Vir - Facebook vir

Zpráva

#16 Příspěvek od **vyosek** » 23 pro 2011 10:51

Zdravim

Na zadost kolegy spam odstranen

A za vase jednani udeleno varovani moderatora fora i s prislunym rankem - podobne vylevy patri tak mozna na xchat ci lide.cz kde pubertaci nemaji co delat ale ne na seriozni a odborne zamerene forum

S pozdravem vyosek - moderator fora

Neliell · #17 Příspěvek od **Neliell** » 23 pro 2011 21:40

Ještě jednou se omlouvám, za odstranění spamu děkuji.

Neliell · #18 Příspěvek od **Neliell** » 23 pro 2011 21:43

Ano, v kládala jsem ti to tady celé... Jenomže je toho opravdu dost. Tudíž jsem se na to v půli cesty vykvákla a radši to dala ke stáhnutí. ANO! Nastavovala jsem prosím 7 dnů.

#19 Příspěvek od **Mc_Murphy** » 24 pro 2011 07:45

Na kolik by to vyšlo celkem příspěvků? Jestli do tří, tak to sem vlož.
Nebo se na to klidně vykvákni, jak sama píšeš, když Ti na stavu Tvého PC nezáleží. Pro mě není problém se na to taky vykváknout a uzavřít to tu.

Neliell · #20 Příspěvek od **Neliell** » 24 pro 2011 08:47

Minimálně do 20

290 k znaků

.. Na stavu mého PC mi záleží.
Začala jsem to vkládat, bylo zde asi 5 ne-li více přízpěvků z OTL logu. Udělala jsem tedy z toho smajlíky, aby to nezavazelo

a dala jsem soubor ke stažení.

Neliell · #21 Příspěvek od **Neliell** » 24 pro 2011 09:30

Šťastné a Veselé vánoční svátky přeji všem z vašeho týmu

.

#22 Příspěvek od **Mc_Murphy** » 24 pro 2011 13:13

Koukal jsem na ten log, něco je špatně a já vím co...
Zkus provést scan s OTL podle původního postupu s takto poupraveným scriptem:

Kód: Vybrat vše

CREATERESTOREPOINT

netsvc
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s

reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Teď už by logy neměly být tak dlouhé.

Neliell · #23 Příspěvek od **Neliell** » 25 pro 2011 19:28

Hází mi to chybu "Cannot create file C:\Users\oem\Desktop\cmd.bat"

#24 Příspěvek od **Mc_Murphy** » 25 pro 2011 19:45

Použij tedy tento script:

Kód: Vybrat vše

CREATERESTOREPOINT

netsvc
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s

%SystemDrive%\PhysicalMBR.bin /md5

Neliell · #25 Příspěvek od **Neliell** » 25 pro 2011 20:41

Je to pořád dlouhé

Neliell · #26 Příspěvek od **Neliell** » 25 pro 2011 20:44

Ale už né, tak dlouhé, rozdělím to tedy, tak jak jsi mi říkal do více logů, pošlu dva, tady je první

OTL logfile created on: 25.12.2011 20:01:49 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\oem\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,87 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 39,26% Memory free
7,73 Gb Paging File | 5,13 Gb Available in Paging File | 66,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584,07 Gb Total Space | 486,25 Gb Free Space | 83,25% Space Free | Partition Type: NTFS

Computer Name: OEM-PC | User Name: oem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.12.22 22:05:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.03.18 16:50:58 | 002,271,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.01.30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009.12.24 01:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.09.30 13:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 13:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.03.17 10:56:12 | 000,866,336 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010.01.22 02:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.03.18 16:50:58 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.01.30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.12.24 01:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.09.30 13:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 13:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.04.01 09:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.21 10:59:08 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.03.01 08:20:56 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.01.28 02:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.27 04:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010.01.22 02:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.01.22 01:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.01.06 14:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.12.17 18:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.10 12:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.09.15 05:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.28 19:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/13 18:29:14] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5x4592m618
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5x4592m618

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\oem\Downloads
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\oem\AppData\Local\Google\Chrome\Application\15.0.874.102\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Chrome NaCl (Enabled) = C:\Users\oem\AppData\Local\Google\Chrome\Application\15.0.874.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\oem\AppData\Local\Google\Chrome\Application\15.0.874.102\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\

