Avira hlásí vir

Zpráva

#16 Příspěvek od **Márty84** » 25 led 2013 12:27

Hlasi jeste Avira neco?

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

pezetking · #17 Příspěvek od **pezetking** » 25 led 2013 13:47

Avira už sama o sobě nehlásí nic, akorát mi vyskočilo chybové hlášení
C:program files/avira/antivir deskop/ipmgui.exe
Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění.
zde je log z extras:
OTL Extras logfile created on: 25.1.2013 12:48:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 44,05% Memory free
5,73 Gb Paging File | 4,07 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 80,03 Gb Total Space | 10,83 Gb Free Space | 13,53% Space Free | Partition Type: NTFS
Drive D: | 143,09 Gb Total Space | 78,57 Gb Free Space | 54,91% Space Free | Partition Type: NTFS

Computer Name: PETR-NB | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3337024854-4243349412-40047204-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3337024854-4243349412-40047204-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008E9BC8-2A86-47C2-8639-47857080B58A}" = rport=445 | protocol=6 | dir=out | app=system |
"{0117CE08-36CA-4F4D-9A91-776C6003BC18}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BE131F0-151E-4A5C-AAC3-2B73A1C8FEA5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{52C12BE4-2635-492C-82B3-F0C5FB282805}" = lport=137 | protocol=17 | dir=in | app=system |
"{5374A2E3-3A27-43A6-A8FA-DB0809FCBC8F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54346CC6-680C-489C-AE0F-55A6048F582A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{76480804-9EC8-40C9-BC9A-31D0C2C70089}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{836E3C00-4F39-4702-A5CF-EAFA9360BF15}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8C7A6B4A-73FD-429E-B731-D7EA8132B2E7}" = lport=139 | protocol=6 | dir=in | app=system |
"{974CAABC-F1DA-4646-BCEB-D6BFA199EB25}" = rport=139 | protocol=6 | dir=out | app=system |
"{BF87C514-CEF2-4652-9302-BFFA8DE915AE}" = rport=137 | protocol=17 | dir=out | app=system |
"{C7498141-F2D1-47F4-9D30-CAFC12D25165}" = rport=138 | protocol=17 | dir=out | app=system |
"{D76F196B-B3CC-4DD5-9F5C-707D8E51E121}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EABD284E-D0D6-4350-9EF2-73CA700FC912}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EBC319E5-42B2-413E-A765-EFB9F83D0D71}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4BA4E09-21A0-4DD9-B753-8DCDE242C67E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F585F4ED-7FF3-480F-99AA-F79C5F0BDB27}" = lport=445 | protocol=6 | dir=in | app=system |
"{FF3B0226-E473-49FA-B543-A076AF06354C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{091A9E1F-26E9-4ECF-90CE-EFE6654593F3}" = protocol=6 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{0C3CBE0C-CEB3-40A3-B97D-92C8BCD4F774}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{38C19B6A-446D-45D6-A063-EDC7CC8A2B19}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7D758238-AE42-4A7F-BD79-67F40CD6BAA6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{80214E66-60A1-42B8-A433-B66D13174E76}" = protocol=17 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{82275BD1-B8FE-45BC-B1B6-E1010798BDA5}" = protocol=17 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{8BA48BD2-F81C-453D-AE5C-7A954AD30AEE}" = dir=in | app=c:\users\petr\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{939414D4-EBC9-4F3A-AE33-BE3772F1E94E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B511A8F5-2339-43AF-B333-052025EF728C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D2EFD23F-5896-4FD9-A4AA-04CF249830D5}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{D7043001-67FE-4440-B6B6-05885F52A241}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E5982EF0-AF48-4613-AE08-25421BC6FCC9}" = protocol=6 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{E919F381-E9B6-48D1-8468-AAD31B77C3A4}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{476703AF-0A64-411A-85B7-0265F843DB37}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{6330695A-0388-4434-95A5-65CD4EB011DC}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{73F17A99-4199-4D06-B342-ABD3F021A8A2}D:\nová složka\client.bin" = protocol=6 | dir=in | app=d:\nová složka\client.bin |
"TCP Query User{806449A9-088B-4D29-8B65-63E94DFD9FB7}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"TCP Query User{83161507-9AB4-442B-855F-AB019DC95CFD}D:\sindicate\ekura\client.bin" = protocol=6 | dir=in | app=d:\sindicate\ekura\client.bin |
"TCP Query User{9EFA3ED3-83D6-46E3-8BE1-595C2D345C1B}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{F04EE1AA-5B04-432F-AC5E-1A15068181FB}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{34634D9F-3178-4FDC-BE0E-192F6D219EBD}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{83E44869-4DD8-4F9A-8188-B6EE93F94B13}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{8E844744-57F2-43F0-8CD8-2108725373E1}D:\nová složka\client.bin" = protocol=17 | dir=in | app=d:\nová složka\client.bin |
"UDP Query User{971B1C0D-C937-43F8-910A-8DA974D18B51}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{AC80E451-9392-48F4-B7FE-770F64EE0E6C}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{B25F74D5-96D8-4EAE-9A81-67F252A402C1}D:\sindicate\ekura\client.bin" = protocol=17 | dir=in | app=d:\sindicate\ekura\client.bin |
"UDP Query User{B898026D-1070-4D8C-965D-E2B17C5BE00D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{27C9470C-2077-F4AD-8921-9504D1B9BC83}" = Catalyst Control Center Graphics Light
"{3066F7B1-5918-4E18-292B-1153283E2CC3}" = ATI Catalyst Install Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{73B5C7D2-30E4-5522-52BC-89677DFD8E32}" = Catalyst Control Center InstallProxy
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79866648-18CB-4C93-F124-31AFE54F9A9D}" = Catalyst Control Center Core Implementation
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{802F0F4E-A0A5-4E4D-9D7B-1933913EF7B6}" = Catalyst Control Center - Branding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF806C4-2D77-4F67-8435-D4BDCEB665A8}_is1" = Governor of Poker 2 Premium Edition v1.0 Multi
"{90C26DA5-6780-0E5F-BC97-CAA7B5727E86}" = Catalyst Control Center Graphics Full Existing
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C08A4D67-6837-5097-CC0C-B5DFD60630B9}" = ccc-core-static
"{C34686CD-A03B-1B48-8085-341CD632C0BC}" = Catalyst Control Center Graphics Full New
"{CD4D90B4-CC18-C176-B261-8BA8D5F644AB}" = CCC Help Czech
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.57.409
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam
"{E6DB139F-DE64-4F3A-AFBD-5ABF7E434F12}" = AMD USB Audio Driver Filter
"{E7E36B90-24D7-E382-CEFB-6F293A2302F6}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3E29994-EE0A-C417-7FDE-902B1D722460}" = Catalyst Control Center Localization Czech
"{F420F5B3-677A-779E-AEEC-81A00ED373FE}" = ccc-utility
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"FL Studio 10" = FL Studio 10
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"IL Download Manager" = IL Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 18.0.1 (x86 cs)" = Mozilla Firefox 18.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 11.60.1185" = Opera 11.60
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Scorpions WinCheater 2.07 (s databází 136)_is1" = Scorpions WinCheater
"SpeedFan" = SpeedFan (remove only)
"Star Defender 2_is1" = Star Defender 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"XMind" = XMind
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23.1.2013 16:47:09 | Computer Name = Petr-NB | Source = VSS | ID = 12289
Description =

Error - 23.1.2013 16:47:26 | Computer Name = Petr-NB | Source = VSS | ID = 12289
Description =

Error - 24.1.2013 2:42:44 | Computer Name = Petr-NB | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.1.2013 6:34:00 | Computer Name = Petr-NB | Source = Application Error | ID = 1000
Description = Chybující aplikace 7245791239.exe, verze 4.4.65.421, časové razítko
0x51010af3, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x00000000, ID procesu 0x1204, čas spuštění aplikace
0x01cdfa1e51e8e080.

