Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

ielowutil.exe

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

ielowutil.exe

#1 Příspěvek od Ryder3.0 »

Zdravím rádce z viry.cz. Dnes po aktualizaci systému mi systém hodí při spuštění programu Skype hlášku "Internet Low-Mic Utility Tool přestal pracovat" následně skype.exe přestal pracovat. Podle mě s tím souvisí i nějáký malware. Přikládám log z RSIT a zároveň se ptám, jestli má na něco vliv to, když ho spustím jako správce(RSIT). Děkuji za kontrolu a pomoc.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ryder at 2013-03-19 18:26:46
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 16 GB (11%) free of 150 GB
Total RAM: 4094 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:26:50, on 19.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\HsMgr.exe
D:\Programs\utorrent\uTorrent.exe
C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
D:\Programs\xfire-beta\Xfire2\Xfire.exe
C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE
D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe
D:\Programs\xfire-beta\Xfire2\Xfire.exe
C:\Program Files\trend micro\Ryder.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programs\Java\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programs\Java\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "D:\Programs\utorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ryder\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Xfire.lnk = D:\Programs\xfire-beta\Xfire2\Xfire.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programs\MSOFFI~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - D:\Programs\gametracker\GSInGameService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programs\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Windows\
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7722 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\Programs\gametracker\GSInGameService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
D:\Programs\Skype\Updater\Updater.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"D:\Programs\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {EBDFA408-B7A0-43B8-ACC5-BA6D90838E6E}
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
taskeng.exe {770CEDD1-8C7F-446F-A037-27F06525D50C}
"D:\Programs\utorrent\uTorrent.exe" /MINIMIZED
"C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe"
"C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe"
"D:\Programs\xfire-beta\Xfire2\Xfire.exe"
"D:\Programs\Avira\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000006c0
"C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE"
"D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"D:\Programs\xfire-beta\Xfire2\Xfire.exe" D:\Programs\xfire-beta\Xfire2\Xfire.exe/uac 2960
"D:\Programs\xfire-beta\Xfire2\xfire64.exe" xfire64.exe /pid 3488
"C:\Users\Ryder\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Programs\Java\bin\jp2ssv.dll [2012-12-25 170416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Programs\Java\bin\ssv.dll [2012-12-25 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Programs\Java\bin\jp2ssv.dll [2012-12-25 170416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"uTorrent"=D:\Programs\utorrent\uTorrent.exe [2012-12-10 969104]
"Google Update"=C:\Users\Ryder\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-11 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Programs\adobe reader\Reader\Reader_sl.exe [2012-09-23 40592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
D:\Programs\Alcohol120%\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1840720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
D:\Programs\kies\Kies\KiesHelper.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
D:\Programs\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-08-07 21432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
D:\Programs\kies\Kies\Kies.exe [2012-08-07 960440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
D:\Programs\kies\Kies\KiesTrayAgent.exe [2012-08-07 3524536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
D:\Programs\Power Iso\PowerISO\PWRISOVM.EXE [2011-06-15 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Programs\Quicktime-apple\QTTask.exe [2012-10-25 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-09-07 3673808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
D:\Programs\Winamp-\Winamp\winampa.exe [2008-09-12 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ryder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe [2013-02-15 385248]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

C:\Users\Ryder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - D:\Programs\xfire-beta\Xfire2\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-19 247296]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2013-03-19 18:17:23 ----D---- C:\rsit
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-19 00:45:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-19 00:45:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-19 00:45:16 ----A---- C:\Windows\system32\elshyph.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-19 00:45:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\wininet.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\wextract.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\webcheck.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\vbscript.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\urlmon.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\url.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\occache.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\msrating.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\msls31.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\mshtml.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\mshta.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\jscript9.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\jscript.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\inseng.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\imgutil.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\iexpress.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\ieui.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\iesetup.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\iertutil.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\iernonce.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\iepeers.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-19 00:45:15 ----A---- C:\Windows\system32\icardie.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-19 00:45:15 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-19 00:45:14 ----A---- C:\Windows\system32\ieframe.dll
2013-03-17 15:26:02 ----A---- C:\Windows\ntbtlog.txt
2013-03-14 22:59:17 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-12 11:33:13 ----D---- C:\Users\Ryder\AppData\Roaming\Xfire
2013-03-12 11:28:52 ----D---- C:\ProgramData\Xfire
2013-02-27 23:20:04 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-27 23:20:03 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-27 23:20:03 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 23:20:03 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 23:19:59 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-27 23:19:59 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 23:19:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 23:19:52 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-27 23:19:52 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 23:19:51 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 23:19:51 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-27 23:19:51 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-27 23:19:51 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 23:19:51 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 23:19:50 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-27 23:19:50 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-27 23:19:50 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-27 23:19:50 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-27 23:19:50 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-27 23:19:50 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 23:19:50 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 23:19:50 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 23:19:50 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 23:19:49 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-27 23:19:49 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-27 23:19:49 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-27 23:19:49 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 23:19:49 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 23:19:49 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 23:19:48 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-27 23:19:48 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-27 23:19:48 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 23:19:48 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 23:19:48 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 23:19:48 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 23:19:48 ----A---- C:\Windows\system32\d2d1.dll
2013-02-27 23:19:47 ----A---- C:\Windows\SYSWOW64\d2d1.dll

======List of files/folders modified in the last 1 months======

2013-03-19 18:26:48 ----D---- C:\Program Files\trend micro
2013-03-19 18:26:47 ----D---- C:\Windows\temp
2013-03-19 18:25:12 ----D---- C:\Users\Ryder\AppData\Roaming\uTorrent
2013-03-19 18:24:43 ----D---- C:\ProgramData\NVIDIA
2013-03-19 18:23:37 ----D---- C:\Windows\system32\config
2013-03-19 18:09:05 ----D---- C:\Users\Ryder\AppData\Roaming\Skype
2013-03-19 15:21:44 ----SD---- C:\Users\Ryder\AppData\Roaming\Microsoft
2013-03-19 14:48:17 ----D---- C:\Windows\winsxs
2013-03-19 14:47:55 ----D---- C:\Windows\Panther
2013-03-19 14:46:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-19 14:46:53 ----D---- C:\Windows\system32\cs-CZ
2013-03-19 14:46:53 ----D---- C:\Program Files\Internet Explorer
2013-03-19 14:46:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-19 14:46:51 ----D---- C:\Windows\SYSWOW64\migration
2013-03-19 14:46:51 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-19 14:46:50 ----D---- C:\Windows\SysWOW64
2013-03-19 14:46:49 ----D---- C:\Windows\system32\migration
2013-03-19 14:46:49 ----D---- C:\Windows\system32\en-US
2013-03-19 14:46:49 ----D---- C:\Windows\System32
2013-03-19 14:46:49 ----D---- C:\Windows\PolicyDefinitions
2013-03-19 14:46:49 ----D---- C:\Windows\inf
2013-03-19 00:49:23 ----D---- C:\Windows\Logs
2013-03-19 00:48:53 ----D---- C:\Windows\system32\catroot
2013-03-19 00:47:26 ----D---- C:\Windows\system32\catroot2
2013-03-19 00:42:34 ----D---- C:\Windows
2013-03-19 00:42:08 ----SHD---- C:\System Volume Information
2013-03-17 15:28:26 ----D---- C:\Windows\LiveKernelReports
2013-03-16 18:51:52 ----D---- C:\ProgramData\CanonIJPLM
2013-03-15 10:07:04 ----D---- C:\Windows\system32\drivers
2013-03-15 10:07:03 ----D---- C:\Windows\system32\DriverStore
2013-03-14 09:14:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 22:22:51 ----D---- C:\Windows\AppPatch
2013-03-13 22:22:46 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-13 22:22:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-13 13:26:43 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 13:26:38 ----SHD---- C:\Windows\Installer
2013-03-13 13:26:38 ----D---- C:\ProgramData\Microsoft Help
2013-03-12 23:27:03 ----D---- C:\ProgramData\Adobe
2013-03-12 23:27:02 ----D---- C:\Program Files (x86)\Common Files
2013-03-12 23:21:13 ----D---- C:\Users\Ryder\AppData\Roaming\TS3Client
2013-03-12 23:14:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-03-12 11:33:52 ----D---- C:\Windows\Prefetch
2013-03-12 11:28:54 ----RSD---- C:\Windows\Fonts
2013-03-12 11:28:52 ----D---- C:\ProgramData
2013-03-05 16:22:24 ----D---- C:\Windows\rescache
2013-03-03 18:18:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-28 14:23:16 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-28 14:23:15 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-28 14:23:14 ----D---- C:\Windows\system32\zh-TW
2013-02-28 14:23:14 ----D---- C:\Windows\system32\zh-HK
2013-02-28 14:23:14 ----D---- C:\Windows\system32\zh-CN
2013-02-28 14:23:14 ----D---- C:\Windows\system32\tr-TR
2013-02-28 14:23:14 ----D---- C:\Windows\system32\sv-SE
2013-02-28 14:23:14 ----D---- C:\Windows\system32\ru-RU
2013-02-28 14:23:14 ----D---- C:\Windows\system32\pt-PT
2013-02-28 14:23:14 ----D---- C:\Windows\system32\pt-BR
2013-02-28 14:23:14 ----D---- C:\Windows\system32\pl-PL
2013-02-28 14:23:14 ----D---- C:\Windows\system32\nl-NL
2013-02-28 14:23:14 ----D---- C:\Windows\system32\nb-NO
2013-02-28 14:23:14 ----D---- C:\Windows\system32\ko-KR
2013-02-28 14:23:14 ----D---- C:\Windows\system32\ja-JP
2013-02-28 14:23:14 ----D---- C:\Windows\system32\it-IT
2013-02-28 14:23:14 ----D---- C:\Windows\system32\hu-HU
2013-02-28 14:23:14 ----D---- C:\Windows\system32\fr-FR
2013-02-28 14:23:14 ----D---- C:\Windows\system32\fi-FI
2013-02-28 14:23:14 ----D---- C:\Windows\system32\es-ES
2013-02-28 14:23:14 ----D---- C:\Windows\system32\el-GR
2013-02-28 14:23:14 ----D---- C:\Windows\system32\de-DE
2013-02-28 14:23:14 ----D---- C:\Windows\system32\da-DK
2013-02-24 19:24:53 ----D---- C:\Users\Ryder\AppData\Roaming\mIRC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-07-11 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-12-03 129216]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 93240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-12-03 99912]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-12-07 51496]
R3 cmudaxp;ASUS Xonar DX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-06-04 99384]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 203320]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tizeqdrv;tizeqdrv; \??\C:\Users\Ryder\AppData\Roaming\TZAC2\tizeq64.sys [2012-09-02 171704]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AntiVirService;Avira Real-Time Protection; D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe [2013-02-15 110816]
R2 AntiVirSchedulerService;Avira Scheduler; D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe [2013-02-15 86752]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GS In-Game Service;GS In-Game Service; D:\Programs\gametracker\GSInGameService.exe [2011-11-10 1677072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-01 890216]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-05-15 76888]
R2 SkypeUpdate;Skype Updater; D:\Programs\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 StarWindServiceAE;StarWind AE Service; D:\Programs\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-20 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-14 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-20 116648]
S3 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-20 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: ielowutil.exe

