Blue screen a Rootkit

Zpráva

#16 Příspěvek od **vyosek** » 17 dub 2012 20:37

Zkuste nyni CFko...

doomguy · #17 Příspěvek od **doomguy** » 17 dub 2012 20:41

CFko si vypne net a vsechna okna pak skenuje skenuje a bžum a nic se nedeje

#18 Příspěvek od **vyosek** » 17 dub 2012 21:08

Pustte tam avp tool dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=58179

doomguy · #19 Příspěvek od **doomguy** » 18 dub 2012 13:33

Status: Detected (events: 4)
18.4.2012 8:34:23 Detected Trojan program HEUR:Trojan-Downloader.Win32.Generic C:\Users\Karel\Documents\Fraps_3.2.3_Retail_Full_Version.rar//Fraps 3.2.3 Retail/fraps-setup.exe//$TEMP\setup2.exe High
18.4.2012 8:48:41 Detected Trojan program HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Karel\Documents\Fraps_3.2.3_Retail_Full_Version.rar//Fraps 3.2.3 Retail/fraps-setup.exe//$TEMP\setup2.exe High
18.4.2012 8:56:32 Detected Trojan program HEUR:Trojan-Downloader.Win32.Generic C:\Documents and Settings\Karel\My Documents\Fraps_3.2.3_Retail_Full_Version.rar//Fraps 3.2.3 Retail/fraps-setup.exe//$TEMP\setup2.exe High
18.4.2012 9:39:48 Detected Trojan program HEUR:Trojan-Downloader.Win32.Generic C:\Users\Karel\My Documents\Fraps_3.2.3_Retail_Full_Version.rar//Fraps 3.2.3 Retail/fraps-setup.exe//$TEMP\setup2.exe High
Status: Deleted (events: 2)
18.4.2012 9:25:17 Deleted Trojan program Backdoor.Win32.ZAccess.fln C:\TDSSKiller_Quarantine\17.04.2012_17.46.20\zaea0000\svc0000\tsk0000.dta High
18.4.2012 12:44:28 Deleted Trojan program Backdoor.Win32.Delf.acjg E:\Users\Karel\Downloads\CraftBukkit_Installer_Windows.exe High
Status: Quarantined (events: 1)
18.4.2012 11:24:02 Quarantined Trojan program HEUR:Trojan-Downloader.Win32.Generic D:\Program Files\Left 4 Dead\bin\KAO-Check.exe High

#20 Příspěvek od **vyosek** » 18 dub 2012 14:15

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

Ulozte nejlepe na plochu
Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Report
Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

doomguy · #21 Příspěvek od **doomguy** » 18 dub 2012 14:21

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (32 bit)
PROCESSOR      : x86 Family 16 Model 6 Stepping 2, AuthenticAMD
BOOT           : Safe Boot with network
DATE           : 2012/04/18 (ISO 8601) at 15:20:45
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST500DM002-1BC142 (JC4B)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR1 __SAMSUNG HM321HI (2AJ1)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	465.8 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : 279C99AFB4EB6A7E322C73ACABD48679
MBR_SHA1  : 74A338C460CA6433AF736EBBFCE9783764983D95

Device\Harddisk0\Partition1	49.81 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	300.9 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition3	115.1 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR1	298.1 Go  [Fixed] ==> Unknown MBR Code ....

MBR_MD5   : 640E4006EB4C2A7669D2003B261C468F
MBR_SHA1  : F0A373EF70090B420B7C4073E43848C70035EAB9

Device\Harddisk1\Partition1	197.2 Go  	0x0B FAT32 [CHS] 
Device\Harddisk1\Partition2	100.9 Go  	0x83 Linux 
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x928F5000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0x92900000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x92909000
SIZE    : 68.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  SAFEBOOT:NETWORK  SOS  BOOTLOG  NOGUIBOOT  BOOTLOGO

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A A5 B3 A5 B3 00 00 80 01   em...c{.¥³¥³....
0x000001C0   02 00 07 FE FF FF 40 00 00 00 C0 D7 39 06 00 FE   ...þ..@...À×9..þ
0x000001D0   FF FF 0F FE FF FF 23 DA 39 06 1E 72 FE 33 00 00   ...þ..#Ú9..rþ3..
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR1  

0x00000000   FA B8 00 10 8E D0 BC 00 B0 B8 00 00 8E D8 8E C0   ú¸...Ð¼.°¸...Ø.À
0x00000010   FB BE 00 7C BF 00 06 B9 00 02 F3 A4 EA 21 06 00   û¾.|¿..¹..ó¤ê!..
0x00000020   00 BE BE 07 38 04 75 0B 83 C6 10 81 FE FE 07 75   .¾¾.8.u..Æ..þþ.u
0x00000030   F3 EB 16 B4 02 B0 01 BB 00 7C B2 80 8A 74 01 8B   óë.´.°.».|²..t..
0x00000040   4C 02 CD 13 EA 00 7C 00 00 EB FE 00 00 00 00 00   L.Í.ê.|..ëþ.....
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 1F EB 06 00 00 00 00 01   .........ë......
0x000001C0   01 00 0B FE FF FF 3F 00 00 00 90 71 A6 18 00 FE   ...þ..?....q¦..þ
0x000001D0   FF FF 0F FE FF FF 0C 72 A6 18 B5 64 9C 0C 00 00   ...þ...r¦.µd....
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

