MOD - [2013.09.17 05:20:31 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
MOD - [2009.04.29 14:24:44 | 000,253,952 | ---- | M] () -- C:\Program Files\ASUS\Turbo Key\pngio.dll
MOD - [2009.04.29 14:24:44 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Turbo Key\AiNap.dll
MOD - [2009.04.29 14:24:44 | 000,008,704 | ---- | M] () -- C:\Program Files\ASUS\Turbo Key\vvc.dll
MOD - [2009.03.25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009.01.15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007.03.29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Trust\Trust R-Series Keyboard\keydll.dll
MOD - [2005.05.04 19:12:46 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Trust\Trust R-Series Keyboard\MouseHook.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.07.27 10:49:33 | 014,984,480 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.11.06 05:36:56 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2011.11.11 15:50:40 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.09.27 21:47:18 | 000,480,376 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013.09.19 20:24:43 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.12 10:31:23 | 005,071,712 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\TeamViewer\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.09.12 01:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.07.27 10:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.07.02 20:33:30 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.05.27 00:30:12 | 005,127,200 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.06 05:36:56 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.12.15 17:40:00 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.04.05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files (x86)\Trust\Trust R-Series Keyboard\KMWDSrv.exe -- (KMWDSERVICE)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.09.17 22:22:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.08.30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.08.30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.08.30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.08.30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.08.30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.08.30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.08.30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.08.30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.06.04 03:07:07 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.05.14 21:28:40 | 000,039,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.05.09 10:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013.04.30 10:51:09 | 000,040,616 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.03 15:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.11.11 15:50:34 | 002,182,768 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011.11.03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.11.03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.05.20 09:30:58 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.17 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2010.02.04 10:09:00 | 000,014,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys -- (GPCIDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380405221
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1380405221
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source= ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380405221
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1380405221
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?utm_ ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1380405221
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1380405221
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?utm_ ... earchTerms}
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..\SearchScopes\{E4956721-37C2-45BD-B3A4-52AC272ED018}: "URL" = http://asksearch.ask.com/redirect?clien ... earchTerms}&
IE - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.search.ask.com/?l=dis&o=APN1 ... 2013-06-12
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Disk Google = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Click&Clean App = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\
CHR - Extension: Gmail = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files (x86)\Trust\Trust R-Series Keyboard\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [msahhvSrv] C:\Windows\inf\msahhv.vbe ()
O4 - HKLM..\Run: [Turbo Key] C:\Program Files\ASUS\Turbo Key\TurboKey.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000..\Run: [Handy Updater] "C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe" File not found
O4 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1011..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1011..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1011\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1011\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1011\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-21-3551986815-2001698405-2829997118-1011\..Trusted Domains: sony.com ([]* in )
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9A5E75D-F75F-44CC-A429-5BD9A1627344}: DhcpNameServer = 192.168.254.1 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.09.28 00:25:13 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b2a66d8c-1c2d-11e3-9010-50465db695cb}\Shell - "" = AutoRun
O33 - MountPoints2\{b2a66d8c-1c2d-11e3-9010-50465db695cb}\Shell\AutoRun\command - "" = D:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.09.28 23:55:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
[2013.09.28 19:13:52 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\eUpdate
[2013.09.28 18:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.09.28 18:32:55 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.28 17:25:00 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Local\VS Revo Group
[2013.09.28 17:24:55 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013.09.28 17:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Revo.Uninstaller.Pro. 3.0.7 SK
[2013.09.28 00:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.09.28 00:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.09.28 00:06:39 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.09.27 22:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.09.27 21:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe
[2013.09.25 21:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.09.25 21:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.09.25 21:19:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.09.25 21:17:06 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Local\Microsoft Help
[2013.09.25 21:17:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.09.25 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.09.25 21:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.09.25 21:16:55 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.09.21 01:31:19 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.09.20 16:03:54 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\The Creative Assembly