Error - 24.1.2013 6:34:10 | Computer Name = Petr-NB | Source = Application Error | ID = 1000
Description = Chybující aplikace 6857149834.exe, verze 4.4.65.421, časové razítko
0x51010af3, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x00000000, ID procesu 0xcec, čas spuštění aplikace
0x01cdfa1e588e9920.

Error - 24.1.2013 6:48:59 | Computer Name = Petr-NB | Source = EventSystem | ID = 4621
Description =

Error - 24.1.2013 6:51:15 | Computer Name = Petr-NB | Source = EventSystem | ID = 4609
Description =

Error - 24.1.2013 7:51:04 | Computer Name = Petr-NB | Source = Application Error | ID = 1000
Description = Chybující aplikace ~msiexec.exe, verze 5.2.3668.0, časové razítko
0x4f5787d6, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód
výjimky 0xc0000005, posun chyby 0x00000000, ID procesu 0x638, čas spuštění aplikace
0x01cdfa291437da8c.

Error - 24.1.2013 14:07:18 | Computer Name = Petr-NB | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.1.2013 14:14:24 | Computer Name = Petr-NB | Source = Application Hang | ID = 1002
Description = Program RSIT.exe verze 3.3.6.1 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů. ID procesu:
c60 Čas zahájení: 01cdfa5dec4264a0 Čas ukončení: 9

[ System Events ]
Error - 25.1.2013 5:44:09 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7034
Description =

Error - 25.1.2013 5:44:09 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7031
Description =

Error - 25.1.2013 5:44:10 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7034
Description =

Error - 25.1.2013 5:44:10 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7031
Description =

Error - 25.1.2013 5:44:33 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7031
Description =

Error - 25.1.2013 5:47:57 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7030
Description =

Error - 25.1.2013 5:52:39 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7030
Description =

Error - 25.1.2013 5:52:50 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7030
Description =

Error - 25.1.2013 5:54:39 | Computer Name = Petr-NB | Source = HTTP | ID = 15016
Description =

Error - 25.1.2013 5:55:43 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7000
Description =

< End of report >

pezetking · #18 Příspěvek od **pezetking** » 25 led 2013 13:48

a zde je log z OTL
OTL Extras logfile created on: 25.1.2013 12:48:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 44,05% Memory free
5,73 Gb Paging File | 4,07 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 80,03 Gb Total Space | 10,83 Gb Free Space | 13,53% Space Free | Partition Type: NTFS
Drive D: | 143,09 Gb Total Space | 78,57 Gb Free Space | 54,91% Space Free | Partition Type: NTFS

Computer Name: PETR-NB | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3337024854-4243349412-40047204-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3337024854-4243349412-40047204-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008E9BC8-2A86-47C2-8639-47857080B58A}" = rport=445 | protocol=6 | dir=out | app=system |
"{0117CE08-36CA-4F4D-9A91-776C6003BC18}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BE131F0-151E-4A5C-AAC3-2B73A1C8FEA5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{52C12BE4-2635-492C-82B3-F0C5FB282805}" = lport=137 | protocol=17 | dir=in | app=system |
"{5374A2E3-3A27-43A6-A8FA-DB0809FCBC8F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54346CC6-680C-489C-AE0F-55A6048F582A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{76480804-9EC8-40C9-BC9A-31D0C2C70089}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{836E3C00-4F39-4702-A5CF-EAFA9360BF15}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8C7A6B4A-73FD-429E-B731-D7EA8132B2E7}" = lport=139 | protocol=6 | dir=in | app=system |
"{974CAABC-F1DA-4646-BCEB-D6BFA199EB25}" = rport=139 | protocol=6 | dir=out | app=system |
"{BF87C514-CEF2-4652-9302-BFFA8DE915AE}" = rport=137 | protocol=17 | dir=out | app=system |
"{C7498141-F2D1-47F4-9D30-CAFC12D25165}" = rport=138 | protocol=17 | dir=out | app=system |
"{D76F196B-B3CC-4DD5-9F5C-707D8E51E121}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EABD284E-D0D6-4350-9EF2-73CA700FC912}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EBC319E5-42B2-413E-A765-EFB9F83D0D71}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4BA4E09-21A0-4DD9-B753-8DCDE242C67E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F585F4ED-7FF3-480F-99AA-F79C5F0BDB27}" = lport=445 | protocol=6 | dir=in | app=system |
"{FF3B0226-E473-49FA-B543-A076AF06354C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{091A9E1F-26E9-4ECF-90CE-EFE6654593F3}" = protocol=6 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{0C3CBE0C-CEB3-40A3-B97D-92C8BCD4F774}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{38C19B6A-446D-45D6-A063-EDC7CC8A2B19}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7D758238-AE42-4A7F-BD79-67F40CD6BAA6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{80214E66-60A1-42B8-A433-B66D13174E76}" = protocol=17 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{82275BD1-B8FE-45BC-B1B6-E1010798BDA5}" = protocol=17 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{8BA48BD2-F81C-453D-AE5C-7A954AD30AEE}" = dir=in | app=c:\users\petr\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{939414D4-EBC9-4F3A-AE33-BE3772F1E94E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B511A8F5-2339-43AF-B333-052025EF728C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D2EFD23F-5896-4FD9-A4AA-04CF249830D5}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{D7043001-67FE-4440-B6B6-05885F52A241}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E5982EF0-AF48-4613-AE08-25421BC6FCC9}" = protocol=6 | dir=in | app=d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{E919F381-E9B6-48D1-8468-AAD31B77C3A4}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{476703AF-0A64-411A-85B7-0265F843DB37}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{6330695A-0388-4434-95A5-65CD4EB011DC}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{73F17A99-4199-4D06-B342-ABD3F021A8A2}D:\nová složka\client.bin" = protocol=6 | dir=in | app=d:\nová složka\client.bin |
"TCP Query User{806449A9-088B-4D29-8B65-63E94DFD9FB7}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"TCP Query User{83161507-9AB4-442B-855F-AB019DC95CFD}D:\sindicate\ekura\client.bin" = protocol=6 | dir=in | app=d:\sindicate\ekura\client.bin |
"TCP Query User{9EFA3ED3-83D6-46E3-8BE1-595C2D345C1B}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{F04EE1AA-5B04-432F-AC5E-1A15068181FB}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{34634D9F-3178-4FDC-BE0E-192F6D219EBD}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{83E44869-4DD8-4F9A-8188-B6EE93F94B13}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{8E844744-57F2-43F0-8CD8-2108725373E1}D:\nová složka\client.bin" = protocol=17 | dir=in | app=d:\nová složka\client.bin |
"UDP Query User{971B1C0D-C937-43F8-910A-8DA974D18B51}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{AC80E451-9392-48F4-B7FE-770F64EE0E6C}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{B25F74D5-96D8-4EAE-9A81-67F252A402C1}D:\sindicate\ekura\client.bin" = protocol=17 | dir=in | app=d:\sindicate\ekura\client.bin |
"UDP Query User{B898026D-1070-4D8C-965D-E2B17C5BE00D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{27C9470C-2077-F4AD-8921-9504D1B9BC83}" = Catalyst Control Center Graphics Light
"{3066F7B1-5918-4E18-292B-1153283E2CC3}" = ATI Catalyst Install Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{73B5C7D2-30E4-5522-52BC-89677DFD8E32}" = Catalyst Control Center InstallProxy
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79866648-18CB-4C93-F124-31AFE54F9A9D}" = Catalyst Control Center Core Implementation
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{802F0F4E-A0A5-4E4D-9D7B-1933913EF7B6}" = Catalyst Control Center - Branding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF806C4-2D77-4F67-8435-D4BDCEB665A8}_is1" = Governor of Poker 2 Premium Edition v1.0 Multi
"{90C26DA5-6780-0E5F-BC97-CAA7B5727E86}" = Catalyst Control Center Graphics Full Existing
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C08A4D67-6837-5097-CC0C-B5DFD60630B9}" = ccc-core-static
"{C34686CD-A03B-1B48-8085-341CD632C0BC}" = Catalyst Control Center Graphics Full New
"{CD4D90B4-CC18-C176-B261-8BA8D5F644AB}" = CCC Help Czech
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.57.409
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam
"{E6DB139F-DE64-4F3A-AFBD-5ABF7E434F12}" = AMD USB Audio Driver Filter
"{E7E36B90-24D7-E382-CEFB-6F293A2302F6}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3E29994-EE0A-C417-7FDE-902B1D722460}" = Catalyst Control Center Localization Czech
"{F420F5B3-677A-779E-AEEC-81A00ED373FE}" = ccc-utility
"{F530581E-12FE-43B4-A28D-E5257AAD63E6}" = O&O Defrag Professional
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"FL Studio 10" = FL Studio 10
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"IL Download Manager" = IL Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 18.0.1 (x86 cs)" = Mozilla Firefox 18.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 11.60.1185" = Opera 11.60
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Scorpions WinCheater 2.07 (s databází 136)_is1" = Scorpions WinCheater
"SpeedFan" = SpeedFan (remove only)
"Star Defender 2_is1" = Star Defender 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"XMind" = XMind
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23.1.2013 16:47:09 | Computer Name = Petr-NB | Source = VSS | ID = 12289
Description =

