Prosím o kontrolu

Zpráva

mifoIV · #1 Příspěvek od **mifoIV** » 30 led 2012 12:48

Logfile of random's system information tool 1.09 (written by random/random)
Run by mifoIV at 2012-01-30 12:46:02
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 260 GB (55%) free of 477 GB
Total RAM: 2038 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:46:44, on 30. 1. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\mifoIV.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=108921&ba ... 2421505c27
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3918996060-79838214-3180440572-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3918996060-79838214-3180440572-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7305 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMYMOVIES
"C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe" C:\Users\mifoIV\Desktop\Aplikácie\Steam.lnk
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Users\mifoIV\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\RDReminder.job
C:\Windows\tasks\{2E8C8516-A828-4B63-8E22-BB4D1E0BE08F}.job
C:\Windows\tasks\{C776F3BF-9EFD-4E11-B440-2BAF67203952}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\mifoIV\AppData\Roaming\Mozilla\Firefox\Profiles\rlx9bpec.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.6"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =937811&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-04-19 11817576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2011-11-02 1242448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-12-13 922976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-30 12:46:05 ----D---- C:\Program Files\trend micro
2012-01-30 12:46:02 ----D---- C:\rsit
2012-01-30 12:22:17 ----D---- C:\Program Files (x86)\Cheat Engine 6.1
2012-01-29 15:39:10 ----D---- C:\ProgramData\Farm Fishes
2012-01-29 15:01:30 ----D---- C:\Users\mifoIV\AppData\Roaming\PE Explorer
2012-01-29 15:01:24 ----D---- C:\Program Files (x86)\PE Explorer
2012-01-29 14:52:29 ----D---- C:\Program Files (x86)\Resource Hacker
2012-01-29 12:09:17 ----D---- C:\Program Files (x86)\3D Instructor 2.2 Home
2012-01-29 11:54:14 ----A---- C:\Windows\SYSWOW64\unrar.dll
2012-01-29 11:54:09 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2012-01-25 19:11:22 ----A---- C:\Windows\system32\schannel.dll
2012-01-25 19:11:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-01-25 19:11:21 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-25 19:11:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-25 19:11:20 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-01-25 19:11:20 ----A---- C:\Windows\system32\lsass.exe
2012-01-25 19:11:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-25 19:11:20 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-25 19:11:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-01-25 19:11:19 ----A---- C:\Windows\system32\webio.dll
2012-01-25 19:11:19 ----A---- C:\Windows\system32\sspicli.dll
2012-01-25 19:11:19 ----A---- C:\Windows\system32\secur32.dll
2012-01-25 19:11:18 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-01-25 19:11:18 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-24 15:03:05 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2012-01-20 17:51:26 ----D---- C:\Program Files (x86)\18 WoS Extreme Trucker 2
2012-01-15 15:36:05 ----D---- C:\Program Files (x86)\Valve
2012-01-14 12:43:09 ----D---- C:\Windows\SYSWOW64\Adobe
2012-01-11 15:12:59 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-01-11 15:12:59 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-01-11 15:12:59 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 15:12:59 ----A---- C:\Windows\system32\qdvd.dll
2012-01-11 15:12:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-01-11 15:12:56 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 15:12:32 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-01-11 15:12:32 ----A---- C:\Windows\system32\packager.dll
2012-01-10 23:30:25 ----D---- C:\Program Files (x86)\YouTube Downloader Toolbar
2012-01-10 23:30:25 ----D---- C:\Program Files (x86)\Application Updater
2012-01-10 23:29:33 ----D---- C:\ProgramData\YouTube Downloader
2012-01-10 23:29:31 ----D---- C:\Program Files (x86)\YouTube Downloader
2012-01-09 18:08:42 ----D---- C:\Fraps
2012-01-07 21:42:21 ----D---- C:\ProgramData\FarmFrenzy3_Russia
2012-01-07 21:40:48 ----D---- C:\Program Files (x86)\Alawar
2012-01-07 20:37:50 ----D---- C:\ProgramData\AlawarWrapper
2012-01-06 14:06:23 ----D---- C:\ProgramData\Seznam DVD 2011
2012-01-06 13:19:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-01-06 13:17:12 ----D---- C:\Windows\PCHEALTH
2012-01-06 13:16:55 ----D---- C:\Program Files\Microsoft SQL Server
2012-01-06 13:16:51 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2012-01-06 13:02:34 ----D---- C:\ProgramData\My Movies
2012-01-06 12:55:12 ----D---- C:\Program Files (x86)\Microsoft Office
2012-01-06 12:54:25 ----D---- C:\Program Files (x86)\MSECache
2012-01-05 10:24:50 ----A---- C:\Windows\pspvc_path.ini
2011-12-31 17:45:25 ----HD---- C:\Windows\msdownld.tmp
2011-12-31 17:29:37 ----D---- C:\Windows\SYSWOW64\directx
2011-12-31 12:37:37 ----A---- C:\user.js
2011-12-31 12:22:22 ----D---- C:\ProgramData\Babylon
2011-12-31 12:22:20 ----D---- C:\Users\mifoIV\AppData\Roaming\Babylon