#2 Příspěvek od Márty84 »

Zdravim :)


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).



:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

Re: ielowutil.exe

#3 Příspěvek od Ryder3.0 »

OTL logfile created on: 20.3.2013 15:51:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ryder\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,80% Memory free
8,00 Gb Paging File | 5,92 Gb Available in Paging File | 74,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 15,11 Gb Free Space | 10,32% Space Free | Partition Type: NTFS
Drive D: | 319,18 Gb Total Space | 63,75 Gb Free Space | 19,97% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 29,93 Gb Free Space | 6,43% Space Free | Partition Type: NTFS
Drive G: | 614,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 595,52 Gb Total Space | 219,81 Gb Free Space | 36,91% Space Free | Partition Type: NTFS

Computer Name: RYDER-PC | User Name: Ryder | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.03.20 15:49:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ryder\Desktop\OTL.exe
PRC - [2013.03.19 11:53:24 | 005,453,184 | ---- | M] (Xfire Inc.) -- D:\Programs\xfire-beta\Xfire2\Xfire.exe
PRC - [2013.03.14 09:14:17 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.08 17:19:35 | 000,917,400 | ---- | M] (Mozilla Corporation) -- D:\Programs\Mozilla12\firefox.exe
PRC - [2013.03.08 17:19:35 | 000,017,304 | ---- | M] (Mozilla Corporation) -- D:\Programs\Mozilla12\plugin-container.exe
PRC - [2013.02.19 22:25:54 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013.02.16 20:20:53 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013.02.15 22:34:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.15 22:34:06 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.15 22:34:06 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.10 06:29:26 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- D:\Programs\utorrent\uTorrent.exe
PRC - [2012.12.03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.05.15 11:21:37 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.11.10 00:49:24 | 001,677,072 | ---- | M] (ClanServers Hosting LLC) -- D:\Programs\gametracker\GSInGameService.exe
PRC - [2011.05.12 16:50:03 | 001,990,656 | ---- | M] (CMedia) -- C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
PRC - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- D:\Programs\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2008.07.11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.14 09:14:17 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.08 17:19:35 | 003,069,848 | ---- | M] () -- D:\Programs\Mozilla12\mozjs.dll
MOD - [2011.04.19 14:56:58 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll
MOD - [2008.07.11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe


========== Services (SafeList) ==========

SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.14 09:14:18 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.15 22:34:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programs\Avira\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.15 22:34:06 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programs\Avira\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Programs\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.11.20 07:16:13 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.15 11:21:37 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.11.22 04:20:00 | 001,148,632 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2011.11.10 00:49:24 | 001,677,072 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- D:\Programs\gametracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2010.11.11 13:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- D:\Programs\Alcohol120%\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.22 09:35:52 | 000,103,808 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.06.04 08:59:20 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.06.04 08:59:20 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.07 20:21:30 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2011.07.11 21:31:54 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.06.15 09:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 15:44:16 | 002,725,376 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.03.14 14:36:18 | 000,017,160 | ---- | M] (XFire) [File_System | On_Demand | Running] -- D:\Programs\xfire-beta\Xfire2\XFDriver64.sys -- (XFDriver64)
DRV - [2012.09.02 18:08:50 | 000,171,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\Ryder\AppData\Roaming\TZAC2\tizeq64.sys -- (tizeqdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.5
FF - prefs.js..extensions.enabledAddons: %7B1280606b-2510-4fe0-97ef-9b5a22eafe30%7D:0.7.9.6
FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:5.6
FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=undefined&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: D:\Programs\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programs\adobe reader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ryder\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: D:\Programs\Mozilla12\components [2013.03.08 17:19:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: D:\Programs\Mozilla12\plugins [2013.03.12 23:37:56 | 000,000,000 | ---D | M]