Error - 23.1.2013 16:47:26 | Computer Name = Petr-NB | Source = VSS | ID = 12289
Description =

Error - 24.1.2013 2:42:44 | Computer Name = Petr-NB | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.1.2013 6:34:00 | Computer Name = Petr-NB | Source = Application Error | ID = 1000
Description = Chybující aplikace 7245791239.exe, verze 4.4.65.421, časové razítko
0x51010af3, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x00000000, ID procesu 0x1204, čas spuštění aplikace
0x01cdfa1e51e8e080.

Error - 24.1.2013 6:34:10 | Computer Name = Petr-NB | Source = Application Error | ID = 1000
Description = Chybující aplikace 6857149834.exe, verze 4.4.65.421, časové razítko
0x51010af3, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x00000000, ID procesu 0xcec, čas spuštění aplikace
0x01cdfa1e588e9920.

Error - 24.1.2013 6:48:59 | Computer Name = Petr-NB | Source = EventSystem | ID = 4621
Description =

Error - 24.1.2013 6:51:15 | Computer Name = Petr-NB | Source = EventSystem | ID = 4609
Description =

Error - 24.1.2013 7:51:04 | Computer Name = Petr-NB | Source = Application Error | ID = 1000
Description = Chybující aplikace ~msiexec.exe, verze 5.2.3668.0, časové razítko
0x4f5787d6, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód
výjimky 0xc0000005, posun chyby 0x00000000, ID procesu 0x638, čas spuštění aplikace
0x01cdfa291437da8c.

Error - 24.1.2013 14:07:18 | Computer Name = Petr-NB | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.1.2013 14:14:24 | Computer Name = Petr-NB | Source = Application Hang | ID = 1002
Description = Program RSIT.exe verze 3.3.6.1 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů. ID procesu:
c60 Čas zahájení: 01cdfa5dec4264a0 Čas ukončení: 9

[ System Events ]
Error - 25.1.2013 5:44:09 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7034
Description =

Error - 25.1.2013 5:44:09 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7031
Description =

Error - 25.1.2013 5:44:10 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7034
Description =

Error - 25.1.2013 5:44:10 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7031
Description =

Error - 25.1.2013 5:44:33 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7031
Description =

Error - 25.1.2013 5:47:57 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7030
Description =

Error - 25.1.2013 5:52:39 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7030
Description =

Error - 25.1.2013 5:52:50 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7030
Description =

Error - 25.1.2013 5:54:39 | Computer Name = Petr-NB | Source = HTTP | ID = 15016
Description =

Error - 25.1.2013 5:55:43 | Computer Name = Petr-NB | Source = Service Control Manager | ID = 7000
Description =

< End of report >

#19 Příspěvek od **Márty84** » 25 led 2013 20:25

Problem s Avirou by mel po restartu zmizet.

Dal jste sem dva stejne logy, oba jsou extras. Potrebuju videt i ten druhy, s nazvem OTL.txt

pezetking · #20 Příspěvek od **pezetking** » 25 led 2013 20:34

Zde je z OTL
OTL logfile created on: 25.1.2013 12:48:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,75 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 44,05% Memory free
5,73 Gb Paging File | 4,07 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 80,03 Gb Total Space | 10,83 Gb Free Space | 13,53% Space Free | Partition Type: NTFS
Drive D: | 143,09 Gb Total Space | 78,57 Gb Free Space | 54,91% Space Free | Partition Type: NTFS

Computer Name: PETR-NB | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.01.25 12:46:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
PRC - [2013.01.18 09:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.12.31 11:01:12 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012.12.04 15:36:48 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.11.21 19:00:02 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.12.14 23:27:08 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.01.17 16:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 16:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.04.08 01:40:52 | 001,377,536 | ---- | M] (O&O Software GmbH) -- C:\Windows\System32\oodag.exe
PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.05.24 11:05:15 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007.10.23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