O1 HOSTS File: ([2011.12.19 22:56:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A67D43D2-4260-4B01-BD7E-1290BE362508}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB792E01-2EC1-43E1-BA1B-5FD6CA9F7CF7}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.12.22 22:21:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
[2011.12.22 22:05:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
[2011.12.19 23:03:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.12.18 20:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[3 C:\Users\oem\AppData\Local\*.tmp files -> C:\Users\oem\AppData\Local\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.12.25 20:03:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.25 15:31:36 | 000,049,248 | ---- | M] () -- C:\Users\oem\Desktop\387255_289893597715070_227840210587076_720657_858158758_n.jpg
[2011.12.24 20:52:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.24 20:52:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.24 20:36:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.24 08:43:07 | 3113,254,912 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.22 22:24:59 | 000,001,199 | ---- | M] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2011.12.22 22:05:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
[2011.12.19 23:01:26 | 001,469,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.19 23:01:26 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.12.19 23:01:26 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.19 23:01:26 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.12.19 23:01:26 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.19 22:56:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[3 C:\Users\oem\AppData\Local\*.tmp files -> C:\Users\oem\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.25 15:31:34 | 000,049,248 | ---- | C] () -- C:\Users\oem\Desktop\387255_289893597715070_227840210587076_720657_858158758_n.jpg
[2011.12.22 22:32:13 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.22 22:21:31 | 000,001,199 | ---- | C] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2011.12.17 20:48:38 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.12.17 20:48:38 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.12.17 20:48:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.12.17 20:48:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.12.17 20:48:38 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.10.24 19:22:06 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{D37D13B6-27C0-4287-9D4D-DDCE9572467D}
[2011.08.29 23:34:51 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{E81F0030-7C92-4CBE-B229-9C74961D5028}
[2011.08.03 03:39:55 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{621D4880-EA39-451F-925E-41D7A6C87CEB}
[2011.07.30 01:14:33 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{F303A536-A429-445C-ADDF-0D5196A58E99}
[2011.07.29 20:26:36 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{A33E3D76-F5D8-4777-8B68-9DBE0FFA8B7D}
[2011.07.03 21:13:25 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.06.29 20:31:43 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{CA0C00E5-0428-4128-BAA5-F617A116D747}
[2011.06.22 21:41:05 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{3E638734-8735-4EFD-9CD9-609D212E6E35}
[2011.05.17 05:49:49 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{A0709926-D57C-439E-884F-1FF67A0FFED8}
[2011.05.16 12:38:41 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{6CE531AE-2EF1-4E9E-A292-2D8087F3BA0E}
[2011.05.12 15:54:13 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{5BABCE94-8799-408A-B93E-D1E3398F10A2}
[2011.05.12 15:43:21 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\{C4244C8B-533B-4282-A18A-99AC407FDB8D}
[2011.05.10 18:58:40 | 000,017,212 | ---- | C] () -- C:\Users\oem\AppData\Roaming\UserTile.png
[2011.02.04 20:49:17 | 000,032,752 | ---- | C] () -- C:\Windows\SysWow64\NTAgent.exe
[2011.02.04 20:18:54 | 001,471,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.04 19:48:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.04 19:45:48 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.02.04 19:43:17 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2011.02.04 19:41:50 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2010.04.12 04:11:27 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003.05.05 10:59:38 | 000,000,795 | ---- | C] () -- C:\Windows\VPlayer.INI

========== LOP Check ==========

[2011.07.27 15:28:52 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\.minecraft
[2011.03.13 18:24:15 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Ashampoo
[2011.10.30 08:46:51 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
[2011.03.13 18:24:03 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\ESET
[2011.03.13 17:22:00 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\GHISLER
[2011.08.06 01:49:40 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\ICQ
[2011.11.24 19:53:41 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Mumble
[2011.03.27 15:32:50 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\TeamViewer
[2011.04.06 20:14:45 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\TS3Client
[2011.06.27 20:15:18 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< netsvc >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.02.04 11:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.04 11:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.04 11:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.04 11:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