======List of files/folders modified in the last 1 month======

2012-01-30 12:46:21 ----D---- C:\Windows\Temp
2012-01-30 12:46:05 ----RD---- C:\Program Files
2012-01-30 12:22:17 ----RD---- C:\Program Files (x86)
2012-01-30 12:05:18 ----D---- C:\Users\mifoIV\AppData\Roaming\Skype
2012-01-30 09:45:26 ----D---- C:\Windows\System32
2012-01-30 09:45:26 ----D---- C:\Windows\inf
2012-01-30 09:45:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-30 09:17:38 ----D---- C:\Program Files (x86)\Steam
2012-01-30 09:02:21 ----D---- C:\ProgramData\NVIDIA
2012-01-30 06:00:34 ----D---- C:\Windows\system32\config
2012-01-29 15:39:10 ----HD---- C:\ProgramData
2012-01-29 15:14:41 ----SHD---- C:\Windows\Installer
2012-01-29 15:14:40 ----HD---- C:\Config.Msi
2012-01-29 11:54:14 ----D---- C:\Windows\SysWOW64
2012-01-29 11:52:29 ----D---- C:\Windows\Logs
2012-01-29 11:52:27 ----D---- C:\Windows
2012-01-28 15:42:51 ----SD---- C:\Users\mifoIV\AppData\Roaming\Microsoft
2012-01-27 20:32:08 ----D---- C:\Users\mifoIV\AppData\Roaming\TS3Client
2012-01-25 23:55:00 ----D---- C:\Program Files (x86)\Opera
2012-01-25 20:35:23 ----D---- C:\Windows\winsxs
2012-01-25 20:33:21 ----D---- C:\Windows\system32\drivers
2012-01-25 19:39:39 ----SHD---- C:\System Volume Information
2012-01-25 19:10:20 ----D---- C:\Windows\system32\catroot2
2012-01-25 19:10:20 ----D---- C:\Windows\system32\catroot
2012-01-24 15:03:19 ----D---- C:\Windows\Tasks
2012-01-22 18:55:32 ----D---- C:\Users\mifoIV\AppData\Roaming\Nitro PDF
2012-01-20 17:50:09 ----D---- C:\Users\mifoIV\AppData\Roaming\DAEMON Tools Lite
2012-01-17 21:54:57 ----D---- C:\Windows\debug
2012-01-14 13:57:15 ----RSD---- C:\Windows\Fonts
2012-01-12 15:19:02 ----D---- C:\Windows\ehome
2012-01-11 21:52:39 ----A---- C:\Windows\system32\MRT.exe
2012-01-10 23:30:25 ----D---- C:\Program Files (x86)\Common Files
2012-01-10 22:48:07 ----D---- C:\Windows\system32\drivers\UMDF
2012-01-09 15:34:57 ----D---- C:\Windows\Microsoft.NET
2012-01-09 15:34:23 ----RSD---- C:\Windows\assembly
2012-01-06 13:18:10 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-01-06 13:17:37 ----D---- C:\Windows\Registration
2012-01-03 12:26:33 ----D---- C:\Windows\Minidump
2012-01-03 12:12:20 ----D---- C:\Users\mifoIV\AppData\Roaming\Smarty Uninstaller
2011-12-31 12:23:08 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-02 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-04-19 2839912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 ajpasmmm;ajpasmmm; C:\Windows\system32\drivers\ajpasmmm.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 MSSQL$MYMOVIES;SQL Server (MYMOVIES); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-11-04 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-11-04 189248]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-05 419624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-03 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 30 led 2012 13:58

Zdravim a pekne odpoledne preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Odinstalujte Search Settings a Application Updater od Spigotu

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

mifoIV · #3 Příspěvek od **mifoIV** » 30 led 2012 17:44

Search Settings a Application Updater od Spigotu som tam nenašiel

OTL logfile created on: 30. 1. 2012 17:12:19 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\mifoIV\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

1,99 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 36,68% Memory free
4,10 Gb Paging File | 1,66 Gb Available in Paging File | 40,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 263,96 Gb Free Space | 56,67% Space Free | Partition Type: NTFS

Computer Name: MIFO | User Name: mifoIV | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/01/30 17:05:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\mifoIV\Desktop\OTL.exe
PRC - [2012/01/28 15:44:50 | 000,086,077 | ---- | M] (Valve) -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\hl.exe
PRC - [2012/01/25 23:54:52 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012/01/05 21:12:56 | 000,071,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe
PRC - [2012/01/05 21:12:47 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/11/04 22:22:15 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011/11/04 22:21:58 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/11/02 20:08:59 | 008,284,928 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2011/11/02 19:29:16 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/10/15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/06/01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010/03/15 11:26:38 | 001,039,360 | ---- | M] () -- C:\Program Files (x86)\WinRAR\WinRAR.exe