========== Modules (No Company Name) ==========

MOD - [2013.01.18 09:07:02 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll
MOD - [2013.01.18 09:07:01 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
MOD - [2013.01.18 09:06:15 | 000,597,968 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\libglesv2.dll
MOD - [2013.01.18 09:06:15 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\libegl.dll
MOD - [2013.01.18 09:06:13 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll
MOD - [2013.01.09 18:13:21 | 014,586,888 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2011.12.18 20:05:33 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.12.16 10:20:26 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.12.14 23:27:09 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2011.12.14 23:27:09 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2011.12.14 23:27:09 | 000,275,968 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2011.12.14 23:27:09 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2011.12.14 23:27:09 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2011.12.14 23:27:09 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2011.12.14 23:27:09 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2011.12.14 23:27:09 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2011.12.14 23:27:09 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2011.12.14 23:27:09 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2011.12.14 23:27:09 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2011.12.14 23:27:09 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011.12.14 23:27:09 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2011.12.14 22:21:03 | 000,008,704 | ---- | M] () -- C:\Users\Petr\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll
MOD - [2011.12.14 22:21:03 | 000,007,680 | ---- | M] () -- C:\Users\Petr\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll
MOD - [2011.12.14 22:21:03 | 000,006,144 | ---- | M] () -- C:\Users\Petr\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll
MOD - [2011.12.14 21:30:02 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.09.15 23:24:37 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.10.23 10:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2007.06.04 10:30:00 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.05.22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - [2013.01.20 22:07:47 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.04.08 01:40:52 | 001,377,536 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Windows\System32\oodag.exe -- (O&O Defrag)
SRV - [2008.05.24 11:00:18 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Petr\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012.11.27 10:01:26 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.11.22 15:51:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.11.22 15:50:53 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.10.30 23:51:58 | 000,199,320 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012.10.30 23:51:56 | 000,106,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012.10.30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012.09.21 10:26:08 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.12.14 21:30:03 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2011.12.14 21:30:01 | 003,844,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.12.14 20:46:53 | 001,309,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athw.sys -- (AR5416)
DRV - [2011.03.18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2009.12.17 13:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.03.19 18:28:52 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2006.08.04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Petr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.20 22:07:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.20 22:07:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.20 22:07:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.20 22:07:35 | 000,000,000 | ---D | M]

[2012.01.23 16:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions
[2012.10.23 17:35:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maqgd432.default\extensions
[2013.01.20 22:07:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.01.20 22:07:48 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.21 07:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 07:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 07:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 07:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 07:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Facebook Video Calling Plugin (Disabled) = C:\Users\Petr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

O1 HOSTS File: ([2013.01.25 11:57:32 | 000,000,019 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{899F93F5-7A00-4C7C-9533-03497C8CFAB4}: DhcpNameServer = 178.77.254.254 77.48.100.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98DD7FD5-FC9E-491D-A360-EF935598DD82}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Petr\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Petr\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.01.25 12:46:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2013.01.25 11:13:07 | 000,000,000 | ---D | C] -- C:\Users\Petr\Desktop\RK_Quarantine
[2013.01.25 10:59:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.25 10:59:15 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\temp
[2013.01.25 10:55:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.25 10:42:33 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.01.24 20:12:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.24 20:12:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.24 20:12:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.24 20:11:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.24 20:11:34 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.24 20:10:51 | 005,026,656 | R--- | C] (Swearware) -- C:\Users\Petr\Desktop\ComboFix.exe
[2013.01.24 12:50:54 | 000,000,000 | ---D | C] -- C:\Temp
[2013.01.21 21:30:55 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2013.01.21 21:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.21 21:30:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.21 21:30:23 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.21 21:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.21 21:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.21 21:24:43 | 000,000,000 | ---D | C] -- C:\rsit
[2013.01.20 22:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.01.16 23:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2013.01.16 15:10:31 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013.01.16 15:10:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013.01.16 15:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013.01.16 10:00:03 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.16 10:00:03 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.16 10:00:03 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.16 09:59:08 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.01.15 19:17:35 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Avira
[2013.01.15 19:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.01.15 19:15:57 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.01.15 19:15:55 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.01.15 19:15:55 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.01.15 19:15:55 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.01.15 19:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.01.15 19:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.01.15 14:36:55 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2013.01.15 14:36:53 | 000,000,000 | ---D | C] -- C:\totalcmd
[2013.01.15 14:36:53 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2013.01.14 18:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2013.01.14 18:25:04 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-SHOC
[2013.01.13 10:10:27 | 001,203,712 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2013.01.12 20:25:32 | 000,108,144 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013.01.12 20:16:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2013.01.12 20:16:12 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2013.01.12 20:16:12 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2013.01.12 20:15:57 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2013.01.12 20:15:56 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2013.01.12 20:15:54 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2013.01.12 20:15:52 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2013.01.12 20:15:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2013.01.12 20:15:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2013.01.12 20:15:44 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2013.01.12 20:15:41 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2013.01.11 15:42:16 | 000,000,000 | ---D | C] -- C:\Games
[2013.01.10 21:11:17 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2013.01.10 15:35:47 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2013.01.10 15:35:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2013.01.10 15:35:34 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2013.01.10 15:35:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2013.01.10 15:35:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2013.01.10 15:35:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2013.01.10 15:35:32 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2013.01.10 15:35:32 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2013.01.10 15:35:31 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013.01.10 15:35:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013.01.10 15:35:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013.01.10 15:35:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013.01.10 15:35:30 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2013.01.10 15:35:29 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013.01.10 15:35:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2013.01.10 15:35:28 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2013.01.10 15:35:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.01.10 15:35:27 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013.01.10 15:35:26 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013.01.10 15:35:17 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2013.01.10 15:35:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2013.01.10 15:35:16 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013.01.10 15:35:15 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013.01.10 15:35:15 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013.01.10 15:35:15 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2013.01.10 15:35:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2013.01.10 15:34:52 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.01.10 15:34:52 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013.01.10 15:34:50 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.01.10 15:34:49 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013.01.10 15:34:49 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013.01.10 15:34:48 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013.01.10 15:34:48 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013.01.10 15:34:47 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013.01.10 15:34:47 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013.01.10 15:34:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013.01.10 15:34:45 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.01.10 15:34:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.01.10 15:34:43 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.01.10 15:34:42 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013.01.10 15:34:41 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013.01.10 15:34:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013.01.10 15:34:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013.01.10 15:33:58 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013.01.10 15:33:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013.01.10 15:33:54 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013.01.10 15:33:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013.01.10 15:33:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013.01.10 15:33:51 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013.01.10 15:33:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013.01.10 15:33:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013.01.10 15:33:49 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013.01.10 15:33:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013.01.10 15:33:47 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013.01.10 15:33:47 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013.01.10 15:33:46 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013.01.10 15:33:45 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013.01.10 15:33:44 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013.01.10 15:33:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013.01.10 15:33:43 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013.01.10 15:33:42 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2013.01.10 15:33:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2013.01.10 15:33:42 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2013.01.10 15:33:42 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013.01.10 15:33:41 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2013.01.10 15:33:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2013.01.10 15:33:39 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2013.01.10 15:33:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2013.01.10 15:33:38 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2013.01.10 15:33:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2013.01.10 15:33:36 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2013.01.10 15:33:35 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2013.01.10 15:33:33 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013.01.10 15:33:32 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2013.01.10 15:33:32 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2013.01.10 15:33:32 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2013.01.10 15:33:30 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2013.01.10 15:33:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2013.01.10 15:33:30 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2013.01.10 15:31:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012.12.26 18:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