Neliell · #27 Příspěvek od **Neliell** » 25 pro 2011 20:45

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\031724aa6ec4ce697a3e2d6abc002133\*.tmp files -> C:\Windows\SoftwareDistribution\Download\031724aa6ec4ce697a3e2d6abc002133\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\03b35f5382961e8e1ef20409075e0088\*.tmp files -> C:\Windows\SoftwareDistribution\Download\03b35f5382961e8e1ef20409075e0088\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\066c244c43c09c2f74e7c09e14e7ee38\*.tmp files -> C:\Windows\SoftwareDistribution\Download\066c244c43c09c2f74e7c09e14e7ee38\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\06a932a55b2fe4ea417f7d5f84e8d2f3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\06a932a55b2fe4ea417f7d5f84e8d2f3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\10a4a8847009249ae776dddf0dfac697\*.tmp files -> C:\Windows\SoftwareDistribution\Download\10a4a8847009249ae776dddf0dfac697\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\19bbd327642e29154eb618354a5b15e3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\19bbd327642e29154eb618354a5b15e3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1b755e39cbc7b4281c746a7b5f1cb296\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1b755e39cbc7b4281c746a7b5f1cb296\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1c1725345550db247e80071b2a61d35b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1c1725345550db247e80071b2a61d35b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\25e98dafef2ef365b34d072b82efa034\*.tmp files -> C:\Windows\SoftwareDistribution\Download\25e98dafef2ef365b34d072b82efa034\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2754ec1593865b0d91b417b3e3f8ea21\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2754ec1593865b0d91b417b3e3f8ea21\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\297e010eedecb73f780d95068d5339ad\*.tmp files -> C:\Windows\SoftwareDistribution\Download\297e010eedecb73f780d95068d5339ad\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2d3b9eaaa3aeca19ef27faf19da434d0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2d3b9eaaa3aeca19ef27faf19da434d0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3a393f2ac640f55267ac93ccaa18fa91\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3a393f2ac640f55267ac93ccaa18fa91\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3a97dad38b8bc9ed30087d25a0d7412a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3a97dad38b8bc9ed30087d25a0d7412a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3dcf34dc2ba7f7fcf538bb92ded2b3e3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3dcf34dc2ba7f7fcf538bb92ded2b3e3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3f7fdbb679855582669213253b5db0f9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3f7fdbb679855582669213253b5db0f9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\40298a5cb4246d479345ba280c3a92b2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\40298a5cb4246d479345ba280c3a92b2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4276ca8b3373bc3798d1bf5dc97c9814\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4276ca8b3373bc3798d1bf5dc97c9814\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5e4a463701d54c4527859ea6f3fbc498\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5e4a463701d54c4527859ea6f3fbc498\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6003bb824fa5fbc7e58d03102fa0b618\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6003bb824fa5fbc7e58d03102fa0b618\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\64517f593a4a513763da2282e764d49b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\64517f593a4a513763da2282e764d49b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\68c7325de5278cdea1621a94e8e059b7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\68c7325de5278cdea1621a94e8e059b7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\697bed8226f21a7a89c1878c921b423a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\697bed8226f21a7a89c1878c921b423a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6993638be416c67f97c446c063127117\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6993638be416c67f97c446c063127117\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\706c5a611fcdb874ae86b12bb9c70c4c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\706c5a611fcdb874ae86b12bb9c70c4c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7333e1d03635eb070f063fd5a9937c1a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7333e1d03635eb070f063fd5a9937c1a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\827a16e4fba28eeef74d212dee4c0279\*.tmp files -> C:\Windows\SoftwareDistribution\Download\827a16e4fba28eeef74d212dee4c0279\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\894a72d3fb16a7e332921c95445e0605\*.tmp files -> C:\Windows\SoftwareDistribution\Download\894a72d3fb16a7e332921c95445e0605\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8d807f892ca841589b4d5a3f13cd8cb3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8d807f892ca841589b4d5a3f13cd8cb3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8f6d7f428e2f5d0686db1a5a2675eef6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8f6d7f428e2f5d0686db1a5a2675eef6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9a2a46df216d84cd0b13bb0966ed011e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9a2a46df216d84cd0b13bb0966ed011e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a584b8b0ba27c0627c4961bd0a5274f4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a584b8b0ba27c0627c4961bd0a5274f4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a78917d05748669fcf5a38a8f38776a2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a78917d05748669fcf5a38a8f38776a2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\aea8268acfcab49a772f9f02da9b2030\*.tmp