#22 Příspěvek od **vyosek** » 18 dub 2012 14:25

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

doomguy · #23 Příspěvek od **doomguy** » 18 dub 2012 14:51

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-18 15:31:48
-----------------------------
15:31:48.316 OS Version: Windows 6.1.7601 Service Pack 1
15:31:48.316 Number of processors: 2 586 0x602
15:31:48.317 ComputerName: KAREL-PC UserName: Karel
15:31:50.399 Initialize success
15:31:51.247 AVAST engine defs: 12041700
15:32:18.311 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:32:18.314 Disk 0 Vendor: ST500DM002-1BC142 JC4B Size: 476940MB BusType: 3
15:32:18.335 Disk 0 MBR read successfully
15:32:18.338 Disk 0 MBR scan
15:32:18.630 Disk 0 Windows 7 default MBR code
15:32:18.668 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 51002 MB offset 64
15:32:18.888 Disk 0 Partition - 00 0F Extended LBA 425934 MB offset 104454691
15:32:18.903 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 308098 MB offset 104454693
15:32:18.997 Disk 0 Partition - 00 05 Extended 117836 MB offset 735439635
15:32:19.026 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 117836 MB offset 735439702
15:32:19.068 Disk 0 scanning sectors +976768065
15:32:19.410 Disk 0 scanning C:\Windows\system32\drivers
15:32:33.043 Service scanning
15:32:53.505 Modules scanning
15:33:00.254 Module: C:\Windows\System32\user32.dll **SUSPICIOUS**
15:33:00.691 Disk 0 trace - called modules:
15:33:00.736 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:33:00.742 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c61030]
15:33:00.747 3 CLASSPNP.SYS[87bc459e] -> nt!IofCallDriver -> [0x84c55620]
15:33:00.753 5 ACPI.sys[8759a3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84c5e908]
15:33:05.546 AVAST engine scan C:\Windows
15:33:11.024 AVAST engine scan C:\Windows\system32
15:35:28.624 AVAST engine scan C:\Windows\system32\drivers
15:35:44.128 AVAST engine scan C:\Users\Karel
15:47:45.130 AVAST engine scan C:\ProgramData
15:48:23.759 Scan finished successfully
15:49:39.650 Disk 0 MBR has been saved successfully to "C:\Users\Karel\Desktop\MBR.dat"
15:49:39.656 The log file has been saved successfully to "C:\Users\Karel\Desktop\aswMBR.txt"

#24 Příspěvek od **vyosek** » 18 dub 2012 14:56

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\Users\Karel\Desktop\MBR.dat
C:\Windows\System32\user32.dll
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

doomguy · #25 Příspěvek od **doomguy** » 18 dub 2012 15:06

https://www.virustotal.com/file/88cf562 ... 334757643/

https://www.virustotal.com/file/86f4e15 ... 334757766/

#26 Příspěvek od **vyosek** » 18 dub 2012 15:16

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
user32.dll
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

doomguy · #27 Příspěvek od **doomguy** » 18 dub 2012 15:51

OTL logfile created on: 18.4.2012 16:26:42 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Karel\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 0,20 Gb Available Physical Memory | 11,29% Memory free
6,86 Gb Paging File | 5,71 Gb Available in Paging File | 83,27% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49,81 Gb Total Space | 4,07 Gb Free Space | 8,16% Space Free | Partition Type: NTFS
Drive D: | 300,88 Gb Total Space | 6,94 Gb Free Space | 2,31% Space Free | Partition Type: NTFS
Drive E: | 115,07 Gb Total Space | 2,44 Gb Free Space | 2,12% Space Free | Partition Type: NTFS

Computer Name: KAREL-PC | User Name: Karel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.04.18 16:24:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
PRC - [2012.03.30 16:47:24 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012.02.29 09:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.) -- C:\Users\Karel\Desktop\Phone\Skype.exe
PRC - [2012.02.28 18:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.02.28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012.02.13 19:58:30 | 000,275,736 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2011.04.27 09:56:10 | 000,232,896 | ---- | M] (Vuze Inc.) -- C:\Program Files\Vuze\Azureus.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 23:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe

========== Modules (No Company Name) ==========

MOD - [2012.03.30 16:49:56 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_228.dll
MOD - [2012.03.30 16:47:35 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012.03.30 16:47:35 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012.03.30 16:47:35 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012.03.30 16:47:35 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012.03.30 16:47:35 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012.03.30 16:47:35 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012.03.30 16:47:34 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2012.03.30 16:47:34 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012.03.30 16:47:34 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012.03.30 16:47:34 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012.03.30 16:47:34 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012.03.30 16:47:34 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012.03.30 16:47:34 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012.02.13 19:58:02 | 000,070,424 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2012.02.13 19:57:58 | 000,099,096 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\CrashRpt.dll
MOD - [2011.12.23 12:13:05 | 000,028,160 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Azureus\plugins\azutp\win32\utp.dll
MOD - [2011.04.27 09:56:18 | 000,102,400 | ---- | M] () -- C:\Program Files\Vuze\plugins\azitunes\jacob-1.14.3-x86.dll
MOD - [2011.04.27 09:56:10 | 000,087,480 | ---- | M] () -- C:\Program Files\Vuze\aereg.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Users\Karel\Desktop\aircrack-ng-1.1-win\bin\wzcook.exe -- (WZCOOK)
SRV - [2012.03.30 16:49:56 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.29 19:58:17 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.14 08:24:29 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2012.03.14 08:24:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012.03.09 07:10:06 | 000,163,328 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.03.09 01:08:28 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.03.07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Users\Karel\Desktop\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.28 18:38:52 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.02.23 12:40:40 | 002,886,528 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.31 19:12:50 | 000,819,729 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\mrvcl32.exe -- (Adobe Licensing Console)
SRV - [2011.12.20 21:15:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.09.16 16:10:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2011.06.08 14:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Karel\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Karel\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Karel\AppData\Local\0 A.D. alpha\binaries\system\aken.sys -- (Aken)
DRV - [2012.03.14 19:57:50 | 000,158,512 | ---- | M] (Oracle Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2012.03.14 19:57:50 | 000,116,016 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2012.03.14 19:57:50 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012.03.14 19:57:50 | 000,091,952 | ---- | M] (Oracle Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2012.03.14 19:57:50 | 000,082,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2012.03.14 08:24:17 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012.03.09 08:26:40 | 009,183,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.03.09 05:57:34 | 000,265,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.03.07 02:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 02:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 02:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.03.07 02:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 02:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 02:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.04 11:56:09 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2012.02.01 15:18:10 | 000,046,720 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.02.01 15:18:10 | 000,046,720 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011.12.16 17:53:01 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2011.12.05 21:47:16 | 000,086,032 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011.09.21 10:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011.09.16 16:10:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011.09.16 16:10:50 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2011.08.17 11:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 11:03:50 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.08.17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.07.29 14:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011.07.29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010.11.20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2010.01.28 03:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.05.04 18:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.11.11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 00:29:16 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vserial.sys -- (vserial)
DRV - [2008.07.24 00:29:16 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsb.sys -- (vsbus)
DRV - [2008.01.25 14:40:20 | 000,015,453 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2007.07.15 03:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\pstrip.sys -- (PStrip)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3936861771-3270663531-1454860607-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-3936861771-3270663531-1454860607-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3936861771-3270663531-1454860607-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.08 21:36:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.29 19:58:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.15 15:20:47 | 000,000,000 | ---D | M]

[2011.12.21 19:33:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\Mozilla\Extensions
[2012.03.29 20:03:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\igw4uyy4.default\extensions
[2012.03.29 20:03:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\igw4uyy4.default\extensions\staged
[2012.01.31 17:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.03.29 19:58:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012.03.08 21:36:54 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\KAREL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IGW4UYY4.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.03.29 19:58:17 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.02.21 20:20:16 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.03.18 17:47:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.18 17:47:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012.04.17 21:25:41 | 000,000,000 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3936861771-3270663531-1454860607-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk = C:\Program Files\PowerStrip\PStrip.exe (EnTech Taiwan)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3936861771-3270663531-1454860607-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.168.254 192.168.167.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83F932DD-A0C4-4280-B27F-4A9578869CD2}: DhcpNameServer = 192.168.168.254 192.168.167.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\setup\rsrc\Autorun.exe
O33 - MountPoints2\K\Shell\dinstall\command - "" = K:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Error creating restore point.