[2013.09.18 01:53:48 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\TeamViewer
[2013.09.17 22:22:52 | 013,628,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.09.17 22:22:50 | 001,222,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.09.17 22:22:48 | 029,337,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.09.17 22:22:48 | 007,648,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.09.17 22:22:48 | 006,329,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.09.17 22:22:46 | 022,102,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.09.17 22:22:46 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.09.17 22:22:46 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.09.17 22:22:44 | 000,603,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.09.17 22:22:44 | 000,515,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.09.17 22:22:44 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.09.17 22:22:44 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.09.17 22:22:42 | 015,703,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.09.17 22:22:42 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432723.dll
[2013.09.17 22:22:42 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432723.dll
[2013.09.17 22:22:42 | 000,681,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.09.17 22:22:42 | 000,586,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.09.17 22:22:42 | 000,458,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013.09.17 22:22:42 | 000,388,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013.09.17 22:22:42 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.09.17 22:22:42 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.09.17 22:22:40 | 002,970,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.09.17 22:22:40 | 002,789,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.09.17 22:22:38 | 009,281,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.09.17 22:22:38 | 007,720,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.09.17 22:22:38 | 002,367,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.09.17 22:22:38 | 002,007,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.09.17 22:22:28 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.09.17 22:22:26 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.09.16 21:09:23 | 000,000,000 | ---D | C] -- C:\TeamViewer
[2013.09.13 12:52:28 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\Documents\SHIFT 2 UNLEASHED
[2013.09.13 12:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2013.09.13 00:39:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.13 00:39:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.13 00:39:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.13 00:39:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.13 00:39:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.13 00:39:22 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.13 00:39:21 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.13 00:39:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.13 00:39:21 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.13 00:39:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.13 00:39:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.13 00:39:20 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.13 00:39:19 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.13 00:39:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.13 00:39:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.13 00:03:30 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.13 00:03:30 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.13 00:03:30 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.13 00:03:29 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.13 00:03:29 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.13 00:03:29 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.13 00:03:29 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.13 00:03:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.13 00:03:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.13 00:03:28 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.13 00:03:28 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.13 00:03:28 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.13 00:03:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.13 00:03:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.13 00:03:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.13 00:03:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.13 00:03:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.13 00:03:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.13 00:03:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.13 00:03:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.13 00:03:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.13 00:03:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.13 00:03:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.13 00:03:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.13 00:03:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.13 00:03:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.13 00:03:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.13 00:03:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.13 00:03:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.13 00:03:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.13 00:03:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.13 00:03:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.13 00:03:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.12 01:57:37 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\Desktop\Minecraft 1.6.6
[2013.09.12 01:56:15 | 001,095,080 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.09.12 01:56:15 | 000,973,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.09.12 01:56:15 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.09.12 01:56:11 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.09.12 01:56:11 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.09.12 01:56:11 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.09.12 01:56:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.09.12 01:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.09.12 01:17:50 | 000,571,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.09.08 21:58:03 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\.minecraft
[2013.09.07 02:44:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013.09.07 02:44:33 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\AVS4YOU
[2013.09.06 22:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2013.09.06 22:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013.09.06 22:02:55 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.09.06 22:02:55 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013.09.03 14:35:34 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\Desktop\MPPPP
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