[2012.05.04 19:10:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryder\AppData\Roaming\Mozilla\Extensions
[2013.03.04 14:30:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\extensions
[2013.03.03 11:22:32 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2012.10.27 20:22:37 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\extensions\translator@zoli.bod.xpi
[2013.03.04 14:30:06 | 000,518,398 | ---- | M] () (No name found) -- C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013.02.15 22:37:53 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.25 20:35:14 | 000,754,446 | ---- | M] () (No name found) -- C:\Users\Ryder\AppData\Roaming\Mozilla\Firefox\Profiles\jp6i1yzz.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ryder\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ryder\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ryder\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = D:\Programs\Mozilla12\plugins\np-mswmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Programs\Mozilla12\plugins\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - Extension: Disk Google = C:\Users\Ryder\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ryder\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Ryder\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Ryder\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Gmail = C:\Users\Ryder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.10 18:47:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programs\Java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programs\Java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programs\Java\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Cmaudio8788] C:\Windows\Syswow64\cmicnfgp.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
O4 - HKLM..\Run: [avgnt] D:\Programs\Avira\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000..\Run: [uTorrent] D:\Programs\utorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2597100678-3333478538-1327677117-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2597100678-3333478538-1327677117-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ryder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = D:\Programs\xfire-beta\Xfire2\Xfire.exe (Xfire Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2597100678-3333478538-1327677117-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2597100678-3333478538-1327677117-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programs\Ms office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\PrxerNsp.dll (Initex Software)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.211.45.3 212.96.160.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9640D327-1145-4FC0-8401-DE30F9A98651}: DhcpNameServer = 213.211.45.3 212.96.160.7
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.18 22:12:18 | 000,000,088 | ---- | M] () - G:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.03.20 15:49:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ryder\Desktop\OTL.exe
[2013.03.19 18:17:23 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.19 00:45:16 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.19 00:45:16 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.19 00:45:16 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.19 00:45:16 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.19 00:45:16 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.19 00:45:16 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.19 00:45:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.19 00:45:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.19 00:45:16 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.19 00:45:16 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.19 00:45:16 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.19 00:45:16 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.19 00:45:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.19 00:45:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.19 00:45:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.19 00:45:16 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.19 00:45:16 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.19 00:45:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.19 00:45:16 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.19 00:45:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.19 00:45:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.19 00:45:15 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.19 00:45:15 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.19 00:45:15 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.19 00:45:15 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.19 00:45:15 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.19 00:45:15 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.19 00:45:15 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.19 00:45:15 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.19 00:45:15 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.19 00:45:15 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.19 00:45:15 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.19 00:45:15 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.19 00:45:15 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.19 00:45:15 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.19 00:45:15 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.19 00:45:15 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.19 00:45:15 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.19 00:45:15 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.19 00:45:15 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.19 00:45:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.19 00:45:15 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.19 00:45:15 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.19 00:45:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.19 00:45:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.19 00:45:15 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.19 00:45:15 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.19 00:45:15 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.19 00:45:15 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.19 00:45:15 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.19 00:45:15 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.19 00:45:15 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.19 00:45:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.19 00:45:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.19 00:45:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.19 00:45:15 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.19 00:45:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.19 00:45:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.19 00:45:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.19 00:45:15 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.19 00:45:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.19 00:45:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.19 00:45:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.19 00:45:15 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.19 00:45:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.19 00:45:15 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.19 00:45:15 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.19 00:45:14 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.14 22:59:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.12 23:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.03.12 11:33:13 | 000,000,000 | ---D | C] -- C:\Users\Ryder\AppData\Roaming\Xfire
[2013.03.12 11:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2013.03.12 11:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Xfire
[2013.03.12 11:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2013.03.03 20:55:17 | 000,000,000 | ---D | C] -- C:\Users\Ryder\Desktop\Billboard's Number One Hits of the 90's
[2013.02.27 23:20:04 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 23:20:03 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 23:20:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 23:20:03 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 23:19:59 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 23:19:59 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 23:19:52 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 23:19:52 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 23:19:52 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 23:19:52 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 23:19:52 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 23:19:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 23:19:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 23:19:52 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 23:19:52 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 23:19:51 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 23:19:51 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 23:19:51 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 23:19:51 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 23:19:51 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 23:19:51 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 23:19:51 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 23:19:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 23:19:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 23:19:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 23:19:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 23:19:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 23:19:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 23:19:50 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 23:19:50 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 23:19:50 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 23:19:50 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 23:19:50 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 23:19:49 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 23:19:49 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 23:19:49 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 23:19:49 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 23:19:48 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 23:19:48 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 23:19:48 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 23:19:48 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll

========== Files - Modified Within 30 Days ==========

[2013.03.20 15:54:26 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.20 15:49:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ryder\Desktop\OTL.exe
[2013.03.20 15:44:28 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.20 15:44:28 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.20 15:40:07 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.20 15:36:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.20 15:36:51 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.19 22:31:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.19 22:25:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000UA.job
[2013.03.19 22:14:05 | 000,044,427 | ---- | M] () -- C:\Users\Ryder\Desktop\66675_464677240270917_1269623163_n.jpg
[2013.03.19 22:14:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.19 20:25:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000Core.job
[2013.03.19 19:35:48 | 000,662,197 | ---- | M] () -- C:\Users\Ryder\Desktop\569029-img-volby-top-09-kalousek.jpg
[2013.03.19 18:16:23 | 000,832,273 | ---- | M] () -- C:\Users\Ryder\Desktop\RSITx64.exe
[2013.03.19 18:12:11 | 000,172,879 | ---- | M] () -- C:\Users\Ryder\Desktop\zaloha novejsi
[2013.03.19 18:12:02 | 000,172,879 | ---- | M] () -- C:\Users\Ryder\Desktop\zaloha starsi
[2013.03.19 00:45:16 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.19 00:45:16 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.19 00:45:16 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.19 00:45:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.19 00:45:16 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.19 00:45:16 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.19 00:45:16 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.19 00:45:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.19 00:45:16 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.19 00:45:16 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.19 00:45:16 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.19 00:45:16 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.19 00:45:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.19 00:45:16 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.19 00:45:16 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.19 00:45:16 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.19 00:45:16 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.19 00:45:16 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.19 00:45:16 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.19 00:45:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.19 00:45:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.19 00:45:15 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.19 00:45:15 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.19 00:45:15 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.19 00:45:15 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.19 00:45:15 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.19 00:45:15 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.19 00:45:15 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.19 00:45:15 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.19 00:45:15 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.19 00:45:15 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.19 00:45:15 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.19 00:45:15 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.19 00:45:15 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.19 00:45:15 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.19 00:45:15 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.19 00:45:15 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.19 00:45:15 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.19 00:45:15 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.19 00:45:15 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.19 00:45:15 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.19 00:45:15 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.19 00:45:15 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.19 00:45:15 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.19 00:45:15 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.19 00:45:15 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.19 00:45:15 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.19 00:45:15 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.19 00:45:15 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.19 00:45:15 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.19 00:45:15 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.19 00:45:15 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.19 00:45:15 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.19 00:45:15 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.19 00:45:15 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.19 00:45:15 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.19 00:45:15 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.19 00:45:15 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.19 00:45:15 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.19 00:45:15 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.19 00:45:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.19 00:45:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.19 00:45:15 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.19 00:45:15 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.19 00:45:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.19 00:45:15 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.19 00:45:15 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.19 00:45:15 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.19 00:45:15 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.19 00:45:14 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.18 21:15:13 | 000,042,078 | ---- | M] () -- C:\Users\Ryder\Desktop\1.jpg
[2013.03.18 21:11:49 | 000,142,478 | ---- | M] () -- C:\Users\Ryder\Desktop\TopMotylek.jpg
[2013.03.17 23:24:31 | 000,214,629 | ---- | M] () -- C:\Users\Ryder\Desktop\Screenshot_2013-01-31-22-09-51.png
[2013.03.17 23:22:40 | 000,217,841 | ---- | M] () -- C:\Users\Ryder\Desktop\Screenshot_2013-01-31-22-09-44.png
[2013.03.17 13:15:24 | 000,072,328 | ---- | M] () -- C:\Users\Ryder\Desktop\418775_502642119793310_1146770876_n.jpg
[2013.03.17 11:16:27 | 530,488,528 | ---- | M] () -- C:\Users\Ryder\Desktop\RZ2.AVI
[2013.03.17 10:48:20 | 349,202,428 | ---- | M] () -- C:\Users\Ryder\Desktop\VYPRASK,-FISTING,-OTROKYNE,-SEX,-VELMI-BRUTALNI-HARDCORE---by-sarhaa-moos.mpg
[2013.03.15 10:30:36 | 000,002,368 | ---- | M] () -- C:\Users\Ryder\Desktop\Google Chrome.lnk
[2013.03.14 09:14:17 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.14 09:14:17 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.12 23:14:24 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.12 23:14:24 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.12 12:43:36 | 093,556,736 | ---- | M] () -- C:\Users\Ryder\Desktop\xxx-latexangel-com-104.avi
[2013.03.12 12:42:49 | 338,741,430 | ---- | M] () -- C:\Users\Ryder\Desktop\XXX-Lysxtreme.com.video1.avi
[2013.03.12 11:37:55 | 000,000,844 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2013.03.12 11:30:38 | 000,331,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.12 09:21:31 | 000,477,445 | ---- | M] () -- C:\Users\Ryder\Desktop\da36698a88dc4cad2d5bd36587a3e98d.jpg
[2013.03.11 12:39:55 | 223,565,254 | ---- | M] () -- C:\Users\Ryder\Desktop\LysXtreme_-_06_29_2009_-_Anal_Play_Bottles.avi
[2013.03.03 18:18:00 | 001,478,982 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.03 18:18:00 | 000,634,568 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.03.03 18:18:00 | 000,618,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.03 18:18:00 | 000,123,158 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.03.03 18:18:00 | 000,107,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.01 20:21:23 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.02.24 22:48:44 | 007,017,458 | ---- | M] () -- C:\Users\Ryder\Desktop\Siyah-s2-v5.0.1-CWM.zip