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.04.18 16:23:54 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
[2012.04.18 15:30:27 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Karel\Desktop\aswMBR.exe
[2012.04.18 15:20:03 | 000,147,456 | ---- | C] (Eric_71) -- C:\Users\Karel\Desktop\MbrScan.exe
[2012.04.18 08:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.04.17 21:28:34 | 000,000,000 | --SD | C] -- C:\Combofix
[2012.04.17 21:07:37 | 000,000,000 | ---D | C] -- C:\Users\Karel\Desktop\RK_Quarantine
[2012.04.17 18:38:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.04.17 18:38:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.04.17 18:38:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.04.17 18:38:14 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.04.17 18:38:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.04.17 18:31:48 | 004,465,211 | R--- | C] (Swearware) -- C:\Users\Karel\Documents\Combofix.exe
[2012.04.17 17:48:22 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.04.17 17:44:02 | 002,071,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Karel\Documents\tdsskiller.exe
[2012.04.17 17:43:40 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.16 21:43:07 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SGCSim.com
[2012.04.16 21:21:54 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Apps
[2012.04.16 21:21:53 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Deployment
[2012.04.16 18:36:56 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\Penumbra
[2012.04.16 18:34:27 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\Penumbra Overture
[2012.04.16 18:27:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012.04.16 18:27:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012.04.16 18:27:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012.04.16 18:26:31 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
[2012.04.15 23:00:12 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Freelancer
[2012.04.15 19:08:13 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enhanced Beta 0.6.2 Installer + lagg fix
[2012.04.15 16:52:57 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0 A.D. alpha
[2012.04.15 10:37:45 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Rovio
[2012.04.14 14:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopGun - Hardlock
[2012.04.13 16:05:01 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Google
[2012.04.13 16:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
[2012.04.13 16:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012.04.12 15:52:25 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.12 15:52:24 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.12 15:52:23 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.12 15:52:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.12 15:52:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.12 15:52:20 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.12 15:48:22 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.12 15:48:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.04.11 22:12:49 | 000,000,000 | ---D | C] -- C:\Users\Karel\Desktop\Nová složka
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.04.18 16:28:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.18 16:24:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
[2012.04.18 15:49:39 | 000,000,512 | ---- | M] () -- C:\Users\Karel\Desktop\MBR.dat
[2012.04.18 15:31:36 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Karel\Desktop\aswMBR.exe
[2012.04.18 15:20:45 | 000,000,512 | ---- | M] () -- C:\Users\Karel\Desktop\Dump_Hdd1_DR1.mbr
[2012.04.18 15:20:45 | 000,000,512 | ---- | M] () -- C:\Users\Karel\Desktop\Dump_Hdd0_DR0.mbr
[2012.04.18 15:20:10 | 000,147,456 | ---- | M] (Eric_71) -- C:\Users\Karel\Desktop\MbrScan.exe
[2012.04.18 15:16:54 | 000,000,024 | ---- | M] () -- C:\Users\Karel\random.dat
[2012.04.18 15:16:51 | 000,000,023 | ---- | M] () -- C:\Users\Karel\jagexappletviewer.preferences
[2012.04.18 15:12:36 | 000,000,044 | ---- | M] () -- C:\Users\Karel\jagex_cl_runescape_LIVE.dat
[2012.04.18 08:25:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.18 08:25:19 | 1408,688,128 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.18 00:21:34 | 131,356,416 | ---- | M] () -- C:\Users\Karel\Desktop\setup_11.0.0.1245.x01_2012_04_17_23_31.exe
[2012.04.17 23:20:33 | 000,301,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.04.17 21:25:41 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.04.17 19:37:04 | 000,010,764 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\PStrip.ini
[2012.04.17 19:36:15 | 000,010,741 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\PStrip.bak
[2012.04.17 19:35:53 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.17 18:46:10 | 000,007,596 | ---- | M] () -- C:\Users\Karel\AppData\Local\Resmon.ResmonCfg
[2012.04.17 18:37:56 | 004,465,211 | R--- | M] (Swearware) -- C:\Users\Karel\Documents\Combofix.exe
[2012.04.17 17:45:42 | 002,071,600 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Karel\Documents\tdsskiller.exe
[2012.04.17 17:23:15 | 000,069,939 | ---- | M] () -- C:\Users\Karel\Documents\Activate Sound in SafeMode.zip
[2012.04.17 17:10:08 | 000,781,383 | ---- | M] () -- C:\Users\Karel\Documents\RSIT.exe
[2012.04.17 16:56:15 | 000,010,764 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\PStrip.bk!
[2012.04.17 16:14:41 | 009,456,705 | ---- | M] () -- C:\Program Files\TeamViewer.zip
[2012.04.17 15:55:08 | 000,010,741 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\PStrip.bko
[2012.04.17 06:17:15 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.17 06:17:14 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012.04.17 06:12:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.17 06:10:18 | 000,020,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 06:10:18 | 000,020,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.16 21:43:07 | 000,000,304 | ---- | M] () -- C:\Users\Karel\Desktop\SGCSim v5.2.appref-ms
[2012.04.16 18:33:49 | 000,001,257 | ---- | M] () -- C:\Users\Karel\Desktop\Penumbra - Requiem.lnk
[2012.04.16 18:33:49 | 000,001,257 | ---- | M] () -- C:\Users\Karel\Desktop\Penumbra - Black Plague.lnk
[2012.04.16 18:27:45 | 000,001,159 | ---- | M] () -- C:\Users\Karel\Desktop\Penumbra - Overture.lnk
[2012.04.15 22:58:04 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\Freelancer.lnk
[2012.04.15 16:29:22 | 000,012,288 | ---- | M] () -- C:\Users\Karel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.13 20:16:24 | 000,055,976 | ---- | M] () -- C:\Users\Karel\Documents\Untitled.skp
[2012.04.13 16:02:49 | 000,003,120 | ---- | M] () -- C:\Windows\System32\ALLFSAF8a.ocx
[2012.04.13 16:02:31 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\Style Builder 2.lnk
[2012.04.13 16:02:30 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\LayOut 3.lnk
[2012.04.13 16:02:30 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\Google SketchUp 8.lnk
[2012.04.12 15:51:08 | 000,666,216 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.04.12 15:51:08 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.12 15:51:08 | 000,139,898 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.04.12 15:51:08 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.04.18 15:49:39 | 000,000,512 | ---- | C] () -- C:\Users\Karel\Desktop\MBR.dat
[2012.04.18 15:20:45 | 000,000,512 | ---- | C] () -- C:\Users\Karel\Desktop\Dump_Hdd1_DR1.mbr
[2012.04.18 15:20:45 | 000,000,512 | ---- | C] () -- C:\Users\Karel\Desktop\Dump_Hdd0_DR0.mbr
[2012.04.17 23:20:11 | 000,301,272 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.04.17 22:23:13 | 131,356,416 | ---- | C] () -- C:\Users\Karel\Desktop\setup_11.0.0.1245.x01_2012_04_17_23_31.exe
[2012.04.17 18:38:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.04.17 18:38:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.04.17 18:38:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.04.17 18:38:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.04.17 18:38:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.04.17 17:23:15 | 000,069,939 | ---- | C] () -- C:\Users\Karel\Documents\Activate Sound in SafeMode.zip
[2012.04.17 17:10:07 | 000,781,383 | ---- | C] () -- C:\Users\Karel\Documents\RSIT.exe
[2012.04.17 16:14:39 | 009,456,705 | ---- | C] () -- C:\Program Files\TeamViewer.zip
[2012.04.16 21:43:07 | 000,000,304 | ---- | C] () -- C:\Users\Karel\Desktop\SGCSim v5.2.appref-ms
[2012.04.16 18:33:49 | 000,001,257 | ---- | C] () -- C:\Users\Karel\Desktop\Penumbra - Requiem.lnk
[2012.04.16 18:33:49 | 000,001,257 | ---- | C] () -- C:\Users\Karel\Desktop\Penumbra - Black Plague.lnk
[2012.04.16 18:27:45 | 000,001,159 | ---- | C] () -- C:\Users\Karel\Desktop\Penumbra - Overture.lnk
[2012.04.15 22:58:04 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\Freelancer.lnk
[2012.04.14 14:28:21 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2012.04.13 20:16:24 | 000,055,976 | ---- | C] () -- C:\Users\Karel\Documents\Untitled.skp
[2012.04.13 16:02:49 | 000,003,120 | ---- | C] () -- C:\Windows\System32\ALLFSAF8a.ocx
[2012.04.13 16:02:31 | 000,002,126 | ---- | C] () -- C:\Users\Public\Desktop\Style Builder 2.lnk
[2012.04.13 16:02:30 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\LayOut 3.lnk
[2012.04.13 16:02:30 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\Google SketchUp 8.lnk
[2012.04.12 17:36:31 | 001,200,907 | ---- | C] () -- C:\Users\Karel\Desktop\Medium.ogg
[2012.03.28 16:12:40 | 000,000,981 | ---- | C] () -- C:\Windows\eReg.dat
[2012.03.17 00:55:45 | 000,000,158 | ---- | C] () -- C:\Windows\TSDataEx.ini
[2012.03.16 17:50:51 | 000,000,000 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\FileOut.cns
[2012.03.16 17:50:51 | 000,000,000 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\FileIn.cns
[2012.03.09 06:22:26 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.03.09 06:22:26 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.03.09 01:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2012.03.07 20:34:52 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2012.03.03 10:06:30 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012.02.26 18:53:38 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2012.02.12 22:25:21 | 000,007,596 | ---- | C] () -- C:\Users\Karel\AppData\Local\Resmon.ResmonCfg
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.01.08 11:07:05 | 000,010,741 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\PStrip.bko
[2012.01.07 19:56:52 | 000,010,764 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\PStrip.bk!
[2012.01.07 19:56:48 | 000,010,741 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\PStrip.bak
[2012.01.07 19:50:50 | 000,010,764 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\PStrip.ini
[2011.12.31 19:12:50 | 000,819,729 | ---- | C] ( ) -- C:\Windows\System32\mrvcl32.exe
[2011.12.27 00:48:33 | 000,012,288 | ---- | C] () -- C:\Users\Karel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.22 15:02:35 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011.12.22 15:02:34 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011.12.22 15:02:34 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011.12.22 15:02:34 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011.12.22 15:02:34 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011.12.22 14:51:58 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.12.21 19:59:43 | 000,666,216 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2011.12.21 19:59:43 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2011.12.21 19:59:43 | 000,139,898 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2011.12.21 19:59:43 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2011.12.20 21:24:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.20 21:20:22 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.12.20 21:19:51 | 000,146,432 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2011.12.20 21:19:51 | 000,072,704 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.04.09 19:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.11.20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== LOP Check ==========