files -> C:\Windows\SoftwareDistribution\Download\aea8268acfcab49a772f9f02da9b2030\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b815a4898f183606f4963401e738fb46\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b815a4898f183606f4963401e738fb46\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ba63d4a0a2085126e12a0d6a295eba50\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ba63d4a0a2085126e12a0d6a295eba50\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bfb1c08d6e037134d7be5c3de1668731\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bfb1c08d6e037134d7be5c3de1668731\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c6a9f9ce4bb44b73d22de1ed703621eb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c6a9f9ce4bb44b73d22de1ed703621eb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c93c669d921635129fc5acdc97d11e06\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c93c669d921635129fc5acdc97d11e06\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d4e1eb2d43387f17283440dd6e32b800\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d4e1eb2d43387f17283440dd6e32b800\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d5036c4aee8158e424d425e4977f29cb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d5036c4aee8158e424d425e4977f29cb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d9c247dc000cd253c9ff9acf5c024bd3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d9c247dc000cd253c9ff9acf5c024bd3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e06bb4aa1cd68b29311aff634d65661f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e06bb4aa1cd68b29311aff634d65661f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ec86c1527f6cc1ef63504167bbb8b689\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ec86c1527f6cc1ef63504167bbb8b689\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ef38695ae943033caaabc0c2d5bd5882\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ef38695ae943033caaabc0c2d5bd5882\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\efbd2f71f2e41a38f6b24b2a13e276aa\*.tmp files -> C:\Windows\SoftwareDistribution\Download\efbd2f71f2e41a38f6b24b2a13e276aa\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f14c980d0258e15f28418bde72cd5440\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f14c980d0258e15f28418bde72cd5440\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.07.27 15:28:52 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\.minecraft
[2011.03.13 17:14:42 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Adobe
[2011.10.19 15:41:19 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Apple Computer
[2011.03.13 18:24:15 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Ashampoo
[2011.02.04 19:55:14 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\ATI
[2011.07.27 10:32:43 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\AVS4YOU
[2011.03.13 18:31:07 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\CyberLink
[2011.10.30 08:46:51 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
[2011.03.13 18:24:03 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\ESET
[2011.03.13 17:22:00 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\GHISLER
[2011.02.04 20:34:55 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Google
[2011.08.06 01:49:40 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\ICQ
[2011.02.04 19:53:50 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Identities
[2011.02.04 19:56:50 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\InstallShield
[2011.02.04 19:54:55 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Intel Corporation
[2011.02.04 20:22:08 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Macromedia
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Media Center Programs
[2011.11.28 20:19:37 | 000,000,000 | --SD | M] -- C:\Users\oem\AppData\Roaming\Microsoft
[2011.03.28 16:05:18 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Mozilla
[2011.11.24 19:53:41 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Mumble
[2011.12.25 20:15:35 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Skype
[2011.03.27 15:32:50 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\TeamViewer
[2011.04.06 20:14:45 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\TS3Client
[2011.11.18 20:42:25 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Ventrilo
[2011.04.10 10:25:10 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011.03.15 22:00:20 | 000,270,142 | ---- | M] () -- C:\Users\oem\AppData\Roaming\.minecraft\bin\Minecraft.exe
[2011.02.09 20:39:22 | 000,246,784 | ---- | M] () -- C:\Users\oem\AppData\Roaming\.minecraft\bin\name.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.12.24 08:43:32 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2011.07.04 09:21:08 | 000,017,656 | ---- | M] () -- \Users\oem\Downloads\Diablo.2.LOD.Patch.1.11b.crack.rar