========== Modules (No Company Name) ==========

MOD - [2012/01/30 16:47:28 | 000,053,248 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\voice_miles.dll
MOD - [2012/01/30 14:50:59 | 000,535,552 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\platform\servers\serverbrowser.dll
MOD - [2012/01/30 14:50:58 | 000,258,106 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\Core.dll
MOD - [2012/01/30 14:50:57 | 000,090,112 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\DemoPlayer.dll
MOD - [2012/01/30 14:50:55 | 001,074,496 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\cstrike\cl_dlls\client.dll
MOD - [2012/01/30 14:50:55 | 000,245,819 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\vgui2.dll
MOD - [2012/01/30 14:50:44 | 000,155,232 | -H-- | M] () -- C:\Users\mifoIV\AppData\Local\Temp\~381B.tmp
MOD - [2012/01/28 15:44:51 | 001,840,440 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\hw.dll
MOD - [2012/01/28 15:44:51 | 000,845,112 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\valve\cl_dlls\GameUI.dll
MOD - [2012/01/28 15:44:51 | 000,352,256 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\vgui.dll
MOD - [2012/01/28 15:44:51 | 000,344,064 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\tier0.dll
MOD - [2012/01/28 15:44:51 | 000,161,792 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\Mssv29.asi
MOD - [2012/01/28 15:44:51 | 000,142,848 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\Mssv12.asi
MOD - [2012/01/28 15:44:51 | 000,125,952 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\Mp3dec.asi
MOD - [2012/01/28 15:44:50 | 000,351,744 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\Mss32.dll
MOD - [2012/01/28 15:44:50 | 000,122,974 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\FileSystem_Steam.dll
MOD - [2012/01/28 15:44:50 | 000,081,920 | ---- | M] () -- c:\Program Files (x86)\Steam\steamapps\mifoiv\counter-strike\valve\cl_dlls\particleman.dll
MOD - [2012/01/05 21:12:46 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/01/05 21:12:45 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/01/05 21:12:45 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012/01/05 21:12:45 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2012/01/05 21:12:44 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/11/17 05:55:18 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/02 20:08:59 | 000,420,096 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
MOD - [2011/11/02 20:08:59 | 000,226,560 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2011/11/02 20:08:59 | 000,215,808 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2011/11/02 20:08:59 | 000,157,440 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
MOD - [2011/03/18 16:51:44 | 007,859,200 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtGui4.dll
MOD - [2011/03/18 16:51:44 | 002,210,816 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtCore4.dll
MOD - [2011/03/18 16:51:44 | 000,814,080 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\QtNetwork4.dll
MOD - [2011/03/18 16:51:44 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg4.dll
MOD - [2011/03/18 16:51:44 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif4.dll
MOD - [2010/03/15 11:26:38 | 001,039,360 | ---- | M] () -- C:\Program Files (x86)\WinRAR\WinRAR.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/06/21 18:57:42 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/01/05 21:12:47 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/11/14 10:16:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\mifoIV\AppData\Local\Temp\7zS251F\hpslpsvc64.dll -- (HPSLPSVC)
SRV - [2011/11/04 22:22:15 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011/11/04 22:21:58 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/06/01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/11/02 20:26:39 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3918996060-79838214-3180440572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=108921&ba ... 2421505c27
IE - HKU\S-1-5-21-3918996060-79838214-3180440572-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5E CE BF 46 8B A0 CC 01 [binary data]
IE - HKU\S-1-5-21-3918996060-79838214-3180440572-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found
IE - HKU\S-1-5-21-3918996060-79838214-3180440572-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3918996060-79838214-3180440572-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =937811&p="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/31 12:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/12/30 22:43:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mifoIV\AppData\Roaming\mozilla\Extensions
[2012/01/10 23:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mifoIV\AppData\Roaming\mozilla\Firefox\Profiles\rlx9bpec.default\extensions
[2011/12/31 12:23:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM
File not found (No name found) -- C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\FF
[2011/12/21 09:07:09 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/12/21 06:25:11 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
[2011/12/21 06:25:11 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
[2011/12/31 12:33:49 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/12/21 06:25:11 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
[2011/12/21 06:25:11 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
[2011/12/21 06:25:11 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011/12/21 06:25:11 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3 - HKU\S-1-5-21-3918996060-79838214-3180440572-1000\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3918996060-79838214-3180440572-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3918996060-79838214-3180440572-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3918996060-79838214-3180440572-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.252
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72916D68-9E69-4278-ABDC-797BD356D4A0}: DhcpNameServer = 192.168.100.252
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.at3 - C:\Windows\SysWow64\atrac3.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/01/30 17:05:52 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\mifoIV\Desktop\OTL.exe
[2012/01/30 12:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/01/30 12:22:33 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\Documents\My Cheat Tables
[2012/01/30 12:22:22 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\AppData\Local\TempDIR
[2012/01/30 12:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1
[2012/01/30 12:22:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.1
[2012/01/30 12:19:32 | 008,697,947 | ---- | C] (Dark Byte ) -- C:\Users\mifoIV\Desktop\CheatEngine61.exe
[2012/01/29 15:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Farm Fishes
[2012/01/29 15:13:40 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games
[2012/01/29 15:12:32 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\Desktop\Farm Frenzy Gone Fishing
[2012/01/29 15:01:30 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\AppData\Roaming\PE Explorer
[2012/01/29 15:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE Explorer
[2012/01/29 15:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PE Explorer
[2012/01/29 14:59:41 | 003,813,688 | ---- | C] (Heaventools Software) -- C:\Users\mifoIV\Desktop\PE.Explorer_setup.exe
[2012/01/29 14:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
[2012/01/29 14:52:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resource Hacker
[2012/01/29 14:51:41 | 000,748,246 | ---- | C] ( ) -- C:\Users\mifoIV\Desktop\reshack_setup.exe
[2012/01/29 11:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/01/28 12:27:46 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\Documents\The KMPlayer
[2012/01/25 19:11:21 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/25 19:11:20 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/25 19:11:19 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/25 19:11:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/25 19:11:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/25 19:11:18 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/24 16:20:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AlawarWrapper