[2012.04.16 19:57:32 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\.minecraft
[2012.04.05 22:24:49 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\.Nitrous
[2012.02.27 00:55:34 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\.spoutcraft
[2012.04.15 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\0ad
[2012.04.18 16:26:17 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Azureus
[2012.02.21 20:20:14 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Babylon
[2012.02.04 12:57:29 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Baumaschinen Simulator 2011
[2012.01.06 16:20:35 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\CadSoft
[2011.12.23 10:42:58 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Canneverbe Limited
[2012.02.21 20:15:26 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\fltk.org
[2011.12.22 14:49:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\GameRanger
[2011.12.27 14:37:01 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\HyperLobby
[2012.01.01 19:22:02 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Image-Line
[2011.12.20 21:55:35 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IrfanView
[2012.03.07 19:54:59 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IVAO
[2012.02.26 18:41:27 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\LG Electronics
[2012.01.04 21:48:39 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mumble
[2012.02.06 17:12:47 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Nokia
[2011.12.20 21:45:32 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Opera
[2012.02.06 17:07:24 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\PC Suite
[2011.12.26 19:56:43 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Publish Providers
[2012.02.26 17:11:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\pymclevel
[2012.04.15 10:37:45 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Rovio
[2012.03.20 00:21:41 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Sony
[2012.03.26 19:58:12 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Stellarium
[2012.02.28 23:07:51 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Subversion
[2012.03.14 20:44:39 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TeamViewer
[2012.04.17 22:22:33 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TS3Client
[2012.01.08 17:44:20 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Ubisoft
[2012.02.07 18:13:57 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\wargaming.net
[2009.07.14 06:53:46 | 000,019,818 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