cudak01 · #4 Příspěvek od **cudak01** » 28 zář 2013 23:56

========== Files - Modified Within 30 Days ==========

[2013.09.29 00:27:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.29 00:23:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.29 00:23:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.29 00:22:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.29 00:00:54 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.29 00:00:54 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.28 23:55:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
[2013.09.28 23:52:31 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2013.09.28 23:52:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.28 23:52:08 | 2146,000,895 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.28 00:25:13 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.09.27 16:42:22 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.27 16:42:22 | 000,658,298 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.09.27 16:42:22 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.27 16:42:22 | 000,139,984 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.09.27 16:42:22 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.26 18:54:59 | 000,298,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.23 20:21:26 | 000,001,257 | ---- | M] () -- C:\Users\Miroslav\Desktop\Chicken.lnk
[2013.09.21 14:54:47 | 000,001,586 | ---- | M] () -- C:\Users\Miroslav\Desktop\Detection - odkaz.lnk
[2013.09.21 02:04:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.09.19 20:24:43 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.09.19 20:24:43 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.09.17 22:22:56 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.09.17 22:22:56 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.09.17 22:22:52 | 015,901,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.09.17 22:22:52 | 013,628,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.09.17 22:22:50 | 001,412,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.09.17 22:22:50 | 001,222,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.09.17 22:22:48 | 029,337,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.09.17 22:22:48 | 007,648,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.09.17 22:22:48 | 006,329,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.09.17 22:22:46 | 022,102,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.09.17 22:22:46 | 000,317,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.09.17 22:22:46 | 000,266,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.09.17 22:22:44 | 000,603,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.09.17 22:22:44 | 000,515,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.09.17 22:22:44 | 000,168,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.09.17 22:22:44 | 000,141,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.09.17 22:22:44 | 000,022,814 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.09.17 22:22:42 | 015,703,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.09.17 22:22:42 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432723.dll
[2013.09.17 22:22:42 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432723.dll
[2013.09.17 22:22:42 | 000,681,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.09.17 22:22:42 | 000,586,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.09.17 22:22:42 | 000,458,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013.09.17 22:22:42 | 000,388,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013.09.17 22:22:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.09.17 22:22:42 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.09.17 22:22:40 | 012,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.09.17 22:22:40 | 002,970,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.09.17 22:22:40 | 002,789,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.09.17 22:22:38 | 009,281,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.09.17 22:22:38 | 007,720,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.09.17 22:22:38 | 002,367,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.09.17 22:22:38 | 002,007,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.09.17 22:22:28 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.09.17 22:22:26 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.09.17 22:22:26 | 002,986,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.09.17 22:22:26 | 002,630,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.09.16 21:09:26 | 000,000,630 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.09.16 20:54:30 | 000,000,017 | ---- | M] () -- C:\Users\Miroslav\AppData\Local\resmon.resmoncfg
[2013.09.12 09:25:43 | 006,599,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.09.12 09:25:43 | 003,452,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.09.12 09:25:40 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.09.12 09:25:40 | 000,219,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.09.12 09:25:40 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.09.12 01:56:05 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.09.12 01:56:03 | 001,095,080 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.09.12 01:56:03 | 000,973,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.09.12 01:56:03 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.09.12 01:56:03 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.09.12 01:56:03 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.09.12 01:17:50 | 000,571,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.09.12 00:06:31 | 003,361,114 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.09.06 20:13:11 | 000,279,085 | ---- | M] () -- C:\Users\Public\Documents\kolečká.jpeg