[2012/01/24 16:02:39 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\Documents\Shadow Harvest
[2012/01/23 19:40:36 | 000,000,000 | ---D | C] -- C:\Users\mifoIV\Desktop\E14
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/01/30 17:14:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/01/30 17:05:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\mifoIV\Desktop\OTL.exe
[2012/01/30 12:45:51 | 000,935,175 | ---- | M] () -- C:\Users\mifoIV\Desktop\RSITx64.exe
[2012/01/30 12:22:20 | 000,001,095 | ---- | M] () -- C:\Users\mifoIV\Desktop\Cheat Engine.lnk
[2012/01/30 12:20:05 | 008,697,947 | ---- | M] (Dark Byte ) -- C:\Users\mifoIV\Desktop\CheatEngine61.exe
[2012/01/30 09:45:26 | 000,792,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/30 09:45:26 | 000,662,518 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/30 09:45:26 | 000,123,712 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/30 09:10:13 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 09:10:13 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/30 09:02:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/30 09:02:16 | 1602,838,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/29 15:14:08 | 000,001,899 | ---- | M] () -- C:\Users\mifoIV\Desktop\Alawar Games.lnk
[2012/01/29 15:01:25 | 000,001,035 | ---- | M] () -- C:\Users\mifoIV\Desktop\PE Explorer.lnk
[2012/01/29 15:00:09 | 003,813,688 | ---- | M] (Heaventools Software) -- C:\Users\mifoIV\Desktop\PE.Explorer_setup.exe
[2012/01/29 14:51:42 | 000,748,246 | ---- | M] ( ) -- C:\Users\mifoIV\Desktop\reshack_setup.exe
[2012/01/29 14:50:04 | 080,906,228 | ---- | M] () -- C:\Users\mifoIV\Desktop\farm_frenzy_gone_fishing.rar
[2012/01/29 10:14:48 | 073,362,648 | ---- | M] () -- C:\Users\mifoIV\Desktop\Miky Hemp Solin - Na !! (2011).rar
[2012/01/29 08:24:41 | 1234,046,497 | ---- | M] () -- C:\Users\mifoIV\Desktop\Kocour.v.botach.2011.DVDScr.CZ.by.Colly.of.PowerUploaders.avi
[2012/01/29 08:03:01 | 000,044,719 | ---- | M] () -- C:\Users\mifoIV\Desktop\423303_10151233659700122_897040624_n.jpg
[2012/01/29 02:49:27 | 951,190,766 | ---- | M] () -- C:\Users\mifoIV\Desktop\Fright.Night.2011.BRRip.XviD.CZ-jaro-muku.avi
[2012/01/28 18:57:44 | 000,001,961 | ---- | M] () -- C:\Users\mifoIV\Desktop\TS3EP05.exe - odkaz.lnk
[2012/01/28 18:57:35 | 000,002,021 | ---- | M] () -- C:\Users\mifoIV\Desktop\Sims3Launcher.exe - odkaz.lnk
[2012/01/28 18:47:07 | 100,115,952 | ---- | M] () -- C:\Users\mifoIV\Desktop\BodakRecords - Stolen Beats Vol. 1 (2012).rar
[2012/01/28 15:39:15 | 000,127,177 | ---- | M] () -- C:\Users\mifoIV\Desktop\40907_085448.jpg
[2012/01/28 15:38:25 | 000,086,038 | ---- | M] () -- C:\Users\mifoIV\Desktop\60011.jpg
[2012/01/28 15:38:05 | 000,557,366 | ---- | M] () -- C:\Users\mifoIV\Desktop\74042.jpg
[2012/01/28 15:37:13 | 000,386,274 | ---- | M] () -- C:\Users\mifoIV\Desktop\18_graffiti_technica_full_black_wallpaper.jpg
[2012/01/28 15:36:41 | 001,003,398 | ---- | M] () -- C:\Users\mifoIV\Desktop\62113.jpg
[2012/01/28 15:35:49 | 000,325,507 | ---- | M] () -- C:\Users\mifoIV\Desktop\1920x1080_Zixpk_HD_Wallpaper_224.jpg
[2012/01/28 15:34:25 | 000,272,732 | ---- | M] () -- C:\Users\mifoIV\Desktop\40755_044567.jpg
[2012/01/28 15:32:30 | 000,251,063 | ---- | M] () -- C:\Users\mifoIV\Desktop\133760-1920x1080.jpg
[2012/01/28 15:32:27 | 000,221,166 | ---- | M] () -- C:\Users\mifoIV\Desktop\1920x1080-HD-wallpaper-186_WallsHQ.com_.jpg
[2012/01/28 15:27:10 | 000,295,735 | ---- | M] () -- C:\Users\mifoIV\Desktop\41949112.jpg
[2012/01/28 15:26:29 | 000,360,093 | ---- | M] () -- C:\Users\mifoIV\Desktop\5539.jpg
[2012/01/28 15:19:09 | 833,126,400 | ---- | M] () -- C:\Users\mifoIV\Desktop\kral-skorpion-3-bitva-osudu-2012-www-filmy2-webnode-cz.avi
[2012/01/27 23:31:42 | 888,121,344 | ---- | M] () -- C:\Users\mifoIV\Desktop\Debt.2010.BRRip.XviD.CZ-LEADERs.avi
[2012/01/24 15:03:19 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RDReminder.job
[2012/01/24 01:14:30 | 434,502,830 | ---- | M] () -- C:\Users\mifoIV\Desktop\1327389079_CityCarDriving_1.2.rar
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/30 17:14:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/01/30 12:45:50 | 000,935,175 | ---- | C] () -- C:\Users\mifoIV\Desktop\RSITx64.exe
[2012/01/30 12:22:20 | 000,001,095 | ---- | C] () -- C:\Users\mifoIV\Desktop\Cheat Engine.lnk
[2012/01/29 15:15:28 | 434,502,830 | ---- | C] () -- C:\Users\mifoIV\Desktop\1327389079_CityCarDriving_1.2.rar
[2012/01/29 15:14:08 | 000,001,899 | ---- | C] () -- C:\Users\mifoIV\Desktop\Alawar Games.lnk
[2012/01/29 15:01:25 | 000,001,035 | ---- | C] () -- C:\Users\mifoIV\Desktop\PE Explorer.lnk
[2012/01/29 14:36:50 | 080,906,228 | ---- | C] () -- C:\Users\mifoIV\Desktop\farm_frenzy_gone_fishing.rar
[2012/01/29 11:54:14 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/01/29 10:05:32 | 073,362,648 | ---- | C] () -- C:\Users\mifoIV\Desktop\Miky Hemp Solin - Na !! (2011).rar
[2012/01/29 08:02:59 | 000,044,719 | ---- | C] () -- C:\Users\mifoIV\Desktop\423303_10151233659700122_897040624_n.jpg
[2012/01/29 06:49:56 | 1234,046,497 | ---- | C] () -- C:\Users\mifoIV\Desktop\Kocour.v.botach.2011.DVDScr.CZ.by.Colly.of.PowerUploaders.avi
[2012/01/29 01:47:24 | 951,190,766 | ---- | C] () -- C:\Users\mifoIV\Desktop\Fright.Night.2011.BRRip.XviD.CZ-jaro-muku.avi
[2012/01/28 18:57:44 | 000,001,961 | ---- | C] () -- C:\Users\mifoIV\Desktop\TS3EP05.exe - odkaz.lnk
[2012/01/28 18:57:35 | 000,002,021 | ---- | C] () -- C:\Users\mifoIV\Desktop\Sims3Launcher.exe - odkaz.lnk
[2012/01/28 17:14:27 | 100,115,952 | ---- | C] () -- C:\Users\mifoIV\Desktop\BodakRecords - Stolen Beats Vol. 1 (2012).rar
[2012/01/28 15:39:15 | 000,127,177 | ---- | C] () -- C:\Users\mifoIV\Desktop\40907_085448.jpg
[2012/01/28 15:38:25 | 000,086,038 | ---- | C] () -- C:\Users\mifoIV\Desktop\60011.jpg
[2012/01/28 15:38:05 | 000,557,366 | ---- | C] () -- C:\Users\mifoIV\Desktop\74042.jpg
[2012/01/28 15:37:13 | 000,386,274 | ---- | C] () -- C:\Users\mifoIV\Desktop\18_graffiti_technica_full_black_wallpaper.jpg
[2012/01/28 15:36:40 | 001,003,398 | ---- | C] () -- C:\Users\mifoIV\Desktop\62113.jpg
[2012/01/28 15:35:49 | 000,325,507 | ---- | C] () -- C:\Users\mifoIV\Desktop\1920x1080_Zixpk_HD_Wallpaper_224.jpg
[2012/01/28 15:34:25 | 000,272,732 | ---- | C] () -- C:\Users\mifoIV\Desktop\40755_044567.jpg
[2012/01/28 15:32:30 | 000,251,063 | ---- | C] () -- C:\Users\mifoIV\Desktop\133760-1920x1080.jpg
[2012/01/28 15:32:27 | 000,221,166 | ---- | C] () -- C:\Users\mifoIV\Desktop\1920x1080-HD-wallpaper-186_WallsHQ.com_.jpg
[2012/01/28 15:27:09 | 000,295,735 | ---- | C] () -- C:\Users\mifoIV\Desktop\41949112.jpg
[2012/01/28 15:26:27 | 000,360,093 | ---- | C] () -- C:\Users\mifoIV\Desktop\5539.jpg
[2012/01/28 12:26:51 | 833,126,400 | ---- | C] () -- C:\Users\mifoIV\Desktop\kral-skorpion-3-bitva-osudu-2012-www-filmy2-webnode-cz.avi
[2012/01/27 22:22:53 | 888,121,344 | ---- | C] () -- C:\Users\mifoIV\Desktop\Debt.2010.BRRip.XviD.CZ-LEADERs.avi
[2012/01/24 15:03:19 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\RDReminder.job
[2012/01/24 15:03:05 | 000,679,936 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/01/06 13:19:33 | 000,734,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/05 10:24:50 | 000,000,028 | ---- | C] () -- C:\Windows\pspvc_path.ini
[2011/11/04 22:22:00 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/11/04 22:21:58 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/11/04 21:10:31 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/11/02 19:51:27 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/10/15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/02/22 20:39:04 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/11/15 19:02:26 | 001,866,670 | ---- | C] () -- C:\Windows\SysWow64\libfftw3f-3.dll
[2008/10/22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008/04/05 18:53:24 | 000,140,288 | ---- | C] () -- C:\Windows\SysWow64\avsfilter.dll
[2005/09/13 04:09:34 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\AvsRecursion.dll
[2004/01/30 05:44:56 | 001,627,136 | ---- | C] () -- C:\Windows\SysWow64\fftw3.dll
[2004/01/24 03:35:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\avisynth_c.dll