========== Files Created - No Company Name ==========

[2013.03.20 15:54:26 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.19 22:14:05 | 000,044,427 | ---- | C] () -- C:\Users\Ryder\Desktop\66675_464677240270917_1269623163_n.jpg
[2013.03.19 19:35:47 | 000,662,197 | ---- | C] () -- C:\Users\Ryder\Desktop\569029-img-volby-top-09-kalousek.jpg
[2013.03.19 18:16:23 | 000,832,273 | ---- | C] () -- C:\Users\Ryder\Desktop\RSITx64.exe
[2013.03.19 18:12:11 | 000,172,879 | ---- | C] () -- C:\Users\Ryder\Desktop\zaloha novejsi
[2013.03.19 18:12:02 | 000,172,879 | ---- | C] () -- C:\Users\Ryder\Desktop\zaloha starsi
[2013.03.19 00:45:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.19 00:45:15 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.18 21:15:12 | 000,042,078 | ---- | C] () -- C:\Users\Ryder\Desktop\1.jpg
[2013.03.18 21:11:48 | 000,142,478 | ---- | C] () -- C:\Users\Ryder\Desktop\TopMotylek.jpg
[2013.03.17 13:15:22 | 000,072,328 | ---- | C] () -- C:\Users\Ryder\Desktop\418775_502642119793310_1146770876_n.jpg
[2013.03.17 11:12:49 | 530,488,528 | ---- | C] () -- C:\Users\Ryder\Desktop\RZ2.AVI
[2013.03.17 10:45:36 | 349,202,428 | ---- | C] () -- C:\Users\Ryder\Desktop\VYPRASK,-FISTING,-OTROKYNE,-SEX,-VELMI-BRUTALNI-HARDCORE---by-sarhaa-moos.mpg
[2013.03.12 23:27:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.03.12 12:42:59 | 093,556,736 | ---- | C] () -- C:\Users\Ryder\Desktop\xxx-latexangel-com-104.avi
[2013.03.12 12:40:32 | 338,741,430 | ---- | C] () -- C:\Users\Ryder\Desktop\XXX-Lysxtreme.com.video1.avi
[2013.03.12 11:37:55 | 000,000,844 | ---- | C] () -- C:\Users\Ryder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2013.03.12 09:21:30 | 000,477,445 | ---- | C] () -- C:\Users\Ryder\Desktop\da36698a88dc4cad2d5bd36587a3e98d.jpg
[2013.03.11 12:38:24 | 223,565,254 | ---- | C] () -- C:\Users\Ryder\Desktop\LysXtreme_-_06_29_2009_-_Anal_Play_Bottles.avi
[2013.02.24 22:48:27 | 007,017,458 | ---- | C] () -- C:\Users\Ryder\Desktop\Siyah-s2-v5.0.1-CWM.zip
[2013.02.19 22:26:14 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.19 22:26:11 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.28 22:04:22 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.05.04 19:00:10 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2012.05.04 19:00:09 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2012.05.04 19:00:02 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2012.05.04 18:59:36 | 000,000,947 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2012.05.04 18:59:34 | 000,004,969 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2012.05.04 18:59:33 | 000,000,560 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2012.04.19 21:50:47 | 000,000,515 | ---- | C] () -- C:\Users\Ryder\AppData\Roaming\enigmarc.lua
[2012.04.03 11:21:47 | 001,496,010 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.03 08:31:41 | 000,007,670 | ---- | C] () -- C:\Users\Ryder\AppData\Local\resmon.resmoncfg
[2012.01.25 21:02:40 | 000,000,600 | ---- | C] () -- C:\Users\Ryder\AppData\Roaming\Ping Monitor_Settings.ini
[2011.10.31 11:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.10.31 11:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.10.31 11:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.10.31 11:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.10.31 11:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.08.23 01:36:49 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2011.08.14 21:42:10 | 000,000,318 | ---- | C] () -- C:\Windows\WPE PRO - modified.INI
[2011.07.31 23:03:26 | 000,000,318 | ---- | C] () -- C:\Windows\Shz Moo.INI
[2011.07.26 13:43:05 | 000,035,086 | ---- | C] () -- C:\Users\Ryder\config_mp.cfg
[2011.07.15 21:52:35 | 000,000,290 | ---- | C] () -- C:\Users\Ryder\AppData\Roaming\Current.prx

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011.03.09 21:25:14 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Allstar
[2012.02.05 16:43:36 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\ASUS
[2012.03.21 23:40:12 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\BlackBean
[2011.07.11 22:21:50 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Canneverbe Limited
[2011.04.27 20:46:45 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Canon
[2011.08.15 14:41:21 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Datalayer
[2012.04.18 00:09:16 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Dropbox
[2012.09.08 12:28:23 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\GameTracker
[2012.09.06 22:30:10 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\HLSW
[2011.08.15 14:48:46 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Nokia
[2011.11.06 17:02:34 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Nokia Multimedia Player
[2011.04.27 20:59:20 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\OpenOffice.org
[2011.07.18 14:43:24 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Opera
[2011.08.15 14:27:45 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\PC Suite
[2012.04.08 21:19:53 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Publish Providers
[2013.01.31 22:33:36 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Samsung
[2011.08.17 21:31:39 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Soldat
[2012.04.08 15:33:50 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Sony
[2011.12.07 20:21:28 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Spyware Terminator
[2012.04.10 14:37:59 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Temp
[2013.03.12 23:21:13 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\TS3Client
[2012.09.02 18:13:02 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\TZAC2
[2013.03.20 16:02:26 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.02.10 19:14:27 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.02.16 20:20:58 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000Core.job
[2013.02.16 20:20:59 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2597100678-3333478538-1327677117-1000UA.job
[2013.02.19 22:26:11 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.19 22:26:14 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
Nahoru
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

Re: ielowutil.exe

#4 Příspěvek od Ryder3.0 »

OTL.txt pokračování



< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012.06.02 06:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012.04.24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012.04.24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2012.06.04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012.04.24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012.06.02 06:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2012.04.24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012.06.02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.04.24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012.06.02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012.04.24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[60 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.04.08 21:28:22 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Adobe
[2011.03.09 21:25:14 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Allstar
[2012.12.26 11:18:53 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Apple Computer
[2012.02.05 16:43:36 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\ASUS
[2012.12.31 17:01:04 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Avira
[2012.03.21 23:40:12 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\BlackBean
[2011.07.11 22:21:50 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Canneverbe Limited
[2011.04.27 20:46:45 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Canon
[2011.08.15 14:41:21 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Datalayer
[2012.04.18 00:09:16 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Dropbox
[2012.06.08 21:55:16 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\dvdcss
[2012.04.24 11:02:38 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\FastStone
[2012.09.08 12:28:23 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\GameTracker
[2012.09.06 22:30:10 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\HLSW
[2011.03.07 15:02:00 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Identities
[2011.03.08 16:17:35 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Macromedia
[2011.12.04 13:04:14 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Media Center Programs
[2013.03.19 15:21:44 | 000,000,000 | --SD | M] -- C:\Users\Ryder\AppData\Roaming\Microsoft
[2013.02.24 19:24:53 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\mIRC
[2012.05.04 19:10:48 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Mozilla
[2011.08.15 14:48:46 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Nokia
[2011.11.06 17:02:34 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Nokia Multimedia Player
[2012.04.23 11:16:56 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\NVIDIA
[2011.04.27 20:59:20 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\OpenOffice.org
[2011.07.18 14:43:24 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Opera
[2011.08.15 14:27:45 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\PC Suite
[2012.04.08 21:19:53 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Publish Providers
[2013.01.31 22:33:36 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Samsung
[2013.03.19 18:09:05 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Skype
[2011.08.17 21:31:39 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Soldat
[2012.04.08 15:33:50 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Sony
[2011.12.07 20:21:28 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Spyware Terminator
[2012.04.10 14:37:59 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Temp
[2013.03.12 23:21:13 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\TS3Client
[2012.09.02 18:13:02 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\TZAC2
[2013.03.20 16:24:27 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\uTorrent
[2013.01.12 23:10:09 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\vlc
[2012.05.04 19:43:23 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Winamp
[2011.03.08 16:31:15 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\WinRAR
[2013.03.20 15:41:59 | 000,000,000 | ---D | M] -- C:\Users\Ryder\AppData\Roaming\Xfire