[2013.09.02 21:13:03 | 000,000,000 | ---- | M] () -- C:\[3].mp3
[2013.08.30 21:32:48 | 000,355,345 | ---- | M] () -- C:\Users\Miroslav\Desktop\2012motoguzzigriso8vblackdevils.jpg
[2013.08.30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.08.30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.08.30 09:48:10 | 000,204,880 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.08.30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.08.30 09:48:10 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.08.30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.08.30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.08.30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.08.30 09:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.08.30 09:47:14 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.09.28 23:59:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.28 00:25:13 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.09.23 20:21:26 | 000,001,257 | ---- | C] () -- C:\Users\Miroslav\Desktop\Chicken.lnk
[2013.09.23 19:29:27 | 094,264,883 | ---- | C] () -- C:\Users\Public\Documents\Steeps SK-Hexxit+MC.rar
[2013.09.21 14:54:47 | 000,001,586 | ---- | C] () -- C:\Users\Miroslav\Desktop\Detection - odkaz.lnk
[2013.09.21 01:23:02 | 000,501,760 | ---- | C] () -- C:\Windows\SysNative\ZSHP1020.EXE
[2013.09.21 01:23:02 | 000,192,512 | ---- | C] () -- C:\Windows\SysNative\ZLhp1020.DLL
[2013.09.16 21:09:26 | 000,000,642 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.09.16 21:09:26 | 000,000,630 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.09.16 20:54:30 | 000,000,017 | ---- | C] () -- C:\Users\Miroslav\AppData\Local\resmon.resmoncfg
[2013.09.13 18:15:05 | 094,264,883 | ---- | C] () -- C:\Users\Miroslav\Desktop\DanteLP-Hexxit+MC.rar
[2013.09.06 20:14:20 | 000,279,085 | ---- | C] () -- C:\Users\Public\Documents\kolečká.jpeg
[2013.09.02 21:13:03 | 000,000,000 | ---- | C] () -- C:\[3].mp3
[2013.08.30 21:32:47 | 000,355,345 | ---- | C] () -- C:\Users\Miroslav\Desktop\2012motoguzzigriso8vblackdevils.jpg
[2013.07.05 07:00:21 | 000,000,109 | ---- | C] () -- C:\Windows\disney.ini
[2013.07.02 20:33:33 | 000,290,776 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.07.02 20:33:30 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.06.02 19:35:23 | 000,234,010 | ---- | C] () -- C:\Windows\SysWow64\poclbm130302GeForce GTX 650gv1w256l4.bin
[2013.06.01 19:41:01 | 001,547,470 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.31 18:08:56 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013.05.31 18:08:56 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2013.05.31 18:01:37 | 000,038,922 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013.05.31 18:01:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.05.31 18:01:11 | 000,034,444 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.13 15:59:24 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\.minecraft
[2013.06.04 03:09:31 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\DAEMON Tools Pro
[2013.07.05 07:17:22 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Disney Interactive Studios
[2013.09.28 23:53:47 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\eUpdate
[2013.07.26 23:43:58 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Leadertech
[2013.07.01 23:04:13 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Lionhead Studios
[2013.06.17 18:11:13 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\LolClient
[2013.09.18 01:53:48 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\TeamViewer
[2013.09.20 16:03:54 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\The Creative Assembly
[2013.06.01 18:17:22 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Theta
[2013.09.28 17:27:12 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,522 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.05.31 18:02:04 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.31 18:02:05 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.31 22:14:31 | 000,000,328 | ---- | C] () -- C:\Windows\Tasks\RtlNICDiagVistaStart.job
[2013.06.02 02:43:19 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.09.13 15:59:24 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\.minecraft
[2013.06.08 23:51:30 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Adobe
[2013.09.07 02:44:33 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\AVS4YOU
[2013.06.04 03:09:31 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\DAEMON Tools Pro
[2013.07.05 07:17:22 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Disney Interactive Studios
[2013.09.28 23:53:47 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\eUpdate
[2013.05.31 17:59:46 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Identities
[2013.07.26 23:43:58 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Leadertech
[2013.07.01 23:04:13 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Lionhead Studios
[2013.06.17 18:11:13 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\LolClient
[2013.05.31 19:07:12 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Media Center Programs
[2013.09.28 01:00:10 | 000,000,000 | --SD | M] -- C:\Users\Miroslav\AppData\Roaming\Microsoft
[2013.09.08 22:12:07 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\NVIDIA
[2013.09.18 01:53:48 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\TeamViewer
[2013.09.20 16:03:54 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\The Creative Assembly
[2013.06.01 18:17:22 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Theta