========== LOP Check ==========

[2011/11/06 15:34:20 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\AnvSoft
[2011/12/13 06:26:02 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\AVI ReComp
[2011/12/12 21:24:10 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\avidemux
[2011/12/31 12:22:20 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Babylon
[2012/01/20 17:50:09 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\DAEMON Tools Lite
[2011/11/05 15:55:08 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\GetRightToGo
[2011/11/18 16:42:27 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\GHISLER
[2011/12/12 21:25:01 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\gtk-2.0
[2011/11/19 20:57:32 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\NCH Swift Sound
[2012/01/22 18:55:32 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Nitro PDF
[2011/11/06 15:33:51 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\OpenCandy
[2011/11/27 19:16:48 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\OpenOffice.org
[2011/11/02 18:44:14 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Opera
[2012/01/29 15:01:58 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\PE Explorer
[2011/12/20 05:10:32 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Regensoft
[2012/01/03 12:12:20 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Smarty Uninstaller
[2011/12/24 14:54:06 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\TeamViewer
[2012/01/27 20:32:08 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\TS3Client
[2012/01/24 15:03:19 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\RDReminder.job
[2009/07/14 06:08:49 | 000,003,978 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/12/21 08:49:04 | 000,000,198 | ---- | M] () -- C:\Windows\Tasks\{2E8C8516-A828-4B63-8E22-BB4D1E0BE08F}.job
[2011/11/30 16:10:47 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\{C776F3BF-9EFD-4E11-B440-2BAF67203952}.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