< %APPDATA%\*.exe /s >
[2012.02.15 00:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ryder\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.02.15 00:03:22 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ryder\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.03.29 10:31:30 | 000,106,408 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.03.29 10:31:30 | 000,101,288 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.03.29 10:31:30 | 000,021,416 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.04.04 06:05:14 | 000,954,256 | ---- | M] (Samsung) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.04.04 06:05:18 | 000,278,928 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.03.29 06:13:22 | 000,309,760 | ---- | M] (Samsung) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.04.04 06:05:16 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2011.10.31 11:23:28 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.03.29 06:11:58 | 000,297,984 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.03.29 06:12:02 | 000,694,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.04.04 06:05:20 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.03.29 06:11:38 | 000,106,920 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.03.29 06:11:38 | 000,101,288 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.04.04 06:05:26 | 000,183,696 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.04.04 06:05:28 | 000,021,392 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.04.04 06:05:30 | 003,570,312 | ---- | M] (Freeware) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2011.10.31 11:22:52 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2011.10.31 11:22:54 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.04.04 06:05:32 | 000,371,088 | ---- | M] (ml) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.03.29 06:10:58 | 024,161,656 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.07 06:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.07 06:25:04 | 000,278,968 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.07.30 06:17:50 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.07 06:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.07 06:11:30 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.07 06:17:30 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.07 06:12:24 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.07 06:25:06 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.07.30 06:17:10 | 000,057,344 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.03 07:42:04 | 000,106,960 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.03 07:42:04 | 000,101,328 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.07 06:25:10 | 000,183,736 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.07 06:25:12 | 000,021,432 | ---- | M] () -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.07 06:25:12 | 003,742,648 | ---- | M] (Freeware) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.07.30 06:16:46 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.07.30 06:16:46 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.07.30 06:16:18 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\System32\muzapp.exe
[2012.08.07 06:25:14 | 000,593,848 | ---- | M] (ml) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.07.30 06:16:14 | 024,164,152 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.04.04 06:05:32 | 000,371,088 | ---- | M] (ml) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.07 06:25:14 | 000,593,848 | ---- | M] (ml) -- C:\Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.19 00:45:15 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2013.03.19 00:45:15 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2013.03.19 00:45:16 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll
[2013.03.19 00:45:15 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2013.03.19 00:45:15 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2013.03.19 00:45:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2013.03.19 00:45:15 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2013.03.19 00:45:15 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2013.03.19 00:45:15 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2013.03.19 00:45:15 | 013,761,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2013.03.19 00:45:16 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2013.03.19 00:45:15 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2013.03.19 00:45:16 | 002,046,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2013.03.19 00:45:15 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2013.03.19 00:45:16 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2013.03.19 00:45:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2013.03.19 00:45:15 | 000,025,185 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2013.03.19 00:45:16 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2013.03.19 00:45:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2013.03.19 00:45:16 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2013.03.19 00:45:15 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2013.03.19 00:45:16 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2013.03.19 00:45:16 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2013.03.19 00:45:16 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2013.03.19 00:45:16 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2013.03.19 00:45:15 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2013.03.19 00:45:16 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2013.03.19 00:45:16 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2013.03.19 00:45:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2013.03.19 00:45:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2013.03.19 00:45:16 | 014,317,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2013.03.19 00:45:16 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2013.03.19 00:45:16 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2013.03.19 00:45:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2013.03.19 00:45:16 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll
[2013.03.19 00:45:16 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2013.03.19 00:45:16 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2013.03.19 00:45:16 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2013.03.19 00:45:16 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2013.03.19 00:45:16 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2013.03.19 00:45:16 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2013.03.19 00:45:15 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2013.03.19 00:45:15 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2013.03.19 00:45:16 | 001,129,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2013.03.19 00:45:16 | 000,523,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2013.03.19 00:45:16 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2013.03.19 00:45:16 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2013.03.19 00:45:16 | 001,766,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
Nahoru
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

Re: ielowutil.exe

#5 Příspěvek od Ryder3.0 »

OTL.txt pokračování 2



< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"uTorrent" = "D:\Programs\utorrent\uTorrent.exe" /MINIMIZED -- [2012.12.10 06:29:26 | 000,969,104 | ---- | M] (BitTorrent, Inc.)
"Google Update" = "C:\Users\Ryder\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.12.11 12:10:01 | 000,116,648 | ---- | M] (Google Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.20 15:54:26 | 000,000,512 | ---- | M] () MD5=B58112FFF5BDB79ACFFCA7D0B65AB6D1 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.11.08 20:27:12 | 000,001,197 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2011.11.08 20:27:12 | 000,001,197 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2012.08.01 15:38:02 | 000,011,930 | ---- | M] () -- \Users\Ryder\AppData\Roaming\uTorrent\DiRT-3-Crack-by-fallenskate.rar.torrent
[2012.04.09 16:30:24 | 000,002,779 | ---- | M] () -- \Users\Ryder\AppData\Roaming\uTorrent\mIRC v7.19 + Crack-Serials [ChattChitto RG].torrent
[2012.07.17 20:05:00 | 000,004,794 | ---- | M] () -- \Users\Ryder\AppData\Roaming\uTorrent\MIRC.v7.25.Cracked-EAT.torrent
[2012.04.12 23:35:26 | 006,586,717 | ---- | M] () -- \Users\Ryder\Desktop\Asphalt_6_Adrenaline_HD_Samsung_Galaxy_S_II_Cracked_tag3r.apk
[2010.09.10 17:29:44 | 010,040,496 | ---- | M] () -- \Users\Ryder\Desktop\vanďák songy\nelly ft ytcracker - grillz.mp3
[2009.12.06 12:07:14 | 006,946,944 | ---- | M] () -- \Users\Ryder\Desktop\VYBRAT songy\The Game Discography\DJ Skee & The Game - The Black Wall Street Journal Vol. 1\08 - 100 Bars Of Crack Feat. Ya Boy.mp3
[2009.12.06 17:53:42 | 006,038,713 | ---- | M] () -- \Users\Ryder\Desktop\VYBRAT songy\The Game Discography\The Game - Ghost Unit\04 - Crack Music (Remix) Feat. Kanye West.mp3

< *keygen* /s >
[2012.04.08 20:51:48 | 000,018,725 | ---- | M] () -- \Users\Ryder\AppData\Roaming\uTorrent\Sony Vegas Pro 8.0 + Keygen + Čeština.rar.torrent
[2010.05.02 13:34:48 | 002,829,150 | ---- | M] () -- \Users\Ryder\Desktop\vanďák songy\Keygen system Radajja.mp3
[2010.11.10 19:57:22 | 005,003,745 | ---- | M] () -- \Users\Ryder\Desktop\vanďák songy\10,11,10\Keygen kaotic tek n roll.mp3

< *loader* /s >
[2012.10.11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.11.01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.01 09:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.09.04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.09.04 23:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2010.06.07 20:11:08 | 000,006,262 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.04.27 20:57:01 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 20:19:10 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.04.27 20:57:10 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 15:21:40 | 000,003,874 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2011.11.08 20:27:02 | 000,021,364 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2011.11.08 20:27:01 | 000,003,916 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2011.11.08 20:27:02 | 000,021,364 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2011.11.08 20:27:01 | 000,003,916 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.03.30 11:24:00 | 000,069,120 | ---- | M] () -- \Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.04.04 06:05:26 | 000,183,696 | ---- | M] () -- \Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.03 01:11:20 | 000,069,120 | ---- | M] () -- \Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.08.07 06:25:10 | 000,183,736 | ---- | M] () -- \Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.03 01:11:20 | 000,069,120 | ---- | M] () -- \Users\Ryder\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Plugins\DeviceHost\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.14 14:06:21 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.14 14:06:21 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.14 14:06:21 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.14 14:06:21 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.14 14:06:21 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2010.06.08 17:32:12 | 007,860,890 | ---- | M] () -- \Users\Ryder\Desktop\vanďák songy\Hardstyle top 40 June 2010\(02) [Activator & Ricky Raw] Street Spirit.mp3

< *serial* /s >
[2013.01.24 20:09:36 | 000,434,264 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.13 13:25:13 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.01.24 22:32:40 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.13 13:25:41 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.04.09 16:30:24 | 000,002,779 | ---- | M] () -- \Users\Ryder\AppData\Roaming\uTorrent\mIRC v7.19 + Crack-Serials [ChattChitto RG].torrent
[2010.01.20 16:28:04 | 006,888,568 | ---- | M] () -- \Users\Ryder\Desktop\VYBRAT songy\CORSAIR\Hudba\SNOOP DOGG Greatest Hits\Serial Killer.mp3
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.10 14:25:55 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.01.10 14:20:27 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.14 16:13:47 | 001,499,648 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\CoreGraphics.XmlSer#\1f54fa4ef0d81f566ffb7cad1849689a\CoreGraphics.XmlSerializers.ni.dll
[2013.01.14 16:13:50 | 001,028,096 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\CoreUI.XmlSerialize#\846974b472bd5192115affae5a3ae718\CoreUI.XmlSerializers.ni.dll
[2013.01.10 14:25:17 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.01.10 14:23:13 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.14 16:11:16 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\518daa915c6d232fa5a3349972cc5199\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.14 16:11:11 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8834e734c13d53e65982db2a00563ce7\System.Runtime.Serialization.ni.dll
[2013.01.14 16:13:01 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\2252e5d4dad3601caba4860ae876954b\System.Xml.Serialization.ni.dll
[2013.01.16 09:22:23 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\0871d594472274679cfd39872b5681cf\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.16 09:22:14 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\896da6a8a6758c5d820c6a120fc867ea\System.Runtime.Serialization.ni.dll
[2013.01.16 09:35:23 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\85fd451da8da46f451729990194df10c\System.Xml.Serialization.ni.dll
[2011.04.06 15:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.amd64
[2011.04.06 15:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.x86
[2012.01.07 17:24:38 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.16 00:46:03 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.07 17:24:37 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.16 00:46:02 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.16 00:46:06 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.04.14 14:06:21 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.04.14 14:06:21 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86