< *keygen* /s >
[2011.07.01 20:06:21 | 000,028,160 | ---- | M] () -- \Users\oem\Downloads\Diablo 2 + Datadisk Lord of Destruction\Lord Of Destruction\Diablo2LODKeyGen.exe
[2011.07.01 20:06:21 | 000,016,319 | ---- | M] () -- \Users\oem\Downloads\Diablo 2 + Datadisk Lord of Destruction\Lord Of Destruction\Diablo_2_Lord_of_Destruction_Keygen.zip

< *loader* /s >
[2011.07.12 13:05:50 | 000,000,344 | ---- | M] () -- \OEM\.minecraft\ModLoader.txt
[2011.07.12 13:04:58 | 000,000,086 | ---- | M] () -- \OEM\.minecraft\config\ModLoader.cfg
[2011.05.20 17:41:50 | 005,026,888 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
[2011.05.20 17:40:52 | 000,081,291 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.sil
[2011.02.14 13:58:04 | 004,313,672 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
[2011.02.14 13:57:34 | 000,038,075 | ---- | M] () -- \Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.sib
[2011.04.21 18:54:09 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.10.07 03:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.02.28 22:12:40 | 000,010,789 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2009.02.28 22:12:44 | 000,003,500 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\widget\langloader.kc
[2009.02.28 22:12:44 | 000,012,803 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\widget\layoutloader.kc
[2011.05.18 13:14:56 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.18 13:14:57 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.18 13:14:56 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.05 23:59:41 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.18 13:15:34 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.05.18 13:15:29 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.10.07 03:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.04.21 21:38:55 | 001,077,904 | ---- | M] () -- \Program Files\Games\WOTLK\BackgroundDownloader.exe
[2011.04.21 21:31:18 | 000,003,026 | ---- | M] () -- \Program Files\Games\WOTLK\Data\enUS\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2011.04.21 21:31:18 | 000,004,261 | ---- | M] () -- \Program Files\Games\WOTLK\Data\enUS\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2009.08.16 17:05:14 | 000,053,760 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.07.27 10:32:35 | 000,001,364 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Video\AVS Video Uploader.lnk
[2011.10.29 17:28:35 | 000,000,000 | ---- | M] () -- \Qoobox\Quarantine\C\Windows\loader2.exe_ok.vir
[2011.07.27 10:32:35 | 000,001,364 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Video\AVS Video Uploader.lnk
[2011.12.25 18:20:00 | 000,042,422 | ---- | M] () -- \Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1QDE03M7\uploader_progress[1].gif
[2011.12.25 10:15:40 | 000,016,516 | ---- | M] () -- \Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\65US4F53\preloader[1].gif
[2011.12.24 20:12:34 | 000,004,178 | ---- | M] () -- \Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUZTCXVG\ajax-loader[1].gif
[2011.07.27 15:28:52 | 000,000,342 | ---- | M] () -- \Users\oem\AppData\Roaming\.minecraft\ModLoader.txt
[2011.07.27 15:15:54 | 000,000,086 | ---- | M] () -- \Users\oem\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2011.07.27 10:32:34 | 000,001,376 | ---- | M] () -- \Users\oem\AppData\Roaming\Microsoft\Windows\SendTo\AVS Mobile Uploader.lnk
[2011.07.27 10:32:35 | 000,001,364 | ---- | M] () -- \Users\oem\AppData\Roaming\Microsoft\Windows\SendTo\AVS Video Uploader.lnk
[2008.02.28 13:38:18 | 000,006,639 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\KLHThreatMeter\Code\Framework\KTM_Loader.lua
[2011.02.20 14:13:26 | 000,005,369 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\AtlasLoot_Loader\AtlasLoot_Loader.lua
[2011.02.20 14:13:26 | 000,000,885 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\AtlasLoot_Loader\AtlasLoot_Loader.toc
[2011.03.29 14:30:28 | 000,021,984 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\BigWigs\Loader.lua
[2011.04.22 10:30:32 | 000,001,176 | ---- | M] () -- \Users\oem\Downloads\torrentdownloads_net_Wow_And_Tbc__engb_installer_downloader_exe.torrent
[2011.12.17 21:40:14 | 001,067,064 | ---- | M] () -- \Users\oem\Downloads\WoW-BurningCrusade-enGB-Installer-downloader.exe
[2011.05.15 16:38:19 | 001,027,114 | ---- | M] () -- \Users\oem\Downloads\WoW and TBC -enGB-Installer-downloader.exe\WoW-enGB-Installer-downloader.exe
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 03:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 03:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.02.05 04:35:59 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.02.05 04:35:59 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.02.05 04:35:59 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.02.05 04:35:59 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.02.05 04:35:59 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.15 18:12:13 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.15 18:12:13 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.15 18:12:13 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.15 18:12:13 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.15 18:12:13 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.02.05 04:32:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2010.01.22 09:31:14 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16508_none_b7752fe386144dba.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2010.01.22 11:00:30 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20624_none_b7e52bae9f45c00a.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2011.08.30 16:58:34 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011.10.13 02:07:18 | 001,186,816 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011.12.23 22:28:27 | 000,001,909 | ---- | M] () -- \Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\434F8TSW\jquery.serialScroll[1].js