mifoIV · #4 Příspěvek od **mifoIV** » 30 led 2012 17:45

Pokračovanie
< %APPDATA%\*. >
[2011/11/19 21:09:59 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\AccurateRip
[2011/11/02 18:54:38 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Adobe
[2011/11/06 15:34:20 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\AnvSoft
[2011/12/13 06:26:02 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\AVI ReComp
[2011/12/12 21:24:10 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\avidemux
[2011/12/31 12:22:20 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Babylon
[2012/01/20 17:50:09 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\DAEMON Tools Lite
[2011/11/05 15:55:08 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\GetRightToGo
[2011/11/18 16:42:27 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\GHISLER
[2011/12/12 21:25:01 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\gtk-2.0
[2011/12/04 17:12:07 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\HP
[2011/11/02 18:30:08 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Identities
[2011/11/02 18:54:38 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Macromedia
[2009/07/14 08:54:31 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Media Center Programs
[2012/01/28 15:42:51 | 000,000,000 | --SD | M] -- C:\Users\mifoIV\AppData\Roaming\Microsoft
[2011/12/30 22:43:47 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Mozilla
[2011/11/19 20:57:32 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\NCH Swift Sound
[2011/11/19 20:50:42 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Nero
[2012/01/22 18:55:32 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Nitro PDF
[2011/12/24 13:38:18 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\NVIDIA
[2011/11/06 15:33:51 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\OpenCandy
[2011/11/27 19:16:48 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\OpenOffice.org
[2011/11/02 18:44:14 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Opera
[2012/01/29 15:01:58 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\PE Explorer
[2011/12/20 05:10:32 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Regensoft
[2012/01/30 17:20:12 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Skype
[2011/12/21 08:48:12 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\skypePM
[2012/01/03 12:12:20 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\Smarty Uninstaller
[2011/12/24 14:54:06 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\TeamViewer
[2012/01/27 20:32:08 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\TS3Client
[2011/11/02 19:22:04 | 000,000,000 | ---D | M] -- C:\Users\mifoIV\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011/11/06 14:21:21 | 000,010,134 | R--- | M] () -- C:\Users\mifoIV\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/11/06 15:38:30 | 033,975,384 | ---- | M] () -- C:\Users\mifoIV\AppData\Roaming\OpenCandy\B40687F17FBB4790BB920155C3D53897\NitroPDFen64_p2v1Installer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011/11/03 23:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2011/11/02 18:52:39 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job >
[2012/01/24 15:03:19 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\RDReminder.job
[2011/12/21 08:49:04 | 000,000,198 | ---- | M] () -- C:\Windows\Tasks\{2E8C8516-A828-4B63-8E22-BB4D1E0BE08F}.job
[2011/11/30 16:10:47 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\{C776F3BF-9EFD-4E11-B440-2BAF67203952}.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2011/11/03 23:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2011/11/02 18:52:39 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2011/11/02 19:29:16 | 001,242,448 | ---- | M] (Valve Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011/12/21 09:07:08 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011/11/02 18:52:39 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012/01/25 23:54:52 | 000,949,104 | ---- | M] (Opera Software) MD5=CC7001E619906A0FF78C162A0A39D5B7 -- C:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/01/30 17:14:15 | 000,000,512 | ---- | M] () MD5=07C11A59EA31260F76AD2187375A5ABD -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011/11/14 19:45:16 | 000,000,993 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackfound.com%2Ffavicon.png
[2012/01/29 15:10:08 | 000,000,663 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Roaming\Microsoft\Windows\Recent\3D-Instructor-2.2+crack+cz.rar.lnk
[2012/01/29 15:14:20 | 000,000,807 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Roaming\Microsoft\Windows\Recent\cracked.rar.lnk
[2010/09/03 01:05:35 | 001,066,669 | ---- | M] () -- \Documents and Settings\mifoIV\Desktop\Farm Frenzy Gone Fishing\cracked.rar
[2011/11/14 19:45:16 | 000,000,993 | ---- | M] () -- \Users\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackfound.com%2Ffavicon.png
[2012/01/29 15:10:08 | 000,000,663 | ---- | M] () -- \Users\mifoIV\AppData\Roaming\Microsoft\Windows\Recent\3D-Instructor-2.2+crack+cz.rar.lnk
[2012/01/29 15:14:20 | 000,000,807 | ---- | M] () -- \Users\mifoIV\AppData\Roaming\Microsoft\Windows\Recent\cracked.rar.lnk
[2010/09/03 01:05:35 | 001,066,669 | ---- | M] () -- \Users\mifoIV\Desktop\Farm Frenzy Gone Fishing\cracked.rar

< *keygen* /s >
[2012/01/07 20:38:52 | 000,000,104 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.png
[2012/01/07 20:38:52 | 000,000,104 | ---- | M] () -- \Users\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.png