========== Files - Modified Within 30 Days ==========

[2013.01.25 12:54:36 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.25 12:54:36 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.25 12:51:47 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.25 12:46:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2013.01.25 11:57:32 | 000,000,019 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.01.25 11:12:14 | 000,768,512 | ---- | M] () -- C:\Users\Petr\Desktop\RogueKiller.exe
[2013.01.25 10:54:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.25 10:54:01 | 001,165,901 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2013.01.24 20:11:10 | 005,026,656 | R--- | M] (Swearware) -- C:\Users\Petr\Desktop\ComboFix.exe
[2013.01.24 19:59:19 | 000,607,470 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.01.24 19:59:19 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.24 19:59:19 | 000,118,118 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.01.24 19:59:19 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.21 21:30:26 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.21 21:17:54 | 000,255,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.21 17:05:09 | 000,000,195 | ---- | M] () -- C:\Users\Petr\Documents\heslo.rtf
[2013.01.16 23:55:47 | 000,000,717 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.01.16 17:49:24 | 000,025,562 | ---- | M] () -- C:\Users\Petr\Documents\vysvědčení + průměry.pdf
[2013.01.16 15:10:30 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2013.01.16 14:48:28 | 000,001,356 | ---- | M] () -- C:\Users\Petr\AppData\Local\d3d9caps.dat
[2013.01.16 10:41:00 | 000,035,080 | ---- | M] () -- C:\Users\Petr\Documents\záložky_16.1.13.html
[2013.01.14 18:47:51 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
[2013.01.12 20:25:32 | 000,108,144 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013.01.12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.01.12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.09 18:13:22 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.09 18:13:22 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.03 20:23:11 | 000,005,349 | ---- | M] () -- C:\Users\Petr\.recently-used.xbel
[2012.12.26 18:20:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

========== Files Created - No Company Name ==========

[2013.01.25 12:51:47 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.25 11:12:12 | 000,768,512 | ---- | C] () -- C:\Users\Petr\Desktop\RogueKiller.exe
[2013.01.24 20:12:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.24 20:12:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.24 20:12:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.24 20:12:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.24 20:12:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.21 21:30:26 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.21 17:05:09 | 000,000,195 | ---- | C] () -- C:\Users\Petr\Documents\heslo.rtf
[2013.01.16 23:55:47 | 000,000,717 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.01.16 17:49:22 | 000,025,562 | ---- | C] () -- C:\Users\Petr\Documents\vysvědčení + průměry.pdf
[2013.01.16 15:10:09 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2013.01.16 10:41:00 | 000,035,080 | ---- | C] () -- C:\Users\Petr\Documents\záložky_16.1.13.html
[2013.01.14 18:47:51 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
[2013.01.03 20:23:11 | 000,005,349 | ---- | C] () -- C:\Users\Petr\.recently-used.xbel
[2012.07.11 16:34:44 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.12.16 10:31:47 | 000,060,928 | ---- | C] () -- C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.15 00:07:01 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011.12.15 00:00:23 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.12.15 00:00:23 | 000,105,984 | ---- | C] () -- C:\Windows\FixUVC.exe
[2011.12.15 00:00:23 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini
[2011.12.14 23:27:21 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.12.14 22:26:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.14 21:32:24 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.12.14 21:32:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.12.14 19:30:36 | 000,001,356 | ---- | C] () -- C:\Users\Petr\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.05.24 11:03:30 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.12.22 20:26:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Awem
[2012.07.11 19:03:52 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canneverbe Limited
[2013.01.15 14:36:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2013.01.03 20:23:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\gtk-2.0
[2012.09.16 19:11:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ICQ
[2011.12.18 20:46:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\OpenOffice.org
[2012.12.02 19:56:13 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Opera
[2012.04.22 20:28:42 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Systweak
[2013.01.10 21:11:17 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2012.02.29 18:43:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\YoudaGames
[2012.01.29 08:22:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ZiggyTV
[2012.09.09 12:55:37 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,612 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2008.05.24 10:52:58 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\erdnt\cache\AGP440.sys
[2008.05.24 10:52:58 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.05.24 10:52:58 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.05.24 10:52:58 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2011.12.14 22:17:00 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Users\Petr\Desktop\Ovladače Acer Aspire 5535\AHCI_ATI_3.1.1540.64_Vistax86x64\AHCI_ATI_3.1.1540.64_Vistax86x64\LH\ahcix86s.sys
[2011.12.14 21:30:03 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Users\Petr\Desktop\Ovladače Acer Aspire 5535\VGA_ATI_8.511_Vistax86x64\VGA_ATI_8.511_Vistax86x64\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2008.05.24 10:52:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\erdnt\cache\atapi.sys
[2008.05.24 10:52:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.05.24 10:52:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.05.24 10:52:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.05.24 11:09:18 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\System32\autochk.exe
[2008.05.24 11:09:18 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

pezetking · #21 Příspěvek od **pezetking** » 25 led 2013 20:35

< MD5 for: CDROM.SYS >
[2008.05.24 10:53:21 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008.05.24 10:53:21 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.05.24 10:53:21 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\erdnt\cache\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.05.24 11:07:53 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\erdnt\cache\cryptsvc.dll
[2008.05.24 11:07:53 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\System32\cryptsvc.dll
[2008.05.24 11:07:53 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\erdnt\cache\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.05.24 11:06:44 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2008.05.24 10:53:01 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.05.24 10:58:45 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.05.24 10:58:45 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.05.24 10:58:45 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.05.24 10:52:59 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.05.24 10:52:59 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.05.24 10:52:59 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 10:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\erdnt\cache\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\System32\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.05.24 11:05:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.05.24 11:05:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2006.11.02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.05.24 11:02:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\erdnt\cache\ndis.sys
[2008.05.24 11:02:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys
[2008.05.24 11:02:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008.05.24 11:03:50 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\erdnt\cache\netlogon.dll
[2008.05.24 11:03:50 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.05.24 11:03:50 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.05.24 10:58:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.05.24 10:58:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.05.24 10:58:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.05.24 10:58:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.05.24 10:58:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.05.24 10:58:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.05.24 11:10:02 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\erdnt\cache\scecli.dll
[2008.05.24 11:10:02 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.05.24 11:10:02 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.05.24 11:02:18 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\System32\smss.exe
[2008.05.24 11:02:18 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2006.11.02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.05.24 11:01:41 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008.05.24 11:01:41 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.05.24 11:01:41 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\erdnt\cache\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.05.24 11:11:38 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.05.24 11:09:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008.05.24 11:09:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.05.24 11:09:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.05.24 11:09:55 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\erdnt\cache\winlogon.exe
[2008.05.24 11:09:55 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.05.24 11:09:55 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.05.24 11:09:46 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\erdnt\cache\ws2_32.dll
[2008.05.24 11:09:46 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.05.24 11:09:46 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.12.14 23:45:21 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Adobe
[2011.12.14 22:33:09 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ATI
[2013.01.15 19:17:35 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Avira
[2011.12.22 20:26:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Awem
[2012.07.11 19:03:52 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canneverbe Limited
[2012.01.29 08:18:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\FastStone
[2013.01.15 14:36:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2012.01.25 08:10:36 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GRETECH
[2013.01.03 20:23:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\gtk-2.0
[2012.09.16 19:11:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ICQ
[2011.12.14 19:30:42 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Identities
[2011.12.14 23:58:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\InstallShield
[2011.12.14 23:19:58 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Macromedia
[2013.01.21 21:30:55 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Media Center Programs
[2012.11.03 14:31:28 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Media Player Classic
[2013.01.21 17:15:30 | 000,000,000 | --SD | M] -- C:\Users\Petr\AppData\Roaming\Microsoft
[2012.01.23 16:51:46 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Mozilla
[2011.12.18 20:46:07 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\OpenOffice.org
[2012.12.02 19:56:13 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Opera
[2012.04.22 20:28:42 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Systweak
[2013.01.10 21:11:17 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Wargaming.net
[2011.12.14 23:38:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\WinRAR
[2012.02.29 18:43:25 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\YoudaGames
[2012.01.29 08:22:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ZiggyTV
[2012.09.09 12:55:37 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2007.03.22 11:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.12.14 21:33:11 | 000,010,134 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{73B5C7D2-30E4-5522-52BC-89677DFD8E32}\ARPPRODUCTICON.exe
[2011.12.14 21:37:21 | 000,010,134 | R--- | M] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Installer\{A02153E8-8DF8-42E6-B7BF-D88EEA33565F}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.25 12:54:36 | 000,003,760 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.25 12:54:36 | 000,003,760 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.25 10:54:01 | 001,165,901 | ---- | M] () -- C:\Windows\system32\oodbs.lor
[2013.01.24 19:59:19 | 000,118,118 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.01.24 19:59:19 | 000,104,070 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.01.24 19:59:19 | 000,607,470 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.01.24 19:59:19 | 000,595,996 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.01.24 19:59:19 | 001,418,258 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.05.24 10:59:49 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.05.24 11:12:50 | 000,125,952 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.25 12:51:47 | 000,000,512 | ---- | M] () MD5=1A417ED8C180CE28D9B46810CC2E09C4 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.10.04 21:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch

< *keygen* /s >

< *loader* /s >
[2013.01.09 18:20:26 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2013.01.09 18:20:26 | 000,003,668 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013.01.09 18:20:26 | 000,005,363 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\tutorialloader.pyc
[2012.11.22 15:47:51 | 000,052,512 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2012.11.23 19:59:23 | 000,232,224 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2012.12.03 09:45:50 | 001,713,952 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011.01.17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.12.18 20:05:26 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 17:00:08 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.12.18 20:05:38 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2009.06.27 19:44:30 | 000,163,840 | ---- | M] () -- \Program Files\traktor\PhysXLoader.dll
[2009.09.22 20:20:34 | 000,072,871 | ---- | M] () -- \Program Files\traktor\data\vehicles\store_zetor7745Frontloader.png
[2009.09.22 20:20:32 | 000,062,357 | ---- | M] () -- \Program Files\traktor\data\vehicles\store_zetorForterraFrontloader.png
[2009.06.27 19:43:52 | 001,574,510 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\fendt\fendt614_frontloader.i3d
[2009.06.27 19:43:52 | 000,005,013 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\fendt\fendt614_frontloader.xml
[2009.09.22 20:28:40 | 000,174,904 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\fendt\frontloader_diffuse.dds
[2009.09.22 20:20:32 | 001,930,540 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\zetor\zetor7745Frontloader.i3d
[2009.09.22 20:20:32 | 000,004,710 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\zetor\zetor7745Frontloader.xml
[2009.09.22 20:20:32 | 003,304,593 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\zetor\zetorForterraFrontloader.i3d
[2009.09.22 20:20:32 | 000,005,773 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\zetor\zetorForterraFrontloader.xml
[2009.09.22 20:31:02 | 000,174,904 | ---- | M] () -- \Program Files\traktor\data\vehicles\steerable\zetor\zetorForterraFrontloader_diffuse.dds
[2009.06.27 19:39:30 | 000,077,314 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderBalefork.i3d
[2009.06.27 19:39:30 | 000,000,661 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderBalefork.xml
[2009.09.22 20:29:40 | 000,043,832 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderBalefork_diffuse.dds
[2009.06.27 19:39:30 | 000,071,544 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderPalletfork.i3d
[2009.06.27 19:39:30 | 000,000,662 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderPalletfork.xml
[2009.09.22 20:29:40 | 000,087,528 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderPalletfork_diffuse.dds
[2009.06.27 19:39:30 | 000,066,726 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderShovel.i3d
[2009.06.27 19:39:30 | 000,000,646 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderShovel.xml
[2009.09.22 20:29:40 | 000,087,528 | ---- | M] () -- \Program Files\traktor\data\vehicles\tools\frontloaderShovel_diffuse.dds
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2008.05.24 11:01:02 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.10.04 09:12:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.05.24 11:41:54 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.05.24 11:41:54 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.05.24 11:41:54 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.12.14 21:20:56 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.12.14 21:20:56 | 000,988,216 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winload.exe_75835076
[2011.12.14 21:20:56 | 000,927,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winresume.exe_85cd1215
[2008.05.24 11:35:24 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.05.24 11:35:24 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.02.29 08:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.02.29 08:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.02.29 11:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.02.29 11:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.02.29 11:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.02.29 09:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.02.29 11:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.02.29 08:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.02.29 08:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.02.29 10:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.02.29 11:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.02.29 11:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.02.29 08:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.02.29 10:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.05.24 10:42:16 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.02.29 08:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.02.29 08:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.05.24 10:35:41 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.02.29 09:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.02.29 08:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.05.24 10:28:29 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.05.24 11:01:02 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.01.09 18:20:26 | 000,003,206 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\gui_items\serializers.pyc
[2003.10.09 06:11:48 | 000,000,216 | ---- | M] () -- \Program Files\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2012.03.29 06:01:00 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012.12.08 03:03:37 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2008.05.24 11:13:46 | 000,929,792 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008.05.24 11:15:53 | 000,086,016 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2008.05.24 11:16:09 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.27 19:03:15 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2008.05.24 11:15:57 | 000,086,016 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2008.05.24 11:14:09 | 000,929,792 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.12.14 22:36:22 | 002,279,424 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\04c14f26d160cf43714a83612cf92605\System.Runtime.Serialization.ni.dll
[2011.12.16 10:37:48 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1a579c752242a5cb70ca9e83f9eb2e1f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.12.16 10:38:22 | 002,279,424 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1f77d524a20c18ff16101f34ae0044ce\System.Runtime.Serialization.ni.dll
[2011.12.14 22:30:42 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b404ce9f79efc15f7cb09da0881adeb9\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.12.21 10:27:13 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a31a4045963913a3228777af311f4428\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.12.21 10:26:56 | 002,637,312 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ce480f313eb8be9a3a4dd6d7902325\System.Runtime.Serialization.ni.dll
[2011.12.21 06:45:59 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.12.21 06:39:50 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.21 06:45:58 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2011.12.21 06:39:46 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.27 19:03:15 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.05.24 11:17:01 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.05.24 11:14:05 | 000,929,792 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.08.14 06:23:06 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_ar-sa_062cd4148a85caca.manifest
[2008.08.14 06:44:00 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_da-dk_8df01254e4b5ff11.manifest
[2008.08.14 06:38:29 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_el-gr_bb1a40b502d4b129.manifest
[2008.08.14 06:45:55 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_fi-fi_e8e36231207e4cd3.manifest
[2008.08.14 06:46:11 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_he-il_4394a0df5c79f35d.manifest
[2008.08.14 06:23:10 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_hu-hu_4343544d5cb4871f.manifest
[2008.08.14 06:43:50 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_nb-no_53f2377410342ec8.manifest
[2008.08.14 06:47:58 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_nl-nl_541caa1c1012d85b.manifest
[2008.08.14 06:35:14 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_pl-pl_aef257d04bf29347.manifest
[2008.08.14 06:42:54 | 000,002,590 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_pt-pt_aea3dac04c2c3d87.manifest
[2008.08.14 06:43:12 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_sv-se_37888eb6a5806578.manifest
[2008.08.14 06:37:31 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_tr-tr_6462d56cc3dd48cf.manifest
[2008.08.14 06:19:31 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_ar-sa_ef64bd28a42842ff.manifest
[2008.08.14 06:31:30 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_da-dk_7727fb68fe587746.manifest
[2008.08.14 06:23:17 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_el-gr_a45229c91c77295e.manifest
[2008.08.14 06:31:18 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_fi-fi_d21b4b453a20c508.manifest
[2008.08.14 06:30:46 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_he-il_2ccc89f3761c6b92.manifest
[2008.08.14 06:20:39 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_hu-hu_2c7b3d617656ff54.manifest
[2008.08.14 06:40:40 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_nb-no_3d2a208829d6a6fd.manifest
[2008.08.14 06:31:14 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_nl-nl_3d54933029b55090.manifest
[2008.08.14 06:45:48 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_pl-pl_982a40e465950b7c.manifest
[2008.08.14 06:22:42 | 000,002,590 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_pt-pt_97dbc3d465ceb5bc.manifest
[2008.08.14 06:30:27 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_sv-se_20c077cabf22ddad.manifest
[2008.08.14 06:33:41 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_tr-tr_4d9abe80dd7fc104.manifest
[2008.08.14 09:52:25 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_ar-sa_0607b8ca8ad7d76b.manifest
[2008.08.14 09:36:22 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_da-dk_8dcaf70ae5080bb2.manifest
[2008.08.14 09:52:22 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_el-gr_baf5256b0326bdca.manifest
[2008.08.14 09:52:20 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_fi-fi_e8be46e720d05974.manifest
[2008.08.14 09:36:41 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_he-il_436f85955ccbfffe.manifest
[2008.08.14 09:32:37 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_hu-hu_431e39035d0693c0.manifest
[2008.08.14 09:36:34 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_nb-no_53cd1c2a10863b69.manifest
[2008.08.14 09:32:00 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_nl-nl_53f78ed21064e4fc.manifest
[2008.08.14 09:32:47 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_pl-pl_aecd3c864c449fe8.manifest
[2008.08.14 09:32:42 | 000,002,590 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_pt-pt_ae7ebf764c7e4a28.manifest
[2008.08.14 09:35:11 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_sv-se_3763736ca5d27219.manifest
[2008.08.14 09:36:13 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_tr-tr_643dba22c42f5570.manifest
[2008.08.14 07:54:48 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_ar-sa_ef3be50ea47d9d61.manifest
[2008.08.14 07:53:47 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_da-dk_76ff234efeadd1a8.manifest
[2008.08.14 08:22:51 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_el-gr_a42951af1ccc83c0.manifest
[2008.08.14 07:53:37 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_fi-fi_d1f2732b3a761f6a.manifest
[2008.08.14 07:54:51 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_he-il_2ca3b1d97671c5f4.manifest
[2008.08.14 08:02:29 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_hu-hu_2c52654776ac59b6.manifest
[2008.08.14 07:57:17 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_nb-no_3d01486e2a2c015f.manifest
[2008.08.14 08:02:59 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_nl-nl_3d2bbb162a0aaaf2.manifest
[2008.08.14 08:02:23 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_pl-pl_980168ca65ea65de.manifest