[2013.09.28 17:27:12 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\uTorrent
[2013.06.14 17:31:54 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.06.03 00:26:36 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Users\Miroslav\AppData\Roaming\uTorrent\uTorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Handy Updater" = "C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.29 00:27:39 | 000,000,512 | ---- | M] () MD5=2E982C5D4260334240B911A3B5E03BD0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.08.16 16:49:12 | 000,181,556 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_boom_v1.ebm
[2010.08.16 16:49:12 | 000,181,556 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_boom_v2.ebm
[2010.08.16 16:49:12 | 000,228,682 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_boom_v3.ebm
[2010.08.16 16:49:14 | 000,102,333 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_f1.ebm
[2010.08.16 16:49:14 | 000,103,009 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_f2.ebm
[2010.08.16 16:49:14 | 000,106,618 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_f3.ebm
[2010.08.16 16:49:14 | 000,117,647 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_f4.ebm
[2010.08.16 16:49:14 | 000,091,997 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_f5.ebm
[2010.08.16 16:49:14 | 000,067,071 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_gound_low.ebm
[2010.08.16 16:49:14 | 000,124,347 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_grav.ebm
[2010.08.16 16:49:14 | 000,114,050 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_grav2.ebm
[2010.08.16 16:49:14 | 001,055,743 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ground.ebm
[2013.02.13 18:29:18 | 000,059,261 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice2_01.ebm
[2010.05.26 09:45:10 | 000,071,158 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_1.ebm
[2013.02.13 18:29:18 | 000,052,731 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_1r.ebm
[2013.02.13 18:29:18 | 000,058,875 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_1rd.ebm
[2010.05.26 09:45:10 | 000,078,706 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_2.ebm
[2013.02.13 18:29:18 | 000,060,279 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_2r.ebm
[2013.02.13 18:29:18 | 000,075,639 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_2rd.ebm
[2010.05.26 09:45:10 | 000,029,122 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_3.ebm
[2013.02.13 18:29:18 | 000,015,842 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_ice_3rd.ebm
[2010.03.26 18:19:12 | 000,138,802 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_in.ebm
[2010.03.26 18:19:12 | 000,181,236 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_mid.ebm
[2010.03.26 18:19:12 | 000,209,388 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_out.ebm
[2010.08.16 16:49:14 | 000,173,009 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_piece_fire1.ebm
[2010.08.16 16:49:14 | 000,102,573 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_piece_fire1_low.ebm
[2010.08.16 16:49:14 | 000,116,533 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\crack_piece_fire2.ebm
[2010.03.26 18:19:14 | 000,968,619 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\dx2_trainup_crack.ebm
[2010.03.26 18:19:14 | 000,640,101 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\dx2_trainup_nocrack.ebm
[2010.05.26 09:45:24 | 000,048,069 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\icepillar_crack_t1.ebm
[2010.05.26 09:45:24 | 000,051,225 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\icepillar_crack_t2.ebm
[2010.05.26 09:45:24 | 000,048,549 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\icepillar_crack_t3.ebm
[2010.03.26 18:19:16 | 000,074,171 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\ncrack_001.ebm
[2010.03.26 18:19:16 | 000,072,443 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\ncrack_001_1.ebm
[2010.03.26 18:19:16 | 000,096,425 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\ncrack_002.ebm
[2010.03.26 18:19:16 | 000,106,392 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\ncrack_002_1.ebm
[2010.03.26 18:19:16 | 000,378,083 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebm\ncrack_003.ebm
[2013.03.29 14:41:44 | 000,065,832 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\ebs\crack_floor.ebs
[2010.03.26 18:19:22 | 000,001,105 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\efx\crack_circle.efx
[2013.02.13 18:29:56 | 000,002,170 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\efx\exploe_crack1.efx
[2010.03.26 18:19:24 | 000,001,120 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\efx\exploe_crack3.efx
[2010.03.26 18:19:24 | 000,001,469 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\efx\exploe_crack4.efx
[2010.03.26 18:19:24 | 000,001,815 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\efx\expole_crack.efx
[2010.03.26 18:19:24 | 000,001,469 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\efx\expole_crack2.efx
[2010.08.16 16:50:34 | 000,001,467 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\FX\SRC\efx\expole_crack_np.efx
[2011.05.18 13:31:40 | 000,017,376 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\Item\event\evt2_tex_crackegg.ebm
[2010.03.26 18:28:56 | 000,000,816 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\Object\Object\object_fx\fearofd\crackegg_a.efx
[2010.03.26 18:28:56 | 000,087,665 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\Object\Object\object_fx\fearofd\crackegg_a_add.ebm
[2010.03.26 18:28:56 | 000,558,072 | ---- | M] () -- \Hry\CABAL Online (Europe)\Data\Object\Object\object_fx\fearofd\fearofd_crackegg_a.ebm
[2010.02.15 12:51:58 | 000,000,149 | R--- | M] () -- \Hry\SHIFT 2 UNLEASHED\GUI\glass_cracks.bspr
[2013.07.02 18:21:15 | 000,599,242 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\APB Reloaded\APBGame\Content\Release\Packages\SymbolEditor\Primitives_SplatsCracks.upk
[2013.07.01 23:21:48 | 000,000,676 | ---- | M] () -- \Users\Miroslav\AppData\Roaming\uTorrent\Fable 3 Crack Fix - SKIDROW.zip.torrent
[2010.09.15 23:00:20 | 000,181,556 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_boom_v1.ebm
[2010.09.15 23:00:20 | 000,181,556 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_boom_v2.ebm
[2010.09.15 23:00:20 | 000,228,682 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_boom_v3.ebm
[2010.09.15 23:00:20 | 000,102,333 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_f1.ebm
[2010.09.15 23:00:20 | 000,103,009 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_f2.ebm
[2010.09.15 23:00:20 | 000,106,618 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_f3.ebm
[2010.09.15 23:00:20 | 000,117,647 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_f4.ebm
[2010.09.15 23:00:20 | 000,091,997 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_f5.ebm
[2010.09.15 23:00:20 | 000,067,071 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_gound_low.ebm
[2010.09.15 23:00:20 | 000,124,347 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_grav.ebm
[2010.09.15 23:00:20 | 000,114,050 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_grav2.ebm
[2010.09.15 23:00:22 | 001,055,743 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ground.ebm
[2012.08.27 17:51:52 | 000,059,261 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice2_01.ebm
[2010.06.03 15:27:06 | 000,071,158 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_1.ebm
[2012.09.25 12:19:14 | 000,052,731 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_1r.ebm
[2012.09.25 12:19:14 | 000,058,875 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_1rd.ebm
[2010.06.03 15:27:06 | 000,078,706 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_2.ebm
[2012.09.25 12:19:14 | 000,060,279 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_2r.ebm
[2012.09.25 12:19:14 | 000,075,639 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_2rd.ebm
[2010.06.03 15:27:06 | 000,029,122 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_3.ebm
[2012.09.25 12:19:14 | 000,015,842 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_ice_3rd.ebm
[2009.08.14 19:18:48 | 000,138,802 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_in.ebm
[2009.08.14 19:18:50 | 000,181,236 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_mid.ebm
[2009.08.14 19:18:50 | 000,209,388 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_out.ebm
[2010.09.15 23:00:22 | 000,173,009 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_piece_fire1.ebm
[2010.09.15 23:00:22 | 000,102,573 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_piece_fire1_low.ebm
[2010.09.15 23:00:22 | 000,116,533 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\crack_piece_fire2.ebm
[2010.02.18 21:27:42 | 000,968,619 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\dx2_trainup_crack.ebm
[2010.02.18 21:27:42 | 000,640,101 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\dx2_trainup_nocrack.ebm
[2010.06.03 15:27:20 | 000,048,069 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\icepillar_crack_t1.ebm
[2010.06.03 15:27:20 | 000,051,225 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\icepillar_crack_t2.ebm
[2010.06.03 15:27:20 | 000,048,549 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\icepillar_crack_t3.ebm
[2009.08.14 19:18:54 | 000,074,171 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\ncrack_001.ebm
[2009.08.14 19:18:54 | 000,072,443 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\ncrack_001_1.ebm
[2009.08.14 19:18:54 | 000,096,425 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\ncrack_002.ebm
[2009.08.14 19:18:54 | 000,106,392 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\ncrack_002_1.ebm
[2009.08.14 19:18:54 | 000,378,083 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebm\ncrack_003.ebm
[2013.01.30 16:36:56 | 000,065,832 | R--- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\ebs\crack_floor.ebs
[2009.08.14 19:19:02 | 000,001,105 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\efx\crack_circle.efx
[2012.12.05 19:33:56 | 000,002,170 | R--- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\efx\exploe_crack1.efx
[2010.02.18 21:28:40 | 000,001,120 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\efx\exploe_crack3.efx
[2010.02.18 21:28:40 | 000,001,469 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\efx\exploe_crack4.efx
[2009.08.14 19:19:02 | 000,001,815 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\efx\expole_crack.efx
[2009.08.14 19:19:02 | 000,001,469 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\efx\expole_crack2.efx
[2010.09.15 23:01:34 | 000,001,467 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\FX\SRC\efx\expole_crack_np.efx
[2011.08.17 16:55:28 | 000,017,376 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\Item\event\evt2_tex_crackegg.ebm
[2012.12.05 15:33:56 | 000,002,170 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\Item\FX\SRC\efx\exploe_crack1.efx
[2009.08.14 19:20:08 | 000,000,816 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\Object\Object\object_fx\fearofd\crackegg_a.efx
[2009.08.14 19:20:08 | 000,087,665 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\Object\Object\object_fx\fearofd\crackegg_a_add.ebm
[2009.08.14 19:20:08 | 000,558,072 | ---- | M] () -- \Users\Miroslav\Desktop\BEAST Cabal EP8\Data\Object\Object\object_fx\fearofd\fearofd_crackegg_a.ebm