doomguy · #28 Příspěvek od **doomguy** » 18 dub 2012 15:54

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys

< MD5 for: USER32.DLL >
[2011.12.20 21:15:23 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=7BD7F45FF37FA0669CD32CA0EF46E22C -- C:\Windows\System32\user32.dll
[2010.11.20 23:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll

< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application C:\Windows\$NtUninstallKB54636$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[103 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0000\*.tmp -> ]
[78 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0001\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0001\*.tmp -> ]
[46 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0002\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\g_0002\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\cache\revocation\g_0000\*.tmp -> ]
[3 C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Opera\Opera\icons\cache\g_0000\*.tmp -> ]
[5 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.12.29 11:58:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Adobe
[2012.03.26 14:51:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Age of Empires 3
[2012.03.30 17:06:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\AMD
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Application Data
[2012.03.30 17:06:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\ATI
[2012.01.07 11:50:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\AVAST Software
[2012.02.21 20:20:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Babylon
[2011.12.24 11:47:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Blizzard Entertainment
[2012.04.17 19:36:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\BOINC
[2011.12.23 10:42:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Canneverbe Limited
[2012.01.01 11:27:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Codemasters
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Documents
[2011.12.24 10:37:30 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\DSS
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Favorites
[2012.02.21 20:15:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\fltk.org
[2012.04.13 16:02:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Google
[2012.03.19 15:37:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Hewlett-Packard
[2012.02.06 17:14:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Installations
[2012.04.04 22:13:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\IObit
[2012.01.15 12:38:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Ironclad Games
[2012.04.18 08:11:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Kaspersky Lab
[2012.04.17 22:22:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\LogMeIn
[2012.03.25 16:02:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Malwarebytes
[2012.03.08 01:00:16 | 000,000,000 | --SD | M] -- C:\ProgramData\Application Data\Microsoft
[2012.03.29 19:58:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Mozilla
[2012.02.06 17:05:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\PC Suite
[2012.03.07 08:47:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Skype
[2011.12.26 19:56:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Start Menu
[2011.12.20 21:57:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Sun
[2012.04.02 21:37:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TechSmith
[2012.02.19 18:33:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TEMP
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Templates
[2012.01.03 20:24:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TrackMania
[2012.01.08 17:42:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Ubisoft
[2012.03.18 00:37:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Windows Genuine Advantage

doomguy · #29 Příspěvek od **doomguy** » 18 dub 2012 15:55

>[/color]
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AcrobatUpdater.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARM.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\AdobeARMHelper.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.1.1\4485\ReaderUpdater.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe

doomguy · #30 Příspěvek od **doomguy** » 18 dub 2012 15:56

ramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
[2012.02.19 12:47:14 | 019,724,316 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP3_1.00_graphics_windows_intelx86.exe
[2012.02.19 12:43:57 | 010,087,883 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\einstein.phys.uwm.edu\einsteinbinary_BRP4_1.00_windows_intelx86__BRP3SSE.exe
[2012.02.19 12:37:51 | 012,709,791 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S5R6_3.01_graphics_windows_intelx86.exe
[2012.02.22 16:35:13 | 028,023,532 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\einstein.phys.uwm.edu\einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe
[2012.02.19 12:38:24 | 008,948,719 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP1_0.23_windows_intelx86.exe
[2012.01.10 16:54:58 | 002,445,312 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\lhcathomeclassic.cern.ch_sixtrack\sixtrack_530.10_windows_intelx86.exe
[2012.01.07 18:30:14 | 001,129,472 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.80_windows_intelx86__mt.exe
[2012.02.08 23:20:54 | 000,519,680 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_separation_1.00_windows_intelx86.exe
[2012.01.11 08:36:28 | 000,294,912 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\setiathome.berkeley.edu\ap_graphics_5.05_windows_intelx86.exe
[2012.01.11 08:36:32 | 000,479,232 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\projects\setiathome.berkeley.edu\astropulse_5.05_windows_intelx86.exe
[2012.01.07 18:22:58 | 000,406,016 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
[2012.01.07 18:22:51 | 000,267,776 | ---- | M] (Space Sciences Laboratory) -- C:\ProgramData\Application Data\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
[2012.04.04 22:22:10 | 000,000,114 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\slots\0\milkyway_separation_1.00_windows_intelx86.exe
[2012.03.11 11:57:38 | 000,000,100 | ---- | M] () -- C:\ProgramData\Application Data\BOINC\slots\3\setiathome_6.03_windows_intelx86.exe
[2012.02.06 17:13:54 | 049,599,144 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\NokiaSoftwareUpdaterSetup_CZ.exe
[2012.02.06 17:14:37 | 003,351,812 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\msxml6Exec.exe
[2012.02.06 17:14:36 | 000,036,864 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep.exe
[2012.02.06 17:14:37 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2008.exe
[2012.02.06 17:14:38 | 000,053,248 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\Sleep2010.exe
[2012.02.06 17:14:37 | 004,697,562 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2012.02.06 17:14:38 | 005,140,754 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredist2010Exec.exe
[2012.02.06 17:14:36 | 003,203,453 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{889D48DA-457F-4C8B-9095-6458F2793B12}\Installer\CommonCustomActions\vcredistExec.exe
[2012.02.06 17:03:27 | 042,310,952 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Nokia_PC_Suite_cze_web.exe
[2012.02.06 17:04:00 | 000,095,616 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\pcswpcsi.exe
[2012.02.06 17:04:00 | 000,008,192 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstCCD.exe
[2012.02.06 17:04:00 | 000,010,240 | ---- | M] (Nokia) -- C:\ProgramData\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCS.exe
[2012.02.06 17:04:00 | 000,061,440 | ---- | M] () -- C:\ProgramData\Application Data\Installations\{D0D14551-3A2D-433B-861F-F4DCE5422759}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

< %APPDATA%\*. >
[2012.04.16 19:57:32 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\.minecraft
[2012.04.05 22:24:49 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\.Nitrous
[2012.02.27 00:55:34 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\.spoutcraft
[2012.04.15 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\0ad
[2011.12.25 15:53:43 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Adobe
[2011.12.20 21:23:18 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\ATI
[2012.04.18 16:36:17 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Azureus
[2012.02.21 20:20:14 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Babylon
[2012.02.04 12:57:29 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Baumaschinen Simulator 2011
[2012.01.06 16:20:35 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\CadSoft
[2011.12.23 10:42:58 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Canneverbe Limited
[2012.02.21 20:15:26 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\fltk.org
[2011.12.22 14:49:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\GameRanger
[2012.04.13 16:05:01 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Google
[2012.03.18 00:39:43 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Help
[2011.12.27 14:37:01 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\HyperLobby
[2011.12.20 21:16:17 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Identities
[2012.01.01 19:22:02 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Image-Line
[2012.01.08 17:34:06 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\InstallShield
[2011.12.20 21:55:35 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IrfanView
[2012.03.07 19:54:59 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\IVAO
[2012.02.26 18:41:27 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\LG Electronics
[2011.12.20 22:26:13 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Macromedia
[2012.03.25 16:03:13 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Malwarebytes
[2010.11.21 02:46:50 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Media Center Programs
[2012.03.24 17:35:12 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Media Player Classic
[2012.03.08 00:50:37 | 000,000,000 | --SD | M] -- C:\Users\Karel\AppData\Roaming\Microsoft
[2012.03.18 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Microsoft Games
[2012.02.10 15:17:27 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mozilla
[2012.01.04 21:48:39 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mumble
[2012.02.06 17:12:47 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Nokia
[2011.12.20 21:45:32 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Opera
[2012.02.06 17:07:24 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\PC Suite
[2011.12.26 19:56:43 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Publish Providers
[2012.02.26 17:11:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\pymclevel
[2012.04.15 10:37:45 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Rovio
[2012.04.18 16:35:30 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Skype
[2012.03.20 00:21:41 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Sony
[2012.03.26 19:58:12 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Stellarium
[2012.02.28 23:07:51 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Subversion
[2012.03.14 20:44:39 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TeamViewer
[2012.03.28 17:31:23 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TortoiseSVN
[2012.04.17 22:22:33 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TS3Client
[2012.01.08 17:44:20 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Ubisoft
[2012.02.07 18:13:57 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\wargaming.net
[2012.03.24 17:35:12 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Winamp