< End of report >
Nahoru
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

Re: ielowutil.exe

#6 Příspěvek od Ryder3.0 »

Extras.txt


OTL Extras logfile created on: 20.3.2013 15:51:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ryder\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,80% Memory free
8,00 Gb Paging File | 5,92 Gb Available in Paging File | 74,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 15,11 Gb Free Space | 10,32% Space Free | Partition Type: NTFS
Drive D: | 319,18 Gb Total Space | 63,75 Gb Free Space | 19,97% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 29,93 Gb Free Space | 6,43% Space Free | Partition Type: NTFS
Drive G: | 614,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 595,52 Gb Total Space | 219,81 Gb Free Space | 36,91% Space Free | Partition Type: NTFS

Computer Name: RYDER-PC | User Name: Ryder | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2597100678-3333478538-1327677117-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programs\Mozilla12\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programs\Ms office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programs\VLC player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programs\VLC player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programs\Winamp-\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programs\Winamp-\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programs\Winamp-\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programs\Ms office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programs\VLC player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programs\VLC player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programs\Winamp-\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programs\Winamp-\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programs\Winamp-\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05211687-1B27-402A-B957-D77AD6ECAAD4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E454E03-76EB-44C9-9D25-30A6E75031F8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{23832D51-67CF-4152-AE94-B359C7340C00}" = lport=139 | protocol=6 | dir=in | app=system |
"{40A71E87-E43A-4597-AD9E-70A1B61BD560}" = lport=445 | protocol=6 | dir=in | app=system |
"{4210FAEB-8F84-4DDE-AE2D-2BDAA22475FD}" = lport=138 | protocol=17 | dir=in | app=system |
"{44A72EF3-A708-456D-A80B-120AB8C27286}" = rport=138 | protocol=17 | dir=out | app=system |
"{59D1038C-9A88-4D6E-91FD-B7A3A9394BA6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{698F9EB6-C741-43A5-8915-3295C374869B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7444149D-99F6-4A57-8D32-3D75EA6F3117}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7BAF995C-5E5D-4101-80E3-B0A8D533E71C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D20CA60-55E6-4CA1-A700-3096D111E7EF}" = rport=445 | protocol=6 | dir=out | app=system |
"{8953BDD5-05E3-45AD-B680-7542B3CD6A54}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9C16EDBC-6B12-4B35-897D-B24EBF967878}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E1B0C74-8E8C-4FE1-9D48-2913582370D3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9824D6A-71E6-404A-BD1C-42EBEA773FDB}" = rport=137 | protocol=17 | dir=out | app=system |
"{C5251F53-E7D7-4F3C-87CF-CBB734587587}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C589C59D-34E8-4C33-8B19-BB002CBDC151}" = rport=139 | protocol=6 | dir=out | app=system |
"{C9399441-D706-44B8-8449-3B5348320287}" = lport=6004 | protocol=17 | dir=in | app=d:\programs\ms office\office12\outlook.exe |
"{CB1522EE-E19C-4DC1-B845-A653F34C5971}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D868E516-4F66-4377-984E-7CAD8D6311D3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D8C6D07F-377B-48A3-A424-B4561E4F6A5C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5EA90D2-AFA6-43FB-AB9E-D1DCE52342BC}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06646E8E-1DFE-48A6-BCFA-2B0D487E6E2D}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{091D43F7-3997-41B0-978B-B8999BAAEED2}" = protocol=17 | dir=in | app=c:\users\ryder\appdata\roaming\dropbox\bin\dropbox.exe |
"{096061EC-D42E-4E5D-9CF3-70C1574193A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0989A896-BFF6-42C0-B923-B9D746030D28}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0CE4AEFD-3D18-4CCF-951D-48657C6CF55F}" = protocol=6 | dir=in | app=c:\users\ryder\appdata\roaming\dropbox\bin\dropbox.exe |
"{0D8F9A47-83AC-4C9D-A4A2-C2E4E221C84B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F02F3D4-4A2F-46A3-AEEA-72A654D209CD}" = protocol=6 | dir=in | app=d:\games\cod 4\iw3mp.exe |
"{0F932384-61FC-4938-AFED-CD6891C6A165}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1064506C-80F8-4479-A9F7-2D0D2A6AE982}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{131CFEB6-82BC-4C12-8AB2-33E22A468368}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{1592C314-A640-464B-9EC5-52A13A4CB754}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1E376621-292E-4380-9D9A-CCB481CE3422}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{2047CEB0-EDF3-4E8A-9311-EE17B97AB0AE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2D1941B3-F6E4-4577-9984-C0AFD5DA0526}" = protocol=6 | dir=out | app=system |
"{2E589053-D0BC-4C31-9296-DCC792170143}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E9B7332-D8AD-482F-BF4D-CD77F39DD3C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{38072544-E06A-4917-AFAA-1D7F3266DA6E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D47363C-1ADB-4509-8F0B-27307A1B7115}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{4F878584-C4FC-4795-9FA3-471C903F0BD7}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{52F866B4-FEE1-416A-B577-8585F631394D}" = protocol=17 | dir=in | app=d:\programs\utorrent\utorrent.exe |
"{6781E1EF-7DCB-4119-B239-602B5645FEFD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{72F8C799-7108-4ABE-9908-439E9CC0F667}" = protocol=6 | dir=in | app=d:\games\dirt3\dirt3_game.exe |
"{7550CCF3-F3EA-4037-8E20-431756837637}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{760058F6-1DCE-453D-A288-6F775E79CF5B}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{76AB1AE3-3273-4E75-AF51-B2E5934083C6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8D46C906-3DBE-42E1-8AE9-92EED6781B43}" = protocol=6 | dir=in | app=d:\programs\utorrent\utorrent.exe |
"{8F1526C1-1CD7-4D6B-AB85-D12231122C8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8FA79DB7-1C1F-4A96-8015-60229F68D8C7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91DE2A65-ACEA-4B05-8DA6-FDF1BBC85F96}" = protocol=17 | dir=in | app=d:\games\dirt3\dirt3_game.exe |
"{A7FA3C04-C02C-4AA5-AA1D-1E4D21BA93E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3214914-D3A3-4753-BBA2-7A8F547B9453}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{B7A7C9CF-AE32-485E-8439-E9B5191516C8}" = protocol=17 | dir=in | app=d:\games\cod 4\iw3mp.exe |
"{BD67546F-17F7-410D-BFED-433828B2FDD5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CC5C15FB-1911-48F2-97DC-009956A78A36}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CD7DFAFA-CAEB-4217-AC9E-D6A604DC0BF9}" = dir=in | app=d:\programs\skype\phone\skype.exe |
"{DC6938D8-4143-44D5-9155-814F6A3FCFCC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E0CA19E9-07A2-4C1E-BFE0-B914735B5B3A}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{E790123F-C63B-4DCC-AA14-0FCFED0AF4EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EE1CD721-E843-423E-B4EC-961D6205C051}" = protocol=1 | dir=in | name=hlsw icmp |