[2008.10.15 00:14:38 | 000,007,977 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\BugSack\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2008.10.15 00:14:38 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\BugSack\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2008.06.23 08:23:34 | 000,007,697 | R--- | M] () -- \Users\oem\Desktop\Interface\AddOns\GEM_3.12\GEM3_Core\lib\Ace3\AceSerializer-3.0\AceSerializer-3.0.lua
[2008.06.23 08:23:34 | 000,000,216 | R--- | M] () -- \Users\oem\Desktop\Interface\AddOns\GEM_3.12\GEM3_Core\lib\Ace3\AceSerializer-3.0\AceSerializer-3.0.xml
[2008.06.23 08:23:34 | 000,007,697 | R--- | M] () -- \Users\oem\Desktop\Interface\AddOns\GEM3_Core\lib\Ace3\AceSerializer-3.0\AceSerializer-3.0.lua
[2008.06.23 08:23:34 | 000,000,216 | R--- | M] () -- \Users\oem\Desktop\Interface\AddOns\GEM3_Core\lib\Ace3\AceSerializer-3.0\AceSerializer-3.0.xml
[2008.11.06 23:46:08 | 000,007,977 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\kgPanelsConfig\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2008.11.06 23:46:08 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\kgPanelsConfig\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2007.06.10 10:47:38 | 000,017,194 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\KLHThreatMeter\Code\Services\KTM_Serialise.lua
[2008.10.03 20:21:08 | 000,007,977 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\Omen\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2008.10.03 20:21:08 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\Interface\AddOns\Omen\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.07.06 16:22:42 | 000,009,066 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\Altoholic\DataStore\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.07.06 16:22:42 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\Altoholic\DataStore\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.07.01 07:05:04 | 000,009,066 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\AtlasLoot\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.07.01 07:05:04 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\AtlasLoot\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.07.01 07:05:04 | 000,009,066 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.07.01 07:05:04 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.07.06 16:22:42 | 000,009,066 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\DataStore\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.07.06 16:22:42 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old II\DataStore\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2008.10.03 23:51:08 | 000,007,977 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old\Omen\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2008.10.03 23:51:08 | 000,000,219 | ---- | M] () -- \Users\oem\Desktop\WANTED\Addons for WOW\Interface, old\Omen\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2011.02.05 04:35:32 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.05 04:35:41 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 02:30:33 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 02:50:38 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2011.09.26 15:38:05 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e285e2af5e0e8ac7d91936b2cb18542f\System.Runtime.Serialization.ni.dll
[2011.09.26 15:37:18 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e47bab16c150f9697594d8fd65532578\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 02:35:01 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll
[2011.09.26 15:46:05 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\50faf7f472bfc6d562696341df45b3c9\System.Runtime.Serialization.ni.dll
[2011.10.13 02:27:37 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.09.26 15:45:25 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\ddd7749c4f3e68ca556795b7cd2a7a00\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 02:58:22 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011.10.13 02:58:26 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 03:00:13 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2011.10.13 02:41:27 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\6cd778cd2c8c61130ff71ee7a685222b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 02:41:18 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\f68180d9f4ade9c313f9ad20422eb1c0\System.Runtime.Serialization.ni.dll
[2011.10.13 02:44:23 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\59e70022e798ce28f9f5b8870c5c8bf2\System.Xml.Serialization.ni.dll
[2011.10.13 02:03:32 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.13 02:03:31 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 02:03:34 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.02.05 04:35:22 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.02.05 04:35:22 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.02.05 04:35:30 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.02.05 04:35:33 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.02.05 04:35:41 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.02.05 04:35:36 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011.04.15 18:12:14 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.04.15 18:12:14 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.02.05 04:36:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.02.05 04:35:56 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2011.02.05 04:34:05 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.05 04:35:32 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2011.02.05 04:35:41 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2011.02.05 04:35:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.02.05 04:35:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.02.05 04:35:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *AutoRearm* /s >