< %APPDATA%\*.exe /s >
[2011.12.23 12:10:19 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Karel\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2012.03.25 13:08:13 | 001,273,568 | ---- | M] (GameRanger Technologies) -- C:\Users\Karel\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2011.12.20 21:58:26 | 000,015,086 | R--- | M] () -- C:\Users\Karel\AppData\Roaming\Microsoft\Installer\{5D87C09F-512F-474A-A306-0FE3B89C396F}\launcher.exe
[2012.03.23 17:22:05 | 000,010,134 | R--- | M] () -- C:\Users\Karel\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.04.17 06:17:15 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.04.17 19:35:53 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.17 06:12:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2012.04.17 23:17:22 | 000,011,376 | ---- | M] () -- C:\Windows\system32\drivers\secdrv.sys

< %systemroot%\system32\*.* /3 >
[2012.04.17 06:10:18 | 000,020,640 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 06:10:18 | 000,020,640 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.17 06:17:14 | 000,000,000 | -HS- | M] () -- C:\Windows\system32\dds_trash_log.cmd
[2012.04.17 23:20:33 | 000,301,272 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 23:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 13:58:52 | 000,495,616 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.03.29 19:58:16 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=5CCC24CD6B75BC7230F7C0FC1C293EC6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.12.22 14:54:14 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.03.30 16:47:24 | 000,949,104 | ---- | M] (Opera Software) MD5=D4C073DB0B506852B35197069A1892C7 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.18 16:28:14 | 000,000,512 | ---- | M] () MD5=279C99AFB4EB6A7E322C73ACABD48679 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.03.28 19:49:20 | 000,000,145 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\aircrack-ng.org.idx
[2012.03.28 19:36:38 | 000,000,108 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\crack0hack.wetpaint.com.idx
[2012.03.28 19:52:19 | 000,000,110 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\download.aircrack-ng.org.idx
[2012.03.28 19:49:20 | 000,000,447 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Faircrack-ng.org%2Flib%2Ftpl%2Fdefault%2Fimages%2Ffavicon.png
[2012.03.28 19:36:38 | 000,000,581 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcrack0hack.wetpaint.com%2Ffavicon.png
[2012.03.28 19:52:19 | 000,001,004 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fdownload.aircrack-ng.org%2Ffavicon.png
[2012.03.20 20:38:28 | 000,001,004 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.aircrack-ng.org%2Fresources%2Ffavicon.png
[2012.03.20 20:38:28 | 000,000,087 | ---- | M] () -- \Documents and Settings\Karel\AppData\Local\Opera\Opera\icons\www.aircrack-ng.org.idx
[2012.03.01 17:42:07 | 000,036,346 | ---- | M] () -- \Program Files\Valve\Garry's Mod\garrysmod\addons\phx2\sound\phx\eggcrack.wav
[2009.02.01 22:30:28 | 000,000,574 | ---- | M] () -- \Program Files\Valve\Garry's Mod\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2009.02.01 22:30:28 | 000,022,064 | ---- | M] () -- \Program Files\Valve\Garry's Mod\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2012.03.28 19:49:20 | 000,000,145 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\aircrack-ng.org.idx
[2012.03.28 19:36:38 | 000,000,108 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\crack0hack.wetpaint.com.idx
[2012.03.28 19:52:19 | 000,000,110 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\download.aircrack-ng.org.idx
[2012.03.28 19:49:20 | 000,000,447 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Faircrack-ng.org%2Flib%2Ftpl%2Fdefault%2Fimages%2Ffavicon.png
[2012.03.28 19:36:38 | 000,000,581 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fcrack0hack.wetpaint.com%2Ffavicon.png
[2012.03.28 19:52:19 | 000,001,004 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fdownload.aircrack-ng.org%2Ffavicon.png
[2012.03.20 20:38:28 | 000,001,004 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.aircrack-ng.org%2Fresources%2Ffavicon.png
[2012.03.20 20:38:28 | 000,000,087 | ---- | M] () -- \Users\Karel\AppData\Local\Opera\Opera\icons\www.aircrack-ng.org.idx
[2012.04.14 14:29:32 | 000,019,044 | ---- | M] () -- \Windows\Prefetch\PRECRACK.EXE-8B5FDBDA.pf

VIRY.CZ

Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit

Re: Blue screen a Rootkit