< *loader* /s >
[2011/12/20 03:19:34 | 000,000,998 | ---- | M] () -- \Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Uninstall.lnk
[2011/12/20 03:19:34 | 000,001,301 | ---- | M] () -- \Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Website.lnk
[2011/12/20 03:19:34 | 000,002,184 | ---- | M] () -- \Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App.lnk
[2012/01/10 23:29:32 | 000,000,072 | ---- | M] () -- \Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2012/01/10 23:29:32 | 000,002,074 | ---- | M] () -- \Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012/01/30 12:22:36 | 000,014,548 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XCN63QM\downloaderController[1].js
[2012/01/30 12:22:36 | 000,001,755 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q947XT97\downloaderGeneric[1].css
[2011/12/20 02:46:34 | 000,000,813 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloaderhd.com%2Ffavicon.png
[2012/01/10 23:29:37 | 000,000,749 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2012/01/30 17:05:58 | 000,000,605 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fyoutubedownloader.mybrowserbar.com%2Ffavicon.png
[2012/01/30 17:05:58 | 000,000,238 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Opera\Opera\icons\youtubedownloader.mybrowserbar.com.idx
[2012/01/21 09:29:50 | 000,001,800 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Temp\.MediaCaches\Blbec na krku -2002-DVDRip.CZ.by.Salud.of.PowerUploaders.avi_1327096446_754110810.cache
[2012/01/21 10:11:56 | 000,001,800 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Temp\.MediaCaches\Blbec na krku -2002-DVDRip.CZ.by.Salud.of.PowerUploaders.mp4_1327137116_397807350.cache
[2012/01/24 21:22:58 | 000,001,800 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Temp\.MediaCaches\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.avi_1327435621_1036490752.cache
[2012/01/24 22:58:55 | 000,001,800 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Local\Temp\.MediaCaches\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.mp4_1327442335_443176014.cache
[2011/11/05 15:55:00 | 000,000,000 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_sizling_hot_pc_game.data
[2012/01/10 23:30:30 | 000,000,053 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Roaming\Mozilla\Firefox\Profiles\rlx9bpec.default\extensions\youtubedownloader@mybrowserbar.com
[2011/12/21 09:47:28 | 000,000,940 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Roaming\Smarty Uninstaller\Icons\YouTube Downloader App16.png
[2011/12/21 09:47:28 | 000,002,583 | ---- | M] () -- \Documents and Settings\mifoIV\AppData\Roaming\Smarty Uninstaller\Icons\YouTube Downloader App32.png
[2012/01/29 08:24:41 | 1234,046,497 | ---- | M] () -- \Documents and Settings\mifoIV\Desktop\Kocour.v.botach.2011.DVDScr.CZ.by.Colly.of.PowerUploaders.avi
[2011/12/20 03:19:34 | 000,002,160 | ---- | M] () -- \Documents and Settings\mifoIV\Desktop\Aplikácie\YouTube Downloader App.lnk
[2012/01/10 23:29:31 | 000,001,140 | ---- | M] () -- \Documents and Settings\mifoIV\Desktop\Aplikácie\YouTube Downloader.lnk
[2012/01/24 21:07:01 | 1036,490,752 | ---- | M] () -- \Documents and Settings\mifoIV\Documents\FILMY\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.avi
[2012/01/05 11:00:58 | 663,097,512 | ---- | M] () -- \Documents and Settings\mifoIV\Videos\turistas-2006. DVDRip.CZ.by.Salud.of.PowerUploaders.mp4
[2012/01/24 22:58:55 | 443,176,014 | ---- | M] () -- \Documents and Settings\mifoIV\Videos\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.mp4
[2012/01/06 21:39:43 | 614,024,701 | ---- | M] () -- \Documents and Settings\mifoIV\Videos\Without.Men.2011.DVDRip.CZ.by.Colly.of.PowerUploaders.mp4
[2010/11/29 23:32:34 | 000,170,288 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.1\Kernelmoduleunloader.exe
[2005/10/14 02:49:48 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 02:49:48 | 000,017,624 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2009/05/31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 18:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2010/06/07 21:11:08 | 000,006,262 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011/11/27 19:16:11 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010/06/10 16:58:26 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011/11/27 19:16:16 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010/06/09 16:21:40 | 000,003,874 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2010/09/03 13:25:50 | 000,245,760 | ---- | M] () -- \Program Files (x86)\Regensoft\Downloader App\DownloaderApp.exe
[2011/12/20 03:19:34 | 000,000,063 | ---- | M] () -- \Program Files (x86)\Regensoft\Downloader App\YouTube Downloader App.url
[2009/09/21 14:04:18 | 000,002,713 | ---- | M] () -- \Program Files (x86)\Regensoft\Downloader App\components\uriloader.xpt
[2008/02/25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2007/09/17 06:50:37 | 000,169,384 | ---- | M] () -- \Program Files (x86)\Valve\cstrike\models\qloader.mdl
[2003/09/26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files (x86)\Valve\valve\models\loader.mdl
[2003/09/26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Valve\valve\sound\ambience\loader_hydra1.wav
[2003/09/26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Valve\valve\sound\ambience\loader_step1.wav
[2010/03/15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2011/10/10 09:01:22 | 001,178,504 | ---- | M] () -- \Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe
[2011/12/20 03:19:34 | 000,000,998 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Uninstall.lnk
[2011/12/20 03:19:34 | 000,001,301 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Website.lnk
[2011/12/20 03:19:34 | 000,002,184 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App.lnk
[2012/01/10 23:29:32 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2012/01/10 23:29:32 | 000,002,074 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2011/12/20 03:19:34 | 000,000,998 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Uninstall.lnk
[2011/12/20 03:19:34 | 000,001,301 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App Website.lnk
[2011/12/20 03:19:34 | 000,002,184 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Regensoft\YouTube Downloader App\YouTube Downloader App.lnk
[2012/01/10 23:29:32 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2012/01/10 23:29:32 | 000,002,074 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012/01/30 12:22:36 | 000,014,548 | ---- | M] () -- \Users\mifoIV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XCN63QM\downloaderController[1].js
[2012/01/30 12:22:36 | 000,001,755 | ---- | M] () -- \Users\mifoIV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q947XT97\downloaderGeneric[1].css
[2011/12/20 02:46:34 | 000,000,813 | ---- | M] () -- \Users\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloaderhd.com%2Ffavicon.png
[2012/01/10 23:29:37 | 000,000,749 | ---- | M] () -- \Users\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.youtubedownloadersite.com%2Ffavicon.png
[2012/01/30 17:05:58 | 000,000,605 | ---- | M] () -- \Users\mifoIV\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fyoutubedownloader.mybrowserbar.com%2Ffavicon.png
[2012/01/30 17:05:58 | 000,000,238 | ---- | M] () -- \Users\mifoIV\AppData\Local\Opera\Opera\icons\youtubedownloader.mybrowserbar.com.idx
[2012/01/21 09:29:50 | 000,001,800 | ---- | M] () -- \Users\mifoIV\AppData\Local\Temp\.MediaCaches\Blbec na krku -2002-DVDRip.CZ.by.Salud.of.PowerUploaders.avi_1327096446_754110810.cache
[2012/01/21 10:11:56 | 000,001,800 | ---- | M] () -- \Users\mifoIV\AppData\Local\Temp\.MediaCaches\Blbec na krku -2002-DVDRip.CZ.by.Salud.of.PowerUploaders.mp4_1327137116_397807350.cache
[2012/01/24 21:22:58 | 000,001,800 | ---- | M] () -- \Users\mifoIV\AppData\Local\Temp\.MediaCaches\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.avi_1327435621_1036490752.cache
[2012/01/24 22:58:55 | 000,001,800 | ---- | M] () -- \Users\mifoIV\AppData\Local\Temp\.MediaCaches\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.mp4_1327442335_443176014.cache
[2011/11/05 15:55:00 | 000,000,000 | ---- | M] () -- \Users\mifoIV\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_sizling_hot_pc_game.data
[2012/01/10 23:30:30 | 000,000,053 | ---- | M] () -- \Users\mifoIV\AppData\Roaming\Mozilla\Firefox\Profiles\rlx9bpec.default\extensions\youtubedownloader@mybrowserbar.com
[2011/12/21 09:47:28 | 000,000,940 | ---- | M] () -- \Users\mifoIV\AppData\Roaming\Smarty Uninstaller\Icons\YouTube Downloader App16.png
[2011/12/21 09:47:28 | 000,002,583 | ---- | M] () -- \Users\mifoIV\AppData\Roaming\Smarty Uninstaller\Icons\YouTube Downloader App32.png
[2012/01/29 08:24:41 | 1234,046,497 | ---- | M] () -- \Users\mifoIV\Desktop\Kocour.v.botach.2011.DVDScr.CZ.by.Colly.of.PowerUploaders.avi
[2011/12/20 03:19:34 | 000,002,160 | ---- | M] () -- \Users\mifoIV\Desktop\Aplikácie\YouTube Downloader App.lnk
[2012/01/10 23:29:31 | 000,001,140 | ---- | M] () -- \Users\mifoIV\Desktop\Aplikácie\YouTube Downloader.lnk
[2012/01/24 21:07:01 | 1036,490,752 | ---- | M] () -- \Users\mifoIV\Documents\FILMY\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.avi
[2012/01/05 11:00:58 | 663,097,512 | ---- | M] () -- \Users\mifoIV\Videos\turistas-2006. DVDRip.CZ.by.Salud.of.PowerUploaders.mp4
[2012/01/24 22:58:55 | 443,176,014 | ---- | M] () -- \Users\mifoIV\Videos\Valka.svetu.2005.DVDRip.CZ.by.Colly.of.PowerUploaders.mp4
[2012/01/06 21:39:43 | 614,024,701 | ---- | M] () -- \Users\mifoIV\Videos\Without.Men.2011.DVDRip.CZ.by.Colly.of.PowerUploaders.mp4
[2011/11/05 15:53:36 | 000,069,486 | ---- | M] () -- \Windows\Prefetch\BROTHERSOFTDOWNLOADER_FOR_SIZ-542CFC23.pf
[2012/01/30 17:12:40 | 000,025,242 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-4B76CB3C.pf
[2011/11/05 18:56:58 | 000,052,032 | ---- | M] () -- \Windows\Prefetch\SOFTONICDOWNLOADER_FOR_XVID4P-CD362CEB.pf
[2009/09/30 17:39:46 | 002,199,375 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/11/22 14:12:58 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2011/11/22 14:12:58 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 08:44:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 08:44:39 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 08:44:39 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 08:44:39 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 08:44:39 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/11/10 21:24:30 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/11/10 21:24:30 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/11/10 21:24:30 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/11/10 21:24:30 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/11/10 21:24:30 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 08:43:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