cudak01 · #5 Příspěvek od **cudak01** » 28 zář 2013 23:57

< *keygen* /s >
[2013.06.16 17:57:06 | 000,000,689 | ---- | M] () -- \Users\Miroslav\AppData\Roaming\uTorrent\Two.Worlds.2.Keygen.Fix-RELOADED.torrent

< *AntiWPA* /s >

< *loader* /s >
[2012.11.14 12:41:38 | 000,234,616 | ---- | M] () -- \Hry\Assassins Creed III\ubiorbitapi_r2_loader.dll
[2012.11.18 23:58:16 | 000,003,584 | ---- | M] () -- \Hry\Assassins Creed III\uplay_r1_loader.dll
[2013.04.15 01:20:36 | 000,003,507 | ---- | M] () -- \Hry\BeamNG-DRIVE-0.3\tools\editorClasses\scripts\fileLoader.ed.cs
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \Hry\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.47\deploy\assets\storeImages\layout\small_loader.gif
[2013.08.04 21:49:28 | 000,001,415 | ---- | M] () -- \Hry\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.47\deploy\mod\cfct\assets\FeaturedContentLoaderAssets.swf
[2013.06.02 18:15:22 | 000,000,448 | ---- | M] () -- \Hry\PlanetSide 2\.DownloadError.txt
[2013.05.07 20:05:21 | 000,142,336 | ---- | M] () -- \Hry\PlanetSide 2\APEX_Loader_x86.dll
[2012.06.05 19:24:09 | 000,290,816 | ---- | M] () -- \Hry\PlanetSide 2\wws_crashreport_uploader.exe
[2013.02.02 00:04:54 | 000,300,392 | ---- | M] () -- \Hry\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe
[2011.11.09 16:28:52 | 000,022,574 | ---- | M] () -- \Hry\The Witcher 2\CookedPC\globals\gui\loadingscreens\loader.swf
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\ExtensionLoader.dll
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\GFExperience\ExtensionLoader.dll
[2010.01.13 11:38:50 | 000,803,968 | R--- | M] () -- \Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe
[2009.04.20 04:23:30 | 000,000,925 | R--- | M] () -- \Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe.manifest
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.07.27 10:38:15 | 001,152,288 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 10:57:24 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 10:57:24 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.06.04 10:57:24 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.04 10:57:24 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.07.02 19:00:49 | 000,002,713 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\APB Reloaded\APBGame\Gecko\Data\components\uriloader.xpt
[2013.07.02 19:19:27 | 000,065,536 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\PhysXLocal\PhysXLoader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.07.27 10:38:15 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{D47FE466-C1D6-42B7-9FE1-C14F68EB6383}\ExtensionLoader.dll
[2013.08.22 19:01:26 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.01.13 11:38:50 | 000,803,968 | R--- | M] () -- \ProgramData\ASUS\AASP\1.02.00\AsLoader.exe
[2009.04.20 04:23:30 | 000,000,925 | R--- | M] () -- \ProgramData\ASUS\AASP\1.02.00\AsLoader.exe.manifest
[2010.01.13 11:38:50 | 000,803,968 | R--- | M] () -- \Users\All Users\ASUS\AASP\1.02.00\AsLoader.exe
[2009.04.20 04:23:30 | 000,000,925 | R--- | M] () -- \Users\All Users\ASUS\AASP\1.02.00\AsLoader.exe.manifest
[2011.06.01 16:58:22 | 000,000,340 | ---- | M] () -- \Users\Miroslav\Desktop\Minecraft 1.6.6\.minecraft\ModLoader.txt
[2011.06.01 16:41:01 | 000,000,105 | ---- | M] () -- \Users\Miroslav\Desktop\Minecraft 1.6.6\.minecraft\config\ModLoader.cfg
[2013.06.24 15:43:26 | 000,683,488 | ---- | M] () -- \Users\Miroslav\Desktop\Minecraft 1.6.6\.minecraft\minecraft\ForgeModLoader-client-0.log
[2013.06.24 13:50:44 | 000,000,000 | ---- | M] () -- \Users\Miroslav\Desktop\Minecraft 1.6.6\.minecraft\minecraft\ForgeModLoader-client-0.log.lck
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.07.04 00:37:40 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2013.07.04 00:37:40 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2013.07.04 00:37:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2013.07.04 00:37:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2013.07.04 00:37:40 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013.05.31 22:55:04 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.05.31 22:55:04 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.05.31 22:55:04 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.05.31 22:55:04 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.05.31 22:55:04 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.13 18:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2000.01.03 08:54:00 | 000,000,142 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\DMIInfo\ftv2lastnode.gif
[2000.01.03 08:54:00 | 000,000,125 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\DMIInfo\ftv2mlastnode.gif
[2000.01.03 08:54:00 | 000,000,130 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\DMIInfo\ftv2plastnode.gif
[2000.01.03 08:54:00 | 000,000,142 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\PCIInfo\ftv2lastnode.gif
[2000.01.03 08:54:00 | 000,000,125 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\PCIInfo\ftv2mlastnode.gif
[2000.01.03 08:54:00 | 000,000,130 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\PCIInfo\ftv2plastnode.gif
[2000.01.03 08:54:00 | 000,000,142 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\WMIInfo\ftv2lastnode.gif
[2000.01.03 08:54:00 | 000,000,125 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\WMIInfo\ftv2mlastnode.gif
[2000.01.03 08:54:00 | 000,000,130 | ---- | M] () -- \Program Files (x86)\ASUS\PC Probe II\WMIInfo\ftv2plastnode.gif