< >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"avast" = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui -- [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software)

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2011.12.21 13:27:12 | 000,039,408 | ---- | M] (Google Inc.)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
"avast" = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui -- [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software)

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.25 20:03:28 | 000,000,512 | ---- | M] () MD5=999404957BE43950A00C9719DD5E8837 -- C:\PhysicalMBR.bin

< End of report >

#28 Příspěvek od **Mc_Murphy** » 26 pro 2011 06:56

Dva příspěvky už nejsou hodně. Vkládají se sem i klidně na 4 posty. Do odkazu si necháváme dát jen super dlouhé logy, kde většinou uživatel udělal nějakou chybu a nepřečetl si pořádně postup, jak na to.

Tak tedy znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

:Services
gupdate
gupdatem
gusvc
ICQ Service

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-2927946516-1645679117-2926638077-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O8:64bit: - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\031724aa6ec4ce697a3e2d6abc002133\*.tmp files -> C:\Windows\SoftwareDistribution\Download\031724aa6ec4ce697a3e2d6abc002133\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\03b35f5382961e8e1ef20409075e0088\*.tmp files -> C:\Windows\SoftwareDistribution\Download\03b35f5382961e8e1ef20409075e0088\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\066c244c43c09c2f74e7c09e14e7ee38\*.tmp files -> C:\Windows\SoftwareDistribution\Download\066c244c43c09c2f74e7c09e14e7ee38\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\06a932a55b2fe4ea417f7d5f84e8d2f3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\06a932a55b2fe4ea417f7d5f84e8d2f3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\10a4a8847009249ae776dddf0dfac697\*.tmp files -> C:\Windows\SoftwareDistribution\Download\10a4a8847009249ae776dddf0dfac697\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\19bbd327642e29154eb618354a5b15e3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\19bbd327642e29154eb618354a5b15e3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1b755e39cbc7b4281c746a7b5f1cb296\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1b755e39cbc7b4281c746a7b5f1cb296\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1c1725345550db247e80071b2a61d35b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1c1725345550db247e80071b2a61d35b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\25e98dafef2ef365b34d072b82efa034\*.tmp files -> C:\Windows\SoftwareDistribution\Download\25e98dafef2ef365b34d072b82efa034\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2754ec1593865b0d91b417b3e3f8ea21\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2754ec1593865b0d91b417b3e3f8ea21\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\297e010eedecb73f780d95068d5339ad\*.tmp files -> C:\Windows\SoftwareDistribution\Download\297e010eedecb73f780d95068d5339ad\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2d3b9eaaa3aeca19ef27faf19da434d0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2d3b9eaaa3aeca19ef27faf19da434d0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3a393f2ac640f55267ac93ccaa18fa91\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3a393f2ac640f55267ac93ccaa18fa91\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3a97dad38b8bc9ed30087d25a0d7412a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3a97dad38b8bc9ed30087d25a0d7412a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3dcf34dc2ba7f7fcf538bb92ded2b3e3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3dcf34dc2ba7f7fcf538bb92ded2b3e3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3f7fdbb679855582669213253b5db0f9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3f7fdbb679855582669213253b5db0f9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\40298a5cb4246d479345ba280c3a92b2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\40298a5cb4246d479345ba280c3a92b2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4276ca8b3373bc3798d1bf5dc97c9814\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4276ca8b3373bc3798d1bf5dc97c9814\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5e4a463701d54c4527859ea6f3fbc498\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5e4a463701d54c4527859ea6f3fbc498\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6003bb824fa5fbc7e58d03102fa0b618\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6003bb824fa5fbc7e58d03102fa0b618\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\64517f593a4a513763da2282e764d49b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\64517f593a4a513763da2282e764d49b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\68c7325de5278cdea1621a94e8e059b7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\68c7325de5278cdea1621a94e8e059b7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\697bed8226f21a7a89c1878c921b423a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\697bed8226f21a7a89c1878c921b423a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6993638be416c67f97c446c063127117\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6993638be416c67f97c446c063127117\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\706c5a611fcdb874ae86b12bb9c70c4c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\706c5a611fcdb874ae86b12bb9c70c4c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7333e1d03635eb070f063fd5a9937c1a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7333e1d03635eb070f063fd5a9937c1a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\827a16e4fba28eeef74d212dee4c0279\*.tmp files -> C:\Windows\SoftwareDistribution\Download\827a16e4fba28eeef74d212dee4c0279\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\894a72d3fb16a7e332921c95445e0605\*.tmp files -> C:\Windows\SoftwareDistribution\Download\894a72d3fb16a7e332921c95445e0605\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8d807f892ca841589b4d5a3f13cd8cb3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8d807f892ca841589b4d5a3f13cd8cb3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8f6d7f428e2f5d0686db1a5a2675eef6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8f6d7f428e2f5d0686db1a5a2675eef6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9a2a46df216d84cd0b13bb0966ed011e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9a2a46df216d84cd0b13bb0966ed011e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a584b8b0ba27c0627c4961bd0a5274f4\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a584b8b0ba27c0627c4961bd0a5274f4\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a78917d05748669fcf5a38a8f38776a2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a78917d05748669fcf5a38a8f38776a2\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\aea8268acfcab49a772f9f02da9b2030\*.tmp files -> C:\Windows\SoftwareDistribution\Download\aea8268acfcab49a772f9f02da9b2030\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b815a4898f183606f4963401e738fb46\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b815a4898f183606f4963401e738fb46\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ba63d4a0a2085126e12a0d6a295eba50\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ba63d4a0a2085126e12a0d6a295eba50\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bfb1c08d6e037134d7be5c3de1668731\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bfb1c08d6e037134d7be5c3de1668731\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c6a9f9ce4bb44b73d22de1ed703621eb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c6a9f9ce4bb44b73d22de1ed703621eb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c93c669d921635129fc5acdc97d11e06\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c93c669d921635129fc5acdc97d11e06\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d4e1eb2d43387f17283440dd6e32b800\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d4e1eb2d43387f17283440dd6e32b800\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d5036c4aee8158e424d425e4977f29cb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d5036c4aee8158e424d425e4977f29cb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d9c247dc000cd253c9ff9acf5c024bd3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d9c247dc000cd253c9ff9acf5c024bd3\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e06bb4aa1cd68b29311aff634d65661f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e06bb4aa1cd68b29311aff634d65661f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ec86c1527f6cc1ef63504167bbb8b689\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ec86c1527f6cc1ef63504167bbb8b689\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ef38695ae943033caaabc0c2d5bd5882\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ef38695ae943033caaabc0c2d5bd5882\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\efbd2f71f2e41a38f6b24b2a13e276aa\*.tmp files -> C:\Windows\SoftwareDistribution\Download\efbd2f71f2e41a38f6b24b2a13e276aa\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f14c980d0258e15f28418bde72cd5440\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f14c980d0258e15f28418bde72cd5440\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp -> ]