[2008.08.14 08:09:09 | 000,002,590 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_pt-pt_97b2ebba6624101e.manifest
[2008.08.14 08:02:30 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_sv-se_20979fb0bf78380f.manifest
[2008.08.14 08:09:34 | 000,002,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_tr-tr_4d71e666ddd51b66.manifest
[2008.08.12 23:12:07 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:26 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:15:53 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:19 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:07 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16730_cs-cz_5b6d660d55709964\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:12:26 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.20895_cs-cz_5bbb24c26eba5f87\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:15:53 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18121_cs-cz_5d5f74e9528e27bb\System.RunTime.Serialization.Resources.dll
[2008.08.12 23:16:19 | 000,090,112 | ---- | M] () -- \Windows\SoftwareDistribution\Download\48d3b1d287278288e1e1fa41c0359093\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.22243_cs-cz_5dd572706bba3215\System.RunTime.Serialization.Resources.dll
[2008.09.12 23:57:47 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16754_cs-cz_0164b12f1d133e9e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.12 23:56:42 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.20921_cs-cz_ea944dc536bd060d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:24:37 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18145_cs-cz_013f95e51d654b3f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:25:16 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.22269_cs-cz_ea739499370b4477\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.12 23:57:47 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16754_cs-cz_be141fbfae547065\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.12 23:56:42 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.20921_cs-cz_bebb2d56c75c6d7e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:24:37 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18145_cs-cz_c0062e9bab71febc\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.09.15 23:25:16 | 000,011,776 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f999c40092e319930e84c288d583a7f9\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.22269_cs-cz_c07e2cb6c49c3bc4\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.05.24 11:02:29 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2007.01.08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2007.01.08 22:04:55 | 000,004,096 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\grserial.sys.mui
[2007.01.08 22:04:55 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2008.05.24 10:59:16 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_33048ac2\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys
[2006.11.02 08:41:49 | 001,010,560 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
[2008.05.24 10:53:06 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_44880ea7\serial.sys
[2006.11.02 09:51:30 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys
[2006.11.02 09:51:28 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_a24cc104\grserial.sys
[2008.05.24 10:58:29 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_bec36faa\grserial.sys
[2008.05.24 11:37:59 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2008.05.24 11:38:00 | 000,019,512 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15_kdcom.dll_db5e7744
[2008.05.24 11:36:01 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c_serialui.dll.mui_7d29d2a3
[2008.05.24 11:41:24 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9_serialui.dll_bea29328
[2006.11.02 13:33:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3.manifest
[2008.06.23 03:05:53 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1.manifest
[2008.06.23 03:02:26 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d.manifest
[2008.05.24 10:37:50 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf.manifest
[2008.06.23 03:40:19 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94.manifest
[2008.06.23 02:58:46 | 000,003,028 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e.manifest
[2007.01.08 22:01:12 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d.manifest
[2006.11.02 13:39:55 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_en-us_bb16054302d6ef1f.manifest
[2008.06.23 03:30:17 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16708_en-us_bb0dd4d302de58ed.manifest
[2008.08.14 06:39:56 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16730_cs-cz_5ff511dac72f8cd8.manifest
[2008.06.23 03:23:53 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20864_en-us_a4468aef1c7fea79.manifest
[2008.08.14 06:23:06 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.20895_cs-cz_492cfaeee0d2050d.manifest
[2008.05.24 10:39:53 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9.manifest
[2008.06.23 03:32:13 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18096_en-us_baf300e9032715c0.manifest
[2008.08.14 09:36:16 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18121_cs-cz_5fcff690c7819979.manifest
[2008.06.23 03:09:44 | 000,000,633 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22208_en-us_a41c29db1cd6c54a.manifest
[2008.08.14 08:03:05 | 000,002,584 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.22243_cs-cz_490422d4e1275f6f.manifest
[2006.11.02 13:33:50 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526.manifest
[2008.06.23 03:05:31 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4.manifest
[2008.06.23 03:02:01 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080.manifest
[2008.05.24 10:37:54 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2.manifest
[2008.06.23 03:39:55 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7.manifest
[2008.06.23 02:58:14 | 000,003,227 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51.manifest
[2006.11.02 11:18:20 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6000.16386_none_0f7ecb22afbfde41.manifest
[2008.05.24 10:32:02 | 000,003,462 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.0.6001.18000_none_11b58d1eacaaef15.manifest
[2006.11.02 11:02:09 | 000,001,406 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.0.6000.16386_none_2a8610ec098ae6c4.manifest
[2006.11.02 13:33:50 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68.manifest
[2008.06.23 03:08:38 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936.manifest
[2008.06.23 03:05:46 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2.manifest
[2008.05.24 10:37:31 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834.manifest
[2008.06.23 03:43:41 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609.manifest
[2008.06.23 03:02:24 | 000,003,062 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593.manifest
[2006.10.20 02:14:53 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16386_none_483e6ea12378b3a8\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:00:27 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.16720_none_4838f505237d831c\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 18:55:55 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6000.20883_none_31710ba93d1fc80f\System.Runtime.Serialization.Formatters.Soap.dll
[2008.05.24 11:02:46 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18000_none_4812f05d23d05c74\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 19:03:15 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.18111_none_4813d9bb23cf8fbd\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.27 18:58:35 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6001.22230_none_31484a573d7508d0\System.Runtime.Serialization.Formatters.Soap.dll
[2007.01.08 22:03:07 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6000.16386_cs-cz_0167850d1d10bca1\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.05.24 11:16:09 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.0.6001.18000_cs-cz_013c06c91d68656d\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2006.11.02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16386_none_d24e4473b7df83f3\System.Runtime.Serialization.dll
[2008.06.20 02:17:50 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_d2461403b7e6edc1\System.Runtime.Serialization.dll
[2008.06.20 02:12:45 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_bb7eca1fd1887f4d\System.Runtime.Serialization.dll
[2008.05.24 11:14:05 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18000_none_d222c62fb8372cbf\System.Runtime.Serialization.dll
[2008.06.20 02:14:31 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_d22b4019b82faa94\System.Runtime.Serialization.dll
[2008.06.20 02:13:19 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_bb54690bd1df5a1e\System.Runtime.Serialization.dll
[2007.01.08 22:05:25 | 000,081,920 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6000.16386_cs-cz_5ff98b2cc72ba40d\System.RunTime.Serialization.Resources.dll
[2008.05.24 11:15:57 | 000,086,016 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6001.18000_cs-cz_5fce0ce8c7834cd9\System.RunTime.Serialization.Resources.dll
[2006.11.02 13:36:03 | 000,888,832 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16386_none_02917a0ddf868526\System.Runtime.Serialization.dll
[2008.06.20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289499ddf8deef4\System.Runtime.Serialization.dll
[2008.06.20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1ffb9f92f8080\System.Runtime.Serialization.dll
[2008.05.24 11:14:09 | 000,929,792 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18000_none_0265fbc9dfde2df2\System.Runtime.Serialization.dll
[2008.06.20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e75b3dfd6abc7\System.Runtime.Serialization.dll
[2008.06.20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb979ea5f9865b51\System.Runtime.Serialization.dll
[2007.01.08 22:04:55 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_f15fa7f9f28d5343\serial.sys.mui
[2008.05.24 10:59:16 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys
[2007.01.08 22:04:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_bdf5a8f7ae6b024a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.05.24 11:17:01 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_c02c6af3ab56131e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.01.08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_4c341f95e6bfb3a8\serialui.dll.mui
[2007.01.08 22:04:49 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_4e6ae191e3aac47c\serialui.dll.mui
[2006.11.02 10:46:12 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6000.16386_none_f2cadf9221bfabe5\serialui.dll
[2008.05.24 11:02:29 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6001.18000_none_f501a18e1eaabcb9\serialui.dll
[2007.01.08 22:05:22 | 000,081,920 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_5b3d50955593c887\System.RunTime.Serialization.Resources.dll
[2008.05.24 11:15:53 | 000,086,016 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_5d741291527ed95b\System.RunTime.Serialization.Resources.dll
[2007.01.08 22:03:22 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_c27f608a4f515351\serial.sys.mui
[2008.05.24 10:53:06 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys
[2007.01.08 22:04:55 | 000,004,096 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf.resources_31bf3856ad364e35_6.0.6000.16386_cs-cz_b4070b50f198e261\grserial.sys.mui
[2008.05.24 10:58:29 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.0.6001.18000_none_72a9e15f343dcd03\grserial.sys
[2006.11.02 13:36:02 | 000,888,832 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16386_none_076c25db205d1f68\System.Runtime.Serialization.dll
[2008.06.20 02:17:48 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b20648936\System.Runtime.Serialization.dll
[2008.06.20 02:12:43 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061ac2\System.Runtime.Serialization.dll
[2008.05.24 11:13:46 | 000,929,792 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18000_none_0740a79720b4c834\System.Runtime.Serialization.dll
[2008.06.20 02:14:29 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad4609\System.Runtime.Serialization.dll
[2008.06.20 02:13:17 | 000,966,656 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf593\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