"{F7319B9C-5C5B-4B9F-87FD-6F13024EDEF5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F9B7407C-4C77-441C-8573-50162C7FE750}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FCE5A2B8-E0BB-4E97-AF47-B46D191C00E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{056B8A55-B449-467A-8220-E95AF11E2A9E}D:\programs\hlsw\hlsw\hlsw.exe" = protocol=6 | dir=in | app=d:\programs\hlsw\hlsw\hlsw.exe |
"TCP Query User{2208BC96-6429-4AFD-8AB5-90AF57205E5A}D:\programs\opera\opera.exe" = protocol=6 | dir=in | app=d:\programs\opera\opera.exe |
"TCP Query User{3E9FE2C4-5090-4F20-8F25-6F86DE2D4E60}C:\program files (x86)\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"TCP Query User{40CDAFC6-38E5-4971-8A03-C1F45248DDA4}F:\torrent\mirc.v7.25.cracked-eat\crack\mirc.exe" = protocol=6 | dir=in | app=f:\torrent\mirc.v7.25.cracked-eat\crack\mirc.exe |
"TCP Query User{547D31A2-5AA2-4F90-AC91-630852D47C17}D:\programs\mozilla12\plugin-container.exe" = protocol=6 | dir=in | app=d:\programs\mozilla12\plugin-container.exe |
"TCP Query User{7184BA38-A871-4EA4-B314-FBABAF1AFA21}D:\games\soldatek\soldat\soldat.exe" = protocol=6 | dir=in | app=d:\games\soldatek\soldat\soldat.exe |
"TCP Query User{756C702F-57E3-41D3-8855-0CB5F3C62D09}D:\games\cod 4\iw3mp.exe" = protocol=6 | dir=in | app=d:\games\cod 4\iw3mp.exe |
"TCP Query User{81268E79-3DC0-4F5F-ACF5-B599D4874BC9}C:\program files (x86)\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"TCP Query User{8419EF1D-36BE-4790-A87E-F55C1ECFB068}D:\programs\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\programs\xfire\xfire.exe |
"TCP Query User{8C0B0825-7661-4249-BDF8-FBBF1B221447}D:\programs\qip-2.6\qip\qip.exe" = protocol=6 | dir=in | app=d:\programs\qip-2.6\qip\qip.exe |
"TCP Query User{A55A3286-5B84-40B9-AABC-549DCB9F7ECC}D:\programs\atube catcher\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=d:\programs\atube catcher\atube catcher 2.0\yct.exe |
"TCP Query User{C005D8DA-29A0-42EC-A6BF-9A7748397E07}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{CA5B5CF0-653A-4C77-84B6-326E056BA96D}C:\users\ryder\desktop\programs\codík\mirc.exe" = protocol=6 | dir=in | app=c:\users\ryder\desktop\programs\codík\mirc.exe |
"TCP Query User{E675CF3F-7723-4ADA-9356-7475B750E93E}D:\programs\xfire-beta\xfire2\xfire.exe" = protocol=6 | dir=in | app=d:\programs\xfire-beta\xfire2\xfire.exe |
"TCP Query User{EF0E7B36-AD5C-44D8-BA2D-A8D01880317E}D:\programs\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\programs\xfire\xfire.exe |
"UDP Query User{0B4CB43E-6825-408A-8BC2-9EB8F732BA9E}C:\program files (x86)\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"UDP Query User{1FB180FA-62C4-47F7-9304-CC9721D9ABE2}F:\torrent\mirc.v7.25.cracked-eat\crack\mirc.exe" = protocol=17 | dir=in | app=f:\torrent\mirc.v7.25.cracked-eat\crack\mirc.exe |
"UDP Query User{47C1394D-3458-4F56-9EE1-001BC97221FF}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{6541BAC6-7AAB-4569-BA60-C638B8F90227}C:\program files (x86)\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qip\qip.exe |
"UDP Query User{739171F8-F776-4F71-A2FB-95CA542A5CAF}D:\programs\opera\opera.exe" = protocol=17 | dir=in | app=d:\programs\opera\opera.exe |
"UDP Query User{886BBEE1-7053-4B27-9CF8-3300EF9CE06C}D:\programs\mozilla12\plugin-container.exe" = protocol=17 | dir=in | app=d:\programs\mozilla12\plugin-container.exe |
"UDP Query User{88B812CD-D5CE-4C8A-A957-E6BDAD1752B2}D:\programs\xfire-beta\xfire2\xfire.exe" = protocol=17 | dir=in | app=d:\programs\xfire-beta\xfire2\xfire.exe |
"UDP Query User{89BF98FE-3328-4715-BC70-89F8D2D6D7D9}C:\users\ryder\desktop\programs\codík\mirc.exe" = protocol=17 | dir=in | app=c:\users\ryder\desktop\programs\codík\mirc.exe |
"UDP Query User{910263ED-07D2-4257-AF03-952F6CB60ECC}D:\programs\qip-2.6\qip\qip.exe" = protocol=17 | dir=in | app=d:\programs\qip-2.6\qip\qip.exe |
"UDP Query User{BC52BF16-CBB8-49AC-84FE-8000B2D03856}D:\programs\hlsw\hlsw\hlsw.exe" = protocol=17 | dir=in | app=d:\programs\hlsw\hlsw\hlsw.exe |
"UDP Query User{D0D66DDB-60E3-4FD6-94E3-3D15B31C881C}D:\games\cod 4\iw3mp.exe" = protocol=17 | dir=in | app=d:\games\cod 4\iw3mp.exe |
"UDP Query User{D2667977-3C6C-4E86-B2A4-DE2CFF25905B}D:\programs\atube catcher\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=d:\programs\atube catcher\atube catcher 2.0\yct.exe |
"UDP Query User{DC86E243-1A31-414E-A489-930A89F3FAD2}D:\games\soldatek\soldat\soldat.exe" = protocol=17 | dir=in | app=d:\games\soldatek\soldat\soldat.exe |
"UDP Query User{F4EA6A85-64A5-44E8-9ED6-CF435C97B56A}D:\programs\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\programs\xfire\xfire.exe |
"UDP Query User{F6B8D571-7792-44C2-81FE-6425921A660C}D:\programs\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\programs\xfire\xfire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"C-Media Oxygen HD Audio Driver" = ASUS Xonar DX Audio Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E445925-273D-4186-88A0-B8D1B6B119E2}" = WRC FIA World Rally Championship
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{27307A16-0624-4AB8-A9EB-76FE8199F92A}" = Open Design Alliance DWGdirectX V2
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{434D0FA0-1558-4D8E-AC3D-BD1000008400}" = DiRT 3
"{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1" = Xfire 2.0 Beta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CE541B-52BD-4FA1-8CD6-19341939AB21}" = Richard Burns Rally
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_STANDARD_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_STANDARD_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.044
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B6E3F2A0-DDBB-4F0A-BA7C-09138605DDAC}" = WRC FIA World Rally Championship
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FCFCFCFC-FCFC-FCFC-FCFC-FCFCFCFCFCFC}_is1" = DiRT 3 Profile Import version 1.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira Free Antivirus
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CoD RconTool" = CoD RconTool
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FeedReader_is1" = FeedReader
"Final Fantasy 8_is1" = Final Fantasy 8 v1.2.31 reloaded
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"GameTracker Lite" = GameTracker Lite
"Gaming Mouse" = Gaming Mouse
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008400}" = DiRT 3
"Goalzone" = Goalzone
"HD Tune_is1" = HD Tune 2.55
"HLSW_is1" = HLSW v1.4.0.2
"InstallShield_{72CE541B-52BD-4FA1-8CD6-19341939AB21}" = Richard Burns Rally
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.2" = Canon MP Navigator EX 1.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Design Alliance DWGdirectX V2" = Open Design Alliance DWGdirectX V2
"OpenAL" = OpenAL
"PCschematic Elautomation Education" = PCschematic® ELautomation Education 10.0
"PowerISO" = PowerISO
"Proxifier_is1" = Proxifier version 2.91
"Registrace uživatele zařízení Canon MP190 series" = Registrace uživatele zařízení Canon MP190 series
"Seismovision 3" = Seismovision 3 (remove only)
"Soldat_is1" = Soldat 1.5.0
"STANDARD" = Microsoft Office Standard 2007
"The KMPlayer" = The KMPlayer (remove only)
"TZAC ANTICHEAT" = TZAC ANTICHEAT 2
"UnLock Root" = UnLock Root 2.22
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.2
"Winamp" = Winamp
"XfireCodec" = Xfire Codec (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2597100678-3333478538-1327677117-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Opera 11.64.1403" = Opera 11.64
"QIP 2005" = QIP 2005 8097
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.10.2012 13:11:05 | Computer Name = Ryder-PC | Source = Application Hang | ID = 1002
Description = Program UTORRENT.EXE verze 3.2.0.27886 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1068 Čas spuštění: 01cda3dbe6bf7bd3 Čas ukončení: 15951 Cesta k aplikaci: D:\PROGRAMS\UTORRENT\UTORRENT.EXE