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.09.28 10:23:06 | 000,015,028 | ---- | M] () -- \Hry\The Witcher 2\Launcher\Neutral\serial_window.png
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.07.02 19:20:31 | 000,027,728 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\AutoReporter.XmlSerializers.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.16 03:07:12 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.16 17:18:41 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.08.16 03:05:02 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.17 01:12:30 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.08.16 23:52:24 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0a3d8f846e42d481c0cc2200b7859858\System.Runtime.Serialization.ni.dll
[2013.08.17 01:22:58 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b76a18847d4b4b5955455db8c387ec3b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.10 22:35:14 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\9c2aa336ecfcbf5307054dd36a286192\System.Xml.Serialization.ni.dll
[2013.08.17 01:18:21 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.08.17 01:19:26 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.10 23:46:38 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2013.06.01 19:42:35 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.08.15 19:10:26 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.06.01 19:42:35 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.08.15 19:10:25 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 19:10:30 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.13 18:29:14 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.13 18:29:14 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.13 18:47:16 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.13 18:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2012.10.06 12:53:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.06 12:56:09 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2012.10.06 12:53:00 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.06 12:56:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.05.31 22:54:51 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.05.31 22:54:51 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2013.07.04 00:37:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2013.07.04 00:37:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2012.10.06 20:44:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.17136_none_593e9c4e749147df.manifest
[2012.10.06 21:00:33 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.21337_none_4270dea28e38c1d7.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2012.10.06 20:46:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_9415a918c8894278.manifest
[2012.10.06 21:01:29 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_7d47eb6ce230bc70.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2012.10.06 20:07:20 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009.manifest
[2012.10.06 20:58:54 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.13 18:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012.10.06 22:42:01 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023.manifest
[2012.10.07 00:05:03 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012.10.05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2012.10.06 20:11:48 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c.manifest
[2012.10.06 21:03:01 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2012.10.06 20:09:38 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e.manifest
[2012.10.06 21:00:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2012.10.06 12:54:26 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.17136_none_a6a4fe887487d009\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.21337_none_8fd740dc8e2f4a01\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.06 12:57:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.17136_cs-cz_3450454183d3f023\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.21337_cs-cz_1d8287959d7b6a1b\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.17136_none_d6e834229c2ed13c\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.21337_none_c01a7676b5d64b34\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.13 18:29:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2012.10.06 12:54:25 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.17136_none_dbc2dfefdd056b7e\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.21337_none_c4f52243f6ace576\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.06 12:57:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 21 bytes -> \Hry\PlanetSide 2\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 21 bytes -> \Hry\PlanetSide 2\APEX_Loader_x86.dll:crc
@Alternate Data Stream - 176 bytes -> C:\Users\Public\Documents\kolečká.jpeg:3or4kl4x13tuuug3Byamue2s4b

< End of report >

cudak01 · #6 Příspěvek od **cudak01** » 29 zář 2013 00:03

ale neviem kde mám nájsť ten Extras.txt

cudak01 · #7 Příspěvek od **cudak01** » 29 zář 2013 01:10

a ešte otázka stačilo by pre inštalovať windows ?? za odpoveď ďakujem

#8 Příspěvek od **Márty84** » 29 zář 2013 07:37

Extras se vytvori jen pri prvnim spusteni OTL v pc. Pokud se neobjevil, asi jste ho uz nekdy v minulosti spoustel. Ale to je jedno, neni tak dulezity.

Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Preinstalace by pomohla, ale neni nutna.

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

3.11. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

neviem si rady DELTA HOMES

neviem si rady DELTA HOMES

Re: neviem si rady DELTA HOMES

Re: neviem si rady DELTA HOMES

Re: neviem si rady DELTA HOMES

Re: neviem si rady DELTA HOMES

Re: neviem si rady DELTA HOMES

Re: neviem si rady DELTA HOMES

Re: neviem si rady DELTA HOMES