#22 Příspěvek od **Márty84** » 25 led 2013 21:13

Znovu spustte OTL jako spravce
Vypnete antivir, at nebrani programu v praci
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3337024854-4243349412-40047204-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

pezetking · #23 Příspěvek od **pezetking** » 26 led 2013 08:19

zde je log
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Petr
->Temp folder emptied: 69960907 bytes
->Temporary Internet Files folder emptied: 1366233 bytes
->Java cache emptied: 762425 bytes
->FireFox cache emptied: 64372448 bytes
->Google Chrome cache emptied: 252873332 bytes
->Opera cache emptied: 21383919 bytes
->Flash cache emptied: 5838 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 632 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 392,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Petr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3337024854-4243349412-40047204-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP368A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4865.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01262013_081503

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#24 Příspěvek od **Márty84** » 26 led 2013 09:41

Odinstalujte MBAM, pokud ho tam jeste mate.

Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc

pezetking · #25 Příspěvek od **pezetking** » 26 led 2013 15:00

Pc nabíhá o poznání rychleji, avira nic nehlásí takže by mohlo být vyřešeno

. Už mi tedy chybí jen doinstalovat service pack 2. Tak mockrát děkuji

Jen Windows Update při instalování nebo stahování aktualizací chybu 800B0100 a tudíž nic nenainstaluje :/

#26 Příspěvek od **Márty84** » 26 led 2013 15:37

Zkuste mrknout tady http://windows.microsoft.com/cs-CZ/wind ... r-800B0100

Jinak s timto doporucuji kontaktovat primo technickou podporu microsoftu. Jako platici zakaznik na ni mate plne pravo. Precejen by meli vedet nejlepe, v cem je problem

Z me strany je to tedy vse

Nemate vubec zac, mejte se

VIRY.CZ

Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir

Re: Avira hlásí vir