ID
hlášení: bf9eae58-0fd8-11e2-8701-00241dde3a65

Error - 11.10.2012 10:15:49 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: gamemod.tzac, verze: 0.0.0.0, časové razítko:
0x507481a5 Kód výjimky: 0x80000004 Posun chyby: 0x0004aedd ID chybujícího procesu:
0xa40 Čas spuštění chybující aplikace: 0x01cda7bae7fda04b Cesta k chybující aplikaci:
D:\Games\Cod 4\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Ryder\AppData\Roaming\TZAC2\gamemod.tzac
ID
zprávy: 27cab1cd-13ae-11e2-8cd1-00241dde3a65

Error - 11.10.2012 10:16:36 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: gamemod.tzac, verze: 0.0.0.0, časové razítko:
0x507481a5 Kód výjimky: 0x80000004 Posun chyby: 0x0004aedd ID chybujícího procesu:
0x10dc Čas spuštění chybující aplikace: 0x01cda7bb033aae65 Cesta k chybující aplikaci:
D:\Games\Cod 4\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Ryder\AppData\Roaming\TZAC2\gamemod.tzac
ID
zprávy: 435e1e8b-13ae-11e2-8cd1-00241dde3a65

Error - 11.10.2012 10:17:14 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: gamemod.tzac, verze: 0.0.0.0, časové razítko:
0x507481a5 Kód výjimky: 0x80000004 Posun chyby: 0x0004aedd ID chybujícího procesu:
0x1058 Čas spuštění chybující aplikace: 0x01cda7bb1a29fd1d Cesta k chybující aplikaci:
D:\Games\Cod 4\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Ryder\AppData\Roaming\TZAC2\gamemod.tzac
ID
zprávy: 5a518c03-13ae-11e2-8cd1-00241dde3a65

Error - 11.10.2012 10:19:51 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: gamemod.tzac, verze: 0.0.0.0, časové razítko:
0x507481a5 Kód výjimky: 0x80000004 Posun chyby: 0x0004aedd ID chybujícího procesu:
0xbc0 Čas spuštění chybující aplikace: 0x01cda7bb77ed48c4 Cesta k chybující aplikaci:
D:\Games\Cod 4\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Ryder\AppData\Roaming\TZAC2\gamemod.tzac
ID
zprávy: b7f14994-13ae-11e2-8cd1-00241dde3a65

Error - 11.10.2012 11:08:53 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: gamemod.tzac, verze: 0.0.0.0, časové razítko:
0x507481a5 Kód výjimky: 0x80000004 Posun chyby: 0x0004aedd ID chybujícího procesu:
0xa50 Čas spuštění chybující aplikace: 0x01cda7c2517aeebd Cesta k chybující aplikaci:
D:\Games\Cod 4\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Ryder\AppData\Roaming\TZAC2\gamemod.tzac
ID
zprávy: 91a62730-13b5-11e2-8cd1-00241dde3a65

Error - 3.11.2012 10:21:32 | Computer Name = Ryder-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 3.11.2012 10:21:34 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: RSS čtečka.exe, verze: 1.0.0.0, časové razítko:
0x4f942293 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x006722bc ID chybujícího procesu: 0x1084 Čas spuštění
chybující aplikace: 0x01cdb9ce84320baf Cesta k chybující aplikaci: C:\Users\Ryder\Desktop\rss_ctecka_v1.0\RSS
čtečka.exe Cesta k chybujícímu modulu: unknown ID zprávy: c4e2a2b5-25c1-11e2-b7a4-00241dde3a65

Error - 6.11.2012 19:33:28 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 16.0.2.4680, časové
razítko: 0x50882871 Název chybujícího modulu: xul.dll, verze: 16.0.2.4680, časové
razítko: 0x508827d6 Kód výjimky: 0xc0000005 Posun chyby: 0x00130ef7 ID chybujícího
procesu: 0x2cc Čas spuštění chybující aplikace: 0x01cdbc43f747af29 Cesta k chybující
aplikaci: D:\Programs\Mozilla12\firefox.exe Cesta k chybujícímu modulu: D:\Programs\Mozilla12\xul.dll
ID
zprávy: 5d5f5a56-286a-11e2-b90c-00241dde3a65

Error - 8.11.2012 21:03:16 | Computer Name = Ryder-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x000c001c ID chybujícího procesu: 0x1bd4 Čas spuštění
chybující aplikace: 0x01cdbe15bf8bbea0 Cesta k chybující aplikaci: D:\Games\Cod
4\iw3mp.exe Cesta k chybujícímu modulu: unknown ID zprávy: 3dc11191-2a09-11e2-9d52-00241dde3a65

[ System Events ]
Error - 17.3.2013 10:26:14 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 10:26:14 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 10:26:14 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 10:26:14 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 10:26:14 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 10:26:18 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 10:26:18 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 10:26:18 | Computer Name = Ryder-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 17.3.2013 11:01:29 | Computer Name = Ryder-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:28:20, ?17.?3.?2013) bylo neočekávané.

Error - 31.12.2008 19:01:41 | Computer Name = Ryder-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:02:29, ?17.?3.?2013) bylo neočekávané.


< End of report >
Nahoru
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

Re: ielowutil.exe

#7 Příspěvek od Ryder3.0 »

Samé cracky


Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.20.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
Ryder :: RYDER-PC [administrátor]

Ochrana: Zakázána

20.3.2013 17:23:01
MBAM-log-2013-03-20 (19-09-11).txt

Typ: Kompletní kontrola (C:\|D:\|F:\|I:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 476500
Uplynulý čas: 1 hodin, 45 minut, 22 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 11
D:\Games\Dirt3\paul.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
D:\Games\Dirt3\SKIDROW.dll (Trojan.Downloader.H) -> Nebyla provedena žádná instrukce.
I:\HRY pc\Battlefield bad company2\Crack + Keygen\rld-bbc2.exe (RiskWare.Tool.HCK) -> Nebyla provedena žádná instrukce.
I:\HRY pc\Call of duty 4\crack\rzr-cod4.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
I:\HRY pc\crysis_warhead\keygen\fff-ea180.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
I:\HRY pc\Dirt3\DiRT-3-Crack-by-fallenskate\paul.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
I:\HRY pc\Dirt3\DiRT-3-Crack-by-fallenskate\SKIDROW.dll (Trojan.Downloader.H) -> Nebyla provedena žádná instrukce.
I:\HRY pc\Koci hry\Dirt 3\SKIDROW\paul.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
I:\HRY pc\Koci hry\Dirt 3\SKIDROW\SKIDROW.dll (Trojan.Downloader.H) -> Nebyla provedena žádná instrukce.
I:\mix\RARka+instalatory\DRIVERY&programy\TuneUp\TuneUp.Utilities.2010.v9.0.2000.16\TuneUp.Utilities.2010.v9.0.2000.16.Keymaker.Only-CORE\keygen.exe (RiskWare.Tool.HCK) -> Nebyla provedena žádná instrukce.
I:\PLOCHA\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.

(konec)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: ielowutil.exe

#8 Příspěvek od Márty84 »

No je jich pozehnane :roll:


:???: Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

Re: ielowutil.exe

#9 Příspěvek od Ryder3.0 »

Doposud se mě na to nikdy, nikdo, nikde neptal. Nevím v čem a jak to hraje roli, ale systém jsem já osobně nekupoval, také neříkám, že je ilegální. Samozřejmě uvažuji o instalaci win2000, to bude asi nejlepší :?: Předem děkuji za pomoc, při odvirování počítače
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: ielowutil.exe

#10 Příspěvek od Márty84 »

Vsechno je jednou poprve :)

V logu je jasne videt crack na windows. Roli to hraje dost podstatnou.

Pravidla fora totiz hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
:39:


Nelegalni system a ta hromada cracku, to se rozhodne neslucuje s rankem Vzorny navstevnik. Proto vam bude odebran.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Ryder3.0
5. stupeň - BAN
Příspěvky: 62
Registrován: 24 dub 2010 19:38
Kontaktovat uživatele:
Kontaktovat uživatele Ryder3.0

Re: ielowutil.exe

#11 Příspěvek od Ryder3.0 »

Ten stejný systém mám od dob, co toto fórum navštěvuji. Nevím proč se mě ptáte, jestli je v systému crack, když to sám víte lépe. To potom nechápu, proč sem děkoval předem za pomoc, stydím se.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: ielowutil.exe

#12 Příspěvek od Márty84 »

Ja vim, koukal jsem se na minule prispevky. Mel jste proste dlouho stesti, ze nikdo nechtel tento konkretni log.
A proc jsem se ptal, i kdyz to vim? Chtel jsem vedet, zda to priznate.
Tentokrat jste, bohuzel pro vas, dekoval predem zbytecne. Je mi lito :closed:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“