:Files
C:\Users\oem\AppData\Roaming\ESET
C:\Program Files (x86)\ICQ6Toolbar
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\Program Files (x86)\Google\Google Toolbar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\oem\Downloads\Diablo.2.LOD.Patch.1.11b.crack.rar /d
C:\Users\oem\Downloads\Diablo 2 + Datadisk Lord of Destruction /d
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=-
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

#29 Příspěvek od **vyosek** » 26 pro 2011 10:00

Zdravim a pekny svatecni den preji

Omlouvam se Vam obema za vstup do reseneho threadu

Jen pro informaci, varovani i s warn rankem bylo po dohode s kolegou odmazano - duvody "spamu" jste vysvetlila adekvatne.

Priste ale prosim v takovemto pripade kontaktujte nekoho z MODu http://viry.cz/forum/memberlist.php?mode=group&g=3765 a ti se o odmazani postaraji a nemusime tu mit smajl valku

Preji uspesne doleceni

S pozdravem vyosek

Neliell · #30 Příspěvek od **Neliell** » 26 pro 2011 11:14

Děkuji za odmazání ranku.
Tady je ten log

Files\Folders moved on Reboot...
C:\Users\oem\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XC2BC5LD\permalink[3].htm moved successfully.

Registry entries deleted on Reboot...

VIRY.CZ

Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir

Re: Vir - Facebook vir