A extras

OTL Extras logfile created on: 30. 1. 2012 17:12:19 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\mifoIV\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

1,99 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 36,68% Memory free
4,10 Gb Paging File | 1,66 Gb Available in Paging File | 40,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 263,96 Gb Free Space | 56,67% Space Free | Partition Type: NTFS

Computer Name: MIFO | User Name: mifoIV | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp[@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D12CCBE2-1EC9-41EE-ABF2-D149D05FCE53}" = Nitro PDF Reader 2
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{28B94253-5729-4C30-8DE4-F2A0A63149B0}" = OpenOffice.org 3.2
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MYMOVIES)
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"18 WoS Extreme Trucker 2" = 18 WoS Extreme Trucker 2 (v.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Any Video Converter_is1" = Any Video Converter 3.3.0
"avast" = avast! Free Antivirus
"AVI ReComp" = AVI ReComp 1.5.3
"Crash Team Racing (pSX 1.13 emulation)" = Crash Team Racing (pSX 1.13 emulation)
"Farm Frenzy 3: Russian Roulette" = Farm Frenzy 3: Russian Roulette
"Fraps" = Fraps
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Basic)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 9.0.1 (x86 sk)" = Mozilla Firefox 9.0.1 (x86 sk)
"Nero8Lite_is1" = Nero 8 Lite 8.1.1.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.61.1250" = Opera 11.61
"PE Explorer_is1" = PE Explorer 1.99 R6
"PunkBusterSvc" = PunkBuster Services
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"Steam App 10" = Counter-Strike
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"upnito.sk Manager_is1" = upnito.sk Manager 2 X64
"uSeesoft Total Video Converter_is1" = uSeesoft Total Video Converter
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"WinRAR archiver" = WinRAR
"Xvid_is1" = Xvid 1.3.0
"XviD4PSP5" = XviD4PSP 5.0
"YouTube Downloader App" = YouTube Downloader App 3.00

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report > = Microsoft SQL Server Setup Support Files (English)

#5 Příspěvek od **vyosek** » 30 led 2012 18:04

Co udelame s temi nelegalnimi W7, nebo se mylim

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu