kontrola logu asi viry

Zpráva

cart3 · #16 Příspěvek od **cart3** » 03 bře 2012 17:13

nic schvalne tam nemam C:\Program Files (x86)\Sondle Software\ScrKlg\RunSvc.exe zkusim

neznam

#17 Příspěvek od **Márty84** » 03 bře 2012 17:56

Zkuste.
A pak dejte i ten log z OTL

cart3 · #18 Příspěvek od **cart3** » 04 bře 2012 07:49

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\$WINDOWS.~BT\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\$WINDOWS.~BT\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\$WINDOWS.~BT\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\$WINDOWS.~BT\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\$WINDOWS.~BT\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.01.18 21:08:50 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\.minecraft
[2010.12.25 12:17:40 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Adobe
[2010.10.03 18:00:06 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ATI
[2012.02.18 05:28:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Audacity
[2011.10.06 22:47:21 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\AVG
[2011.02.20 15:57:40 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\AVS4YOU
[2010.12.03 00:44:44 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Bioshock
[2011.06.25 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Bioshock2
[2010.10.15 19:20:42 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\bizarre creations
[2010.10.15 22:07:32 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\BlackBean
[2011.06.04 21:48:01 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.06.02 12:34:04 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Command and Conquer 4
[2010.10.14 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\CyberLink
[2012.02.26 21:11:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\DAEMON Tools Lite
[2011.05.05 17:40:55 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Digiarty
[2011.03.14 07:20:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\dvdcss
[2010.10.02 20:40:01 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ESET
[2011.10.14 01:33:05 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Genie-Soft
[2011.11.24 12:26:07 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\GetRightToGo
[2011.03.12 15:50:08 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\GHISLER
[2011.07.18 22:06:29 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\gnupg
[2010.10.06 19:44:48 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Hamachi
[2010.10.02 17:56:53 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Identities
[2011.11.17 23:24:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\InstallShield
[2010.10.14 09:21:15 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\KWorld Multimedia
[2010.11.12 12:53:40 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Leawo
[2010.10.02 18:44:45 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Macromedia
[2010.10.27 21:47:03 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Malwarebytes
[2012.03.03 15:54:33 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Maxthon3
[2009.07.14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Media Center Programs
[2011.10.14 01:20:06 | 000,000,000 | --SD | M] -- C:\Users\CART\AppData\Roaming\Microsoft
[2011.06.20 00:34:08 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mirillis
[2012.02.26 08:23:07 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Moyea
[2012.02.12 05:19:52 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mozilla
[2012.02.26 15:14:06 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mp3 Audio Editor
[2011.01.30 21:14:02 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\NCH Software
[2010.10.17 00:12:54 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Nero
[2010.11.28 23:49:26 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Opera
[2011.06.25 15:13:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ProtectDISC
[2011.05.13 18:49:35 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Real
[2011.05.28 22:00:54 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Red Alert 3
[2011.01.20 23:17:47 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\SecuROM
[2011.03.12 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Sierra Entertainment
[2011.06.07 22:32:51 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Simnet
[2012.02.26 07:13:28 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Skype
[2011.12.23 19:05:13 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\skypePM
[2011.10.05 01:20:25 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Sondle Soft
[2012.02.26 07:04:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\systweak
[2011.03.26 09:32:03 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\The Creative Assembly
[2010.10.27 22:01:39 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Thunderbird
[2010.10.20 00:44:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\URSoft
[2012.03.03 16:31:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\uTorrent
[2011.10.29 18:58:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\vlc
[2012.01.15 20:54:39 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\wargaming.net
[2010.10.02 23:09:49 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\WinRAR
[2012.03.03 04:32:56 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\XnView
[2012.03.03 02:20:24 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_1E02B3D8732010A792DC8B.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_21F3885A18D238E15AAE81.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_415493353D745EEA216D94.exe
[2011.06.20 00:33:38 | 000,009,662 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_57171CA7761BF4A88F7E34.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_6FEFF9B68218417F98F549.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_806048DC66200FE6D24FF3.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_85972F4A73DF7EADFBAFC2.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_934312A2105DE40686D86A.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_A5279446A5A2E345996804.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_A753214149FB4F8721C1CB.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_A7A1F24988209FFD6FF84A.exe
[2011.06.20 00:33:39 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_BD3CC5E8F02CE8257CF964.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_C7D4D81C64CE2B2A005D42.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_C7EFEC170C2E3BE8B9D183.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_CF15DB293FB3ABD44856FB.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_D707CE1C009F1381803C2C.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_FD8B6BA922FF5C34868F02.exe
[2011.01.30 20:42:01 | 000,069,944 | R--- | M] (Macrovision Corporation) -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3D587291-A4D7-4D0B-AB47-F322D24402D8}\New_Shortcut_S1418_E404E3F7ABAD4D71949F30D2A9D5566C.exe
[2011.01.01 02:04:28 | 000,010,134 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2007.08.29 15:36:00 | 000,110,592 | ---- | M] () -- C:\Users\CART\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe
[2007.11.27 08:41:32 | 000,405,504 | ---- | M] () -- C:\Users\CART\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.03.01 20:59:05 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.03 17:16:16 | 000,000,512 | ---- | M] () MD5=AF21D813AD2D7DA624AF7548D9E46A0B -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.04.24 09:22:14 | 006,638,616 | R--- | M] () -- \hry files\Euro\Radio\Radio Bot\Fix the Cracks - Humanzi.mp3
[2012.02.26 19:29:24 | 000,001,406 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackfound.com%2Ffavicon.ico
[2012.02.26 19:30:06 | 000,001,150 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackserialcodes.com%2Ffavicon.ico
[2012.02.26 19:28:41 | 000,001,150 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackserialkeygen.com%2Ffavicon.ico
[2012.02.26 19:29:24 | 000,000,113 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackfound.com.idx
[2012.02.26 19:30:06 | 000,000,148 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackserialcodes.com.idx
[2012.02.26 19:28:41 | 000,000,102 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackserialkeygen.com.idx
[2012.02.26 08:24:59 | 000,000,802 | ---- | M] () -- \Users\CART\AppData\Roaming\Microsoft\Windows\Recent\Mp3.Audio.Editor.v7.3.1+%2B+Crack.lnk
[2011.10.05 02:23:00 | 000,000,354 | ---- | M] () -- \Users\CART\AppData\Roaming\uTorrent\E-mail Password Cracker 2010 V1.0.rar.torrent
[2011.09.20 16:43:09 | 000,041,743 | ---- | M] () -- \Users\CART\AppData\Roaming\uTorrent\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM.torrent
[2010.10.21 00:54:28 | 005,209,629 | ---- | M] () -- \Users\CART\Desktop\B.A.T.D\Nová složka (2)\Crack GTA IV Razor 1911.rar
[2010.10.21 00:57:46 | 037,751,764 | ---- | M] () -- \Users\CART\Desktop\B.A.T.D\Nová složka (2)\GTA IV patch 1.0.2.0 + NO - CD Crack (Razor 1911).zip
[2010.01.24 07:45:48 | 000,000,706 | ---- | M] () -- \Users\CART\Desktop\COH\company iof heroes\Company of Heroes\Eastern_Front\Data\sound\weapons\ppsh41\ppsh41_whipcrack.bsc
[2010.01.24 07:45:48 | 000,000,706 | ---- | M] () -- \Users\CART\Desktop\COH\company iof heroes\Eastern_Front\Data\sound\weapons\ppsh41\ppsh41_whipcrack.bsc
[2011.06.25 15:13:00 | 000,881,609 | ---- | M] () -- \Users\CART\Desktop\cracks\air crack.7z
[2010.10.31 16:41:13 | 008,472,483 | ---- | M] () -- \Users\CART\Desktop\MP3 SLOZKY VSE\TOP DNB\Brookes Brothers Crackdown (Shock One Remix).mp3
[2012.02.26 08:24:59 | 014,320,851 | ---- | M] () -- \Users\CART\Desktop\UMB.REW\Mp3.Audio.Editor.v7.3.1+%2B+Crack.rar
[2012.02.26 04:58:05 | 006,416,228 | ---- | M] () -- \Users\CART\Desktop\UMB.REW\Power-Mp3-Editor-Deluxe-Pro-2004---digital-audio-editor+CRACK.zip
[2004.05.06 18:46:36 | 000,001,002 | ---- | M] () -- \Users\CART\Desktop\UMB.REW\Power-Mp3-Editor-Deluxe-Pro-2004---digital-audio-editor+CRACK\Power Mp3 Editor Deluxe Pro 2004 CRACK.rar
[2012.03.01 21:09:30 | 000,315,178 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\ADBE_CRACK - 32bit.rar
[2012.03.01 21:09:15 | 000,377,747 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\ADBE_CRACK - 64bit.rar
[2011.09.20 17:37:14 | 000,002,799 | ---- | M] () -- \Users\CART\Downloads\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM.txt
[2011.09.14 05:32:25 | 005,021,038 | ---- | M] () -- \Users\CART\Downloads\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\red\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\Crack.rar

< *keygen* /s >
[2012.02.26 19:26:07 | 000,000,318 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico
[2012.02.26 19:28:41 | 000,001,150 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackserialkeygen.com%2Ffavicon.ico
[2012.02.26 19:26:07 | 000,000,070 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\keygens.nl.idx
[2012.02.26 19:28:41 | 000,000,102 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackserialkeygen.com.idx
[2000.10.30 08:32:48 | 000,025,088 | ---- | M] () -- \Users\CART\Desktop\hry\red-alert2-portable-jonathan-pack\redalert2_portable\redalert2_portable\redalert2_portable\Keygen.exe
[2000.11.01 02:13:38 | 000,002,293 | ---- | M] () -- \Users\CART\Desktop\hry\red-alert2-portable-jonathan-pack\redalert2_portable\redalert2_portable\redalert2_portable\keygen.nfo
[2012.03.01 21:09:31 | 000,063,365 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe
[2012.03.01 21:09:31 | 000,003,121 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\KeyGen-Readme.txt

< *loader* /s >
[2009.07.14 13:25:34 | 000,223,744 | R--- | M] () -- \$WINDOWS.~BT\Sources\upgloader.dll
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \$WINDOWS.~BT\Sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe
[2009.07.14 13:25:34 | 000,024,064 | R--- | M] () -- \$WINDOWS.~BT\Sources\cs-cz\upgloader.dll.mui
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \$WINDOWS.~BT\Windows\SETUP\SCRIPTS\Windows7Loader.exe
[2009.07.14 02:03:49 | 000,003,584 | ---- | M] () -- \$WINDOWS.~BT\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 04:43:26 | 000,002,883 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 04:43:26 | 000,034,896 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 04:43:26 | 000,030,272 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 03:06:56 | 000,004,225 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 03:06:56 | 000,507,568 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009.07.14 03:06:56 | 000,442,920 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009.07.14 04:43:01 | 000,002,883 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 02:03:49 | 000,003,584 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.12 04:58:25 | 001,546,384 | ---- | M] () -- \Casino\EuroGrand Casino\data\loader.dll
[2012.02.12 04:58:23 | 000,006,783 | ---- | M] () -- \Casino\EuroGrand Casino\data\loader.gam
[2010.08.18 14:42:30 | 000,000,115 | ---- | M] () -- \hry files\audio\audio_loader.xml
[2010.08.18 14:48:52 | 000,000,342 | ---- | M] () -- \hry files\scenes\garage_loader.xml
[2010.08.18 14:48:52 | 000,001,042 | ---- | M] () -- \hry files\scenes\paddock_gameloader.xml
[2010.08.18 14:48:52 | 000,000,645 | ---- | M] () -- \hry files\scenes\paddock_loader.xml
[2010.08.18 14:48:52 | 000,000,532 | ---- | M] () -- \hry files\scenes\paddock_unloader.xml
[2010.08.18 14:48:54 | 000,000,478 | ---- | M] () -- \hry files\scenes\pitstop_loader.xml
[2010.08.18 14:48:54 | 000,000,514 | ---- | M] () -- \hry files\scenes\pitstop_unloader.xml
[2010.08.18 14:48:56 | 000,001,341 | ---- | M] () -- \hry files\scenes\trackside_garage_loader.xml
[2010.08.18 14:48:56 | 000,000,854 | ---- | M] () -- \hry files\scenes\trackside_garage_reloader.xml
[2011.12.13 18:49:23 | 000,000,147 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2011.03.09 04:59:58 | 000,036,917 | ---- | M] () -- \Program Files (x86)\iOrgSoft\AVCHD Video Converter\Skins\Default\Loader.png
[2011.09.02 06:59:02 | 000,056,640 | ---- | M] () -- \Program Files (x86)\Maxthon3\Bin\MxAppLoader.exe
[2011.11.10 11:21:36 | 000,762,688 | ---- | M] () -- \Program Files (x86)\Maxthon3\Bin\MxDownloader.dll
[2011.11.02 08:54:36 | 000,014,757 | ---- | M] () -- \Program Files (x86)\Maxthon3\Modules\MxMiniThunder\Skin\downloader.xml
[2009.11.12 13:50:16 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.11.12 14:10:52 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.02.02 05:44:40 | 000,016,896 | ---- | M] () -- \Program Files (x86)\Sondle Software\ScrKlg\ObjLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer1431\ImLoader.dll
[2011.12.06 13:06:24 | 000,429,568 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.12.06 13:06:24 | 000,319,488 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2011.12.06 13:06:40 | 000,444,416 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.12.06 13:06:40 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2011.03.08 17:09:04 | 000,194,048 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2010.11.11 12:07:12 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\en\ZPSPicasaUploader.resources.dll
[2011.12.21 18:07:52 | 000,102,792 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.12.21 18:08:06 | 000,016,776 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2010.03.15 10:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.02.05 13:22:02 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.02.05 13:22:02 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.11.09 15:03:06 | 000,000,673 | ---- | M] () -- \Users\CART\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_19864\CRX_INSTALL\Media\ajax-loader.gif
[2011.10.05 01:02:51 | 000,000,000 | ---- | M] () -- \Users\CART\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Keylogger.data
[2011.10.05 01:03:39 | 000,000,000 | ---- | M] () -- \Users\CART\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Password_Finder.data
[2011.10.05 01:01:58 | 000,000,000 | ---- | M] () -- \Users\CART\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Wireless_Key_Generator.data
[2011.10.10 12:19:30 | 000,010,144 | ---- | M] () -- \Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\conduitCommon\modules\3.7.0.6\ExternalLibraryLoader.jsm
[2012.01.18 20:09:14 | 000,010,144 | ---- | M] () -- \Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\modules\ExternalLibraryLoader.jsm
[2010.07.17 17:35:58 | 003,726,063 | ---- | M] () -- \Users\CART\Desktop\KOTATKO SD\90. leta\Toploader - Dancing In The Moonlight.mp3
[2011.09.23 04:13:36 | 000,003,208 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\openfeint\webui\images\loader.gif
[2011.01.07 22:09:32 | 000,585,728 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\Vsechno\HTC Sync 3.0\htcUPCTLoader.exe
[2011.01.07 22:09:32 | 000,000,108 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\Vsechno\HTC Sync 3.0\htcUPCTLoader.ini
[2011.01.19 19:13:46 | 000,003,208 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\Vsechno\openfeint\webui\images\loader.gif
[2009.07.14 13:25:34 | 000,223,744 | ---- | M] () -- \Users\CART\Desktop\Nová složka\sources\upgloader.dll
[2009.07.14 13:25:34 | 002,202,645 | ---- | M] () -- \Users\CART\Desktop\Nová složka\sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe
[2009.07.14 13:25:34 | 000,024,064 | ---- | M] () -- \Users\CART\Desktop\Nová složka\sources\cs-cz\upgloader.dll.mui
[2010.09.22 13:16:48 | 000,005,273 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2012.02.13 19:51:52 | 000,003,208 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AC185JFB\ajax_loader[1].gif
[2011.11.05 20:38:05 | 000,006,494 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\avg@toolbar\modules\skin\ajax-loader.gif
[2011.11.05 20:38:05 | 000,000,729 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\avg@toolbar\modules\skin\loader.gif
[2011.02.05 20:33:50 | 000,001,891 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\Temporary Internet Files\Content.IE5\V37F6T9V\preloader[1].js
[2011.02.05 20:33:54 | 000,002,931 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\Temporary Internet Files\Content.IE5\V37F6T9V\preloader[1].swf
[2011.09.13 14:07:31 | 000,063,256 | ---- | M] () -- \Users\CART\Downloads\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\red\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2010.01.28 22:52:11 | 010,750,324 | ---- | M] () -- \Users\CART\Downloads\Windows 7 Home Premium CZ 32bit\New Windows 7 Activator [2010]\New Windows 7 Activator [2010]\7Loader Release 5.exe
[2011.12.18 02:26:46 | 002,067,706 | ---- | M] () -- \Users\CART\Downloads\World of Warcraft - 3.3.5a (12340) - enUS (No Install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2010.12.14 07:32:45 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2011.12.18 19:37:20 | 002,067,706 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2011.12.18 20:10:06 | 000,022,692 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2008.04.01 08:11:42 | 000,070,944 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\FCC7C0F46665B4740BE2CA15A459CE39\2.8.1\PhysXLoader.dll.EFBABE66_E43C_474F_A6F1_F0312317E9E1
[2012.03.03 14:34:59 | 000,050,654 | ---- | M] () -- \Windows\Prefetch\7LOADER RELEASE 5.EXE-F2A76E9D.pf
[2012.03.03 14:35:01 | 000,142,080 | ---- | M] () -- \Windows\Prefetch\7LOADER.EXE-03DDFA73.pf
[2012.03.03 14:35:01 | 000,068,684 | ---- | M] () -- \Windows\Prefetch\LOADER.EXE-63C6C20B.pf
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.13 16:11:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.13 16:11:33 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.13 16:11:33 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.13 16:11:33 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.13 16:11:33 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5F7539FF
@Alternate Data Stream - 199 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:B3D74A13
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >

cart3 · #19 Příspěvek od **cart3** » 04 bře 2012 07:52

OTL logfile created on: 3.3.2012 17:13:19 - Run 1
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\CART\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,93 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 64,09% Memory free
7,86 Gb Paging File | 6,35 Gb Available in Paging File | 80,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 244,73 Gb Free Space | 26,28% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 22,14 Gb Free Space | 14,86% Space Free | Partition Type: NTFS

Computer Name: CARTMAN-PC | User Name: CART | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.03.03 17:01:28 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\CART\Desktop\OTL.exe
PRC - [2012.02.18 04:33:56 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- E:\programy ins\a malware\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.04 16:04:08 | 000,056,832 | ---- | M] (Sondle Software Corporation) -- C:\Program Files (x86)\Sondle Software\ScrKlg\RunSvc.exe
PRC - [2011.03.05 23:31:25 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009.10.12 18:13:20 | 000,226,816 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
PRC - [2009.10.12 11:13:06 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
PRC - [2007.02.14 11:11:18 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.26 15:14:06 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012.02.18 04:33:56 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.01.18 20:09:14 | 000,079,872 | ---- | M] () -- C:\Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCoreGecko10.dll
MOD - [2009.10.12 18:13:20 | 000,226,816 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
MOD - [2009.10.12 11:13:06 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.26 02:57:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.11.16 09:12:56 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009.11.16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- E:\programy ins\a malware\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.04 16:04:08 | 000,056,832 | ---- | M] (Sondle Software Corporation) [Auto | Running] -- C:\Program Files (x86)\Sondle Software\ScrKlg\RunSvc.exe -- (KlgRunSvc)
SRV - [2011.03.05 23:31:25 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.05.13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.03.25 21:02:53 | 000,043,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.02 11:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.12.02 11:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.12.02 11:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.12.02 11:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.12.02 11:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.06 19:39:48 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010.10.03 19:25:57 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.26 04:37:26 | 007,767,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.08.26 04:37:26 | 007,767,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.26 02:20:56 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.01 11:09:50 | 000,224,488 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2010.07.01 11:09:50 | 000,039,016 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009.12.18 15:02:26 | 000,123,200 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2009.11.16 09:03:42 | 000,136,584 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009.11.16 08:56:16 | 000,145,336 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2009.10.22 13:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\55552952.sys -- (55552952)
DRV:64bit: - [2009.10.09 23:30:56 | 000,352,784 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\5555295.sys -- (setup_9.0.0.722_26.02.2012_22-45drv)
DRV:64bit: - [2009.09.25 17:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\55552951.sys -- (55552951)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.01 22:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2007.06.28 11:47:14 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdx64.sys -- (nmwcdx64)
DRV:64bit: - [2007.06.28 11:46:20 | 000,017,408 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdcmx64.sys -- (nmwcdcmx64)
DRV:64bit: - [2005.11.07 14:33:12 | 000,021,120 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DB3G.sys -- (Razerlow)
DRV - [2011.07.01 18:56:51 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011.02.02 08:19:54 | 000,172,521 | ---- | M] (Sondle Software Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\KlgDrv.sys -- (KlgRunDrv)
DRV - [2010.10.12 17:15:20 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.10.12 17:14:49 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2010.10.12 17:14:40 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002.07.17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2776682

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3607321302-1505321999-3635864961-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-3607321302-1505321999-3635864961-1000\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - No CLSID value found
IE - HKU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2776682
IE - HKU\S-1-5-21-3607321302-1505321999-3635864961-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "BrotherSoft Extreme Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/ig"
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.4.2rc1
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.4
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\CART\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\CART\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\CART\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\CART\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\CART\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 04:33:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.01 05:24:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.02.10 03:21:00 | 000,000,000 | ---D | M]

[2010.10.27 22:01:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CART\AppData\Roaming\Mozilla\Extensions
[2010.10.27 22:01:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CART\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.02.13 14:46:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions
[2012.02.13 14:46:13 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.01.21 23:02:49 | 000,000,000 | ---D | M] (BrotherSoft Extreme Community Toolbar) -- C:\Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
[2012.01.24 16:39:36 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.12.18 05:49:00 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions\anttoolbar@ant.com
[2011.10.10 12:19:30 | 000,000,941 | ---- | M] () -- C:\Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\searchplugins\conduit.xml
[2012.02.26 05:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.02.18 04:33:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.13 19:13:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.21 23:01:25 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.21 23:01:25 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.01.21 23:01:25 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.21 23:01:25 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.21 23:01:25 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\CART\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\CART\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\CART\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: fluxDVD Browser Plugin (Enabled) = C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\CART\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\CART\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Users\CART\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.03 17:02:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKU\S-1-5-21-3607321302-1505321999-3635864961-1000\..\Toolbar\WebBrowser: (no name) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\CART\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StartupFaster [2010.10.20 00:44:38 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-3607321302-1505321999-3635864961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD536BE7-F902-47C7-8310-3FF4C30B2AF6}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a5cd88e3-debc-11df-900a-6cf049b97fb6}\Shell - "" = AutoRun
O33 - MountPoints2\{a5cd88e3-debc-11df-900a-6cf049b97fb6}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{e86a3996-d08a-11df-870d-6cf049b97fb6}\Shell - "" = AutoRun
O33 - MountPoints2\{e86a3996-d08a-11df-870d-6cf049b97fb6}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.at3 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\SONY\atrac3.acm ()
Drivers32: msacm.CoreFLAC_ACM - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Core\CoreFLAC_ACM.acm ()
Drivers32: msacm.divxa32 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.imc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\imc32.acm (Intel Corporation)
Drivers32: msacm.l3acm - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\lameacm.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.pcdv - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Canopus\pcdv.acm (Canopus Co., Ltd.)
Drivers32: msacm.qmpeg - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\QDesign\qmpeg.acm (QDesign Corporation)
Drivers32: msacm.sl_anet - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\OGG\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.voxacm160 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\VoxWare\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.aas4 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.aasc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.advj - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.advs - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Adaptec\dvc.dll (Adaptec)
Drivers32: vidc.aflc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.afli - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.ap41 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.asv1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv1.dll ()
Drivers32: vidc.asv2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.asvx - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.avi1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avi2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avrn - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.bt20 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.cdvc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Canopus\csccdvc.dll (Canopus Co., Ltd.)
Drivers32: vidc.cram - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.cscd - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\camcodec.dll (RenderSoft Software.)
Drivers32: vidc.cvid - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\iccvid.dll (Compression Technologies, Inc.)
Drivers32: vidc.davc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\dicas\davcvfw.dll (dicas)
Drivers32: vidc.dcap - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.dcmj - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.ddvc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Canopus\cscdvsd.dll (Canopus Co., Ltd.)
Drivers32: vidc.div3 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div4 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.div5 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div6 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.divx - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\DivX520.dll (DivXNetworks, Inc.)
Drivers32: vidc.dmb2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.dv25 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dv50 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dvc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvcp - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.dvcs - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvsd - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvx4 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\DivX4.dll (DivXNetworks, Inc.)
Drivers32: vidc.em2v - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\etxcodec.dll (Etymonix Inc.)
Drivers32: vidc.frwa - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Forward\frwt.dll (Darim Vision Co.)
Drivers32: vidc.frwd - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwt - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwu - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Forward\frwu.dll (Darim Vision Co.)
Drivers32: vidc.gepj - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.glzw - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Gabest\glzw.dll (Gabest)
Drivers32: vidc.gpeg - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Gabest\gpeg.dll (Gabest)
Drivers32: vidc.gpjm - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.hfyu - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\i263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.ipdv - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.ir21 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.iv30 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv31 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv32 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv33 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv34 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv35 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv36 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv37 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv38 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv39 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv40 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv41 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv42 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv43 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv44 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv45 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv46 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv47 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv48 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv49 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.lead - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\LEAD\lcodccmp.dll (LEAD Technologies, Inc.)
Drivers32: vidc.m261 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msh261.drv (Microsoft Corporation)
Drivers32: vidc.m263 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.miro - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.mjpa - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.mjpx - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pegasus\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mkvc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\kmvidc32.dll ()
Drivers32: vidc.mmes - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mmjp - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mp41 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp42 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp43 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4s - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4v - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mpg3 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.mpg4 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mrle - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msmc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.msvc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.mszh - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\avimszh.dll ()
Drivers32: vidc.mtx1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx3 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx4 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx5 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx6 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx7 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx8 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx9 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mwv1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Aware\icmw_32.dll (Aware Inc.)
Drivers32: vidc.nt00 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Newtek\ntcodec.dll (NewTek, Inc)
Drivers32: vidc.pdvc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.pim1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pinnacle\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.pimj - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pegasus\pvljpg20.dll (Pegasus Imaging Corporation)
Drivers32: vidc.png1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Core\CorePNG_vfw.dll ()
Drivers32: vidc.pvw2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Pegasus\pvwv220.dll (Pegasus Imaging Corporation)
Drivers32: vidc.q1.0 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.qpeg - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.rmp4 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\REALmagic\rmp4.dll ()
Drivers32: vidc.rt21 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.rud0 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Rududu\rududu.dll (nico)
Drivers32: vidc.s422 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Tekram\tekyuv.dll ()
Drivers32: vidc.sjpg - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.sony - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.t420 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.tscc - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.uyvy - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.vcr1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\ATI\ativcr1.dll (ATI Technologies, Inc.)
Drivers32: vidc.vcr2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\ATI\ativcr2.dll (ATI Technologies, Inc.)
Drivers32: vidc.vifp - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\vfcodec.dll ()
Drivers32: vidc.vixl - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\MIRO\miroxl32.dll (Pinnacle Systems)
Drivers32: vidc.vp30 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp31 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.vssv - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Vanguard Software Sollutions\vsscodec.dll (Vanguard Software Solutions, Inc.)
Drivers32: vidc.wmv3 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.wnv1 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\wnvplay1.dll (Winnov)
Drivers32: vidc.wrpr - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\aviwrap.dll ()
Drivers32: vidc.xvid - xvidvfw.dll File not found
Drivers32: vidc.y411 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.y41p - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.yuy2 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\ATI\atiyuv12.dll ()
Drivers32: vidc.yvu9 - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Intel\iyvu9_32.dll ()
Drivers32: vidc.yvyu - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\Microsoft\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.zlib - E:\programy ins\codecs\ACE Mega CoDecS Pack\SystemS\avizlib.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

cart3 · #20 Příspěvek od **cart3** » 04 bře 2012 07:54

musel sem to rozdelit

========== Files/Folders - Created Within 30 Days ==========

[2012.03.03 17:02:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.03.03 15:54:10 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon
[2012.03.03 15:54:09 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Maxthon3
[2012.03.03 15:54:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxthon3
[2012.03.03 15:48:49 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.03.03 13:37:40 | 000,000,000 | ---D | C] -- C:\Users\CART\Desktop\Nová složka (2)
[2012.03.03 13:31:09 | 000,000,000 | ---D | C] -- C:\Users\CART\Desktop\Boot
[2012.03.03 11:37:53 | 000,000,000 | ---D | C] -- C:\Users\CART\Desktop\Nová složka
[2012.03.03 08:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Disc Doctor
[2012.03.03 08:17:55 | 000,000,000 | R--D | C] -- C:\Users\CART\Desktop\Fotecky!
[2012.03.03 07:56:01 | 000,000,000 | ---D | C] -- C:\Users\CART\Desktop\wwwwwwwwwww
[2012.03.03 07:01:56 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\CART\Desktop\OTL.exe
[2012.03.03 03:22:20 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\XnView
[2012.03.03 03:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
[2012.03.03 03:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XnView
[2012.03.03 02:20:26 | 000,000,000 | ---D | C] -- C:\Users\CART\Documents\ZPS14
[2012.03.03 02:20:24 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Zoner
[2012.03.03 02:20:24 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Local\Zoner
[2012.03.03 02:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoner
[2012.03.03 02:20:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 14
[2012.03.03 02:19:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zoner
[2012.02.28 20:36:44 | 010,731,611 | ---- | C] (XeroBank) -- C:\Users\CART\Desktop\XeroBank_Installer_3.9.10.24.EXE
[2012.02.27 23:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.02.27 23:35:54 | 000,000,000 | ---D | C] -- C:\rsit
[2012.02.26 21:48:08 | 000,352,784 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\5555295.sys
[2012.02.26 21:48:08 | 000,157,712 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\55552951.sys
[2012.02.26 21:48:08 | 000,040,464 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\55552952.sys
[2012.02.26 21:48:07 | 000,000,000 | ---D | C] -- C:\Users\CART\Desktop\Virus Removal Tool
[2012.02.26 17:42:49 | 000,000,000 | ---D | C] -- C:\Users\CART\Desktop\Foto Mobilek
[2012.02.26 15:14:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.02.26 08:27:13 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTTextToAudio2.dll
[2012.02.26 08:27:13 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mp3 Audio Editor
[2012.02.26 08:12:55 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Mp3 Audio Editor
[2012.02.26 07:09:20 | 003,628,016 | ---- | C] (Piriform Ltd) -- C:\Users\CART\Desktop\ccsetup316.exe
[2012.02.26 07:04:38 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\systweak
[2012.02.26 06:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseTips
[2012.02.26 06:57:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MuseTips
[2012.02.26 06:52:36 | 000,000,000 | ---D | C] -- C:\Users\CART\Documents\Native Instruments
[2012.02.26 06:52:07 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2012.02.26 06:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2012.02.26 06:52:00 | 000,000,000 | ---D | C] -- C:\Users\CART\Documents\Traktor3
[2012.02.26 06:31:04 | 000,000,000 | R--D | C] -- C:\Users\CART\Desktop\KOTATKO SD
[2012.02.26 06:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Mp3 Editor 2004
[2012.02.26 06:11:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Power Mp3 Editor 2004
[2012.02.26 06:00:51 | 000,000,000 | ---D | C] -- C:\Users\CART\Desktop\VVVVVV
[2012.02.26 01:51:59 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2012.02.26 01:47:08 | 000,000,000 | R--D | C] -- C:\Users\CART\Desktop\010101010101010101010101010101010100
[2012.02.26 00:42:47 | 000,000,000 | R--D | C] -- C:\Users\CART\Desktop\OBRAZKY
[2012.02.26 00:36:04 | 000,000,000 | R--D | C] -- C:\Users\CART\Desktop\NEW FOTO ATD
[2012.02.26 00:34:20 | 000,000,000 | R--D | C] -- C:\Users\CART\Desktop\NEW MP3
[2012.02.18 05:19:02 | 000,000,000 | ---D | C] -- C:\Users\CART\AppData\Roaming\Audacity
[2012.02.18 05:17:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2012.02.15 15:20:01 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.02.15 15:19:55 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.02.15 15:19:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.15 15:19:45 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.15 15:19:18 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.15 15:19:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.15 15:19:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.15 15:19:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.15 15:19:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.15 15:19:15 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.15 15:19:15 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.12 04:58:23 | 000,000,000 | ---D | C] -- C:\Casino
[2012.02.12 03:02:19 | 000,000,000 | R--D | C] -- C:\Users\CART\Desktop\hhhhhh
[2012.02.10 03:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.02.10 03:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[1 C:\Users\CART\*.tmp files -> C:\Users\CART\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.03.03 17:16:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.03 17:14:13 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.03 17:14:13 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.03 17:06:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.03 17:06:51 | 3167,346,688 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.03 17:02:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012.03.03 17:01:28 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\CART\Desktop\OTL.exe
[2012.03.03 15:54:10 | 000,001,094 | ---- | M] () -- C:\Users\CART\Desktop\Maxthon 3.lnk
[2012.03.03 15:48:50 | 000,002,313 | ---- | M] () -- C:\Users\CART\Desktop\Google Chrome.lnk
[2012.03.03 14:43:40 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.03.03 14:43:40 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.03.03 13:41:13 | 001,656,524 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.03 13:41:13 | 000,700,022 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.03.03 13:41:13 | 000,669,682 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.03 13:41:13 | 000,153,592 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.03.03 13:41:13 | 000,133,384 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.03 08:57:35 | 000,000,773 | ---- | M] () -- C:\Users\Public\Desktop\DeadDiscDoctor.exe.lnk
[2012.03.03 03:22:31 | 000,000,923 | ---- | M] () -- C:\Users\CART\Desktop\XnView.lnk
[2012.03.03 02:20:09 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 14 FREE.lnk
[2012.03.01 20:59:05 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.03.01 19:42:19 | 115,802,720 | ---- | M] () -- C:\Users\CART\Desktop\FimfĂˇrum.rar
[2012.03.01 05:28:49 | 000,000,648 | ---- | M] () -- C:\Users\CART\Desktop\xB Browser.lnk
[2012.02.28 20:38:00 | 010,731,611 | ---- | M] (XeroBank) -- C:\Users\CART\Desktop\XeroBank_Installer_3.9.10.24.EXE
[2012.02.28 19:15:36 | 000,935,175 | ---- | M] () -- C:\Users\CART\Desktop\RSITx64.exe
[2012.02.28 18:59:17 | 000,075,839 | ---- | M] () -- C:\Users\CART\Desktop\oooooooooooooooooooooooooooooooooooo.jpg
[2012.02.28 18:57:31 | 000,075,839 | ---- | M] () -- C:\Users\CART\Desktop\418089_358570510841007_100000641842673_1128105_128257947_n.jpg
[2012.02.27 02:16:19 | 000,007,061 | ---- | M] () -- C:\Users\CART\Desktop\FDV413413_RS4120039_medium.jpg
[2012.02.26 21:22:34 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.26 19:27:59 | 120,786,136 | ---- | M] () -- C:\Users\CART\Documents\Super Mario pack PC.zip
[2012.02.26 19:19:02 | 000,018,984 | ---- | M] () -- C:\Users\CART\Documents\Super Mario pack PC.zip.torrent
[2012.02.26 18:40:57 | 034,963,428 | ---- | M] () -- C:\Users\CART\Desktop\youtube.com.Anonymní zpráva vládcům světa. #GlobalREvolution 2012 [CZ SUB] - YouTube_6.flv
[2012.02.26 18:34:48 | 000,067,186 | ---- | M] () -- C:\Users\CART\Desktop\dddddd.jpg
[2012.02.26 18:02:09 | 007,739,592 | ---- | M] () -- C:\Users\CART\Desktop\Modified-Motion---1Up.mp3
[2012.02.26 16:36:15 | 000,088,667 | ---- | M] () -- C:\Users\CART\Desktop\430970_2257758222812_1814086776_1343916_2025360729_n.jpg
[2012.02.26 08:27:14 | 000,000,770 | ---- | M] () -- C:\Users\CART\Desktop\Mp3 Audio Editor.lnk
[2012.02.26 07:10:33 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.26 07:09:47 | 003,628,016 | ---- | M] (Piriform Ltd) -- C:\Users\CART\Desktop\ccsetup316.exe
[2012.02.26 06:57:43 | 000,001,273 | ---- | M] () -- C:\Users\Public\Desktop\Free MP3 Cutter and Editor.lnk
[2012.02.26 06:52:49 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2012.02.26 06:52:49 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2012.02.26 06:52:32 | 000,001,205 | ---- | M] () -- C:\Users\CART\Desktop\Traktor DJ Studio 3.lnk
[2012.02.26 06:48:28 | 000,025,734 | ---- | M] () -- C:\BarStyle.dat
[2012.02.26 06:12:54 | 000,000,013 | ---- | M] () -- C:\Windows\SysWow64\WINSPOOL.CRC
[2012.02.26 06:11:11 | 000,001,042 | ---- | M] () -- C:\Users\CART\Desktop\Power Mp3 Editor 2004.lnk
[2012.02.26 01:53:08 | 000,000,639 | ---- | M] () -- C:\Users\CART\Desktop\KMPlayer.lnk
[2012.02.26 01:23:30 | 000,000,517 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.02.18 05:17:54 | 000,001,148 | ---- | M] () -- C:\Users\CART\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2012.02.18 05:10:00 | 000,889,298 | ---- | M] () -- C:\00.bmp
[2012.02.16 03:26:12 | 000,278,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.12 04:58:26 | 000,000,767 | ---- | M] () -- C:\Users\Public\Desktop\EuroGrand Casino.lnk
[1 C:\Users\CART\*.tmp files -> C:\Users\CART\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.03.03 17:16:16 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.03 17:06:51 | 3167,346,688 | -HS- | C] () -- C:\hiberfil.sys
[2012.03.03 15:54:10 | 000,001,094 | ---- | C] () -- C:\Users\CART\Desktop\Maxthon 3.lnk
[2012.03.03 15:48:50 | 000,002,313 | ---- | C] () -- C:\Users\CART\Desktop\Google Chrome.lnk
[2012.03.03 08:57:35 | 000,000,773 | ---- | C] () -- C:\Users\Public\Desktop\DeadDiscDoctor.exe.lnk
[2012.03.03 08:03:12 | 000,002,544 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012.03.03 08:03:12 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2012.03.03 03:22:09 | 000,000,923 | ---- | C] () -- C:\Users\CART\Desktop\XnView.lnk
[2012.03.03 02:20:09 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 14 FREE.lnk
[2012.03.01 19:42:15 | 115,802,720 | ---- | C] () -- C:\Users\CART\Desktop\FimfĂˇrum.rar
[2012.02.28 18:59:16 | 000,075,839 | ---- | C] () -- C:\Users\CART\Desktop\oooooooooooooooooooooooooooooooooooo.jpg
[2012.02.28 18:57:27 | 000,075,839 | ---- | C] () -- C:\Users\CART\Desktop\418089_358570510841007_100000641842673_1128105_128257947_n.jpg
[2012.02.27 23:35:06 | 000,935,175 | ---- | C] () -- C:\Users\CART\Desktop\RSITx64.exe
[2012.02.27 02:16:19 | 000,007,061 | ---- | C] () -- C:\Users\CART\Desktop\FDV413413_RS4120039_medium.jpg
[2012.02.26 21:22:34 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.26 19:19:02 | 120,786,136 | ---- | C] () -- C:\Users\CART\Documents\Super Mario pack PC.zip
[2012.02.26 19:19:02 | 000,018,984 | ---- | C] () -- C:\Users\CART\Documents\Super Mario pack PC.zip.torrent
[2012.02.26 18:38:26 | 034,963,428 | ---- | C] () -- C:\Users\CART\Desktop\youtube.com.Anonymní zpráva vládcům světa. #GlobalREvolution 2012 [CZ SUB] - YouTube_6.flv
[2012.02.26 18:22:12 | 000,067,186 | ---- | C] () -- C:\Users\CART\Desktop\dddddd.jpg
[2012.02.26 18:01:59 | 007,739,592 | ---- | C] () -- C:\Users\CART\Desktop\Modified-Motion---1Up.mp3
[2012.02.26 16:36:14 | 000,088,667 | ---- | C] () -- C:\Users\CART\Desktop\430970_2257758222812_1814086776_1343916_2025360729_n.jpg
[2012.02.26 09:17:51 | 000,000,044 | ---- | C] () -- C:\Users\CART\Desktop\Track01.cda
[2012.02.26 08:27:14 | 000,000,770 | ---- | C] () -- C:\Users\CART\Desktop\Mp3 Audio Editor.lnk
[2012.02.26 08:27:13 | 000,113,486 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2012.02.26 06:57:43 | 000,001,273 | ---- | C] () -- C:\Users\Public\Desktop\Free MP3 Cutter and Editor.lnk
[2012.02.26 06:52:49 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2012.02.26 06:52:49 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2012.02.26 06:52:32 | 000,001,205 | ---- | C] () -- C:\Users\CART\Desktop\Traktor DJ Studio 3.lnk
[2012.02.26 06:09:38 | 000,025,734 | ---- | C] () -- C:\BarStyle.dat
[2012.02.26 06:08:44 | 000,000,013 | ---- | C] () -- C:\Windows\SysWow64\WINSPOOL.CRC
[2012.02.26 06:07:52 | 000,001,042 | ---- | C] () -- C:\Users\CART\Desktop\Power Mp3 Editor 2004.lnk
[2012.02.26 01:51:59 | 000,000,639 | ---- | C] () -- C:\Users\CART\Desktop\KMPlayer.lnk
[2012.02.26 01:23:30 | 000,000,517 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.02.18 05:17:54 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2012.02.18 05:17:54 | 000,001,148 | ---- | C] () -- C:\Users\CART\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2012.02.12 04:58:26 | 000,000,779 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroGrand Casino.lnk
[2012.02.12 04:58:26 | 000,000,767 | ---- | C] () -- C:\Users\Public\Desktop\EuroGrand Casino.lnk
[2011.12.17 21:45:40 | 000,007,597 | ---- | C] () -- C:\Users\CART\AppData\Local\Resmon.ResmonCfg
[2011.12.09 01:30:47 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2011.10.26 20:20:00 | 000,000,348 | ---- | C] () -- C:\Windows\level.ini
[2011.10.26 20:20:00 | 000,000,075 | ---- | C] () -- C:\Windows\tmp2Level.ini
[2011.10.07 04:32:07 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.09.24 00:42:14 | 000,011,098 | ---- | C] () -- C:\Users\CART\AppData\Roaming\TheHunterSettings_live.bin
[2011.06.01 13:38:14 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2011.05.08 15:15:23 | 000,003,584 | ---- | C] () -- C:\Users\CART\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.06 11:01:28 | 000,000,092 | ---- | C] () -- C:\Users\CART\AppData\Local\fusioncache.dat
[2011.03.05 23:31:23 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.01.30 23:28:15 | 000,050,624 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.01.05 16:59:16 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.01.05 16:59:13 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.01.04 19:06:01 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010.12.30 22:41:02 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.12.30 22:41:02 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.12.30 22:41:02 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.10.28 22:24:50 | 000,000,761 | ---- | C] () -- C:\Windows\m3jp2k.ini
[2010.10.28 22:24:50 | 000,000,714 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2010.10.28 22:24:50 | 000,000,702 | ---- | C] () -- C:\Windows\mmtvmj.ini
[2010.10.28 22:24:48 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2010.10.28 22:24:47 | 000,152,064 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.10.28 22:24:46 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.10.28 21:52:46 | 000,000,055 | ---- | C] () -- C:\Windows\videotoaudio.ini
[2010.10.28 21:39:50 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySatm.dat
[2010.10.21 00:40:26 | 001,634,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.12 19:09:54 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.10.12 12:43:48 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2010.10.02 17:42:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010.06.15 23:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.10 12:42:34 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\msrtcao-d.dll

========== LOP Check ==========

[2012.01.18 21:08:50 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\.minecraft
[2012.02.18 05:28:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Audacity
[2011.10.06 22:47:21 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\AVG
[2010.12.03 00:44:44 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Bioshock
[2011.06.25 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Bioshock2
[2010.10.15 19:20:42 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\bizarre creations
[2010.10.15 22:07:32 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\BlackBean
[2011.06.04 21:48:01 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.06.02 12:34:04 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Command and Conquer 4
[2012.02.26 21:11:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\DAEMON Tools Lite
[2011.05.05 17:40:55 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Digiarty
[2010.10.02 20:40:01 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ESET
[2011.10.14 01:33:05 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Genie-Soft
[2011.11.24 12:26:07 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\GetRightToGo
[2011.03.12 15:50:08 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\GHISLER
[2011.07.18 22:06:29 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\gnupg
[2010.10.14 09:21:15 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\KWorld Multimedia
[2010.11.12 12:53:40 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Leawo
[2012.03.03 15:54:33 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Maxthon3
[2011.06.20 00:34:08 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mirillis
[2012.02.26 08:23:07 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Moyea
[2012.02.26 15:14:06 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mp3 Audio Editor
[2010.11.28 23:49:26 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Opera
[2011.06.25 15:13:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ProtectDISC
[2011.05.28 22:00:54 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Red Alert 3
[2011.03.12 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Sierra Entertainment
[2011.06.07 22:32:51 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Simnet
[2011.10.05 01:20:25 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Sondle Soft
[2012.02.26 07:04:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\systweak
[2011.03.26 09:32:03 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\The Creative Assembly
[2010.10.27 22:01:39 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Thunderbird
[2010.10.20 00:44:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\URSoft
[2012.03.03 16:31:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\uTorrent
[2012.01.15 20:54:39 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\wargaming.net
[2012.03.03 04:32:56 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\XnView
[2012.03.03 02:20:24 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Zoner
[2011.10.18 21:19:20 | 000,032,524 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:38:05 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\$WINDOWS.~BT\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:38:05 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:38:05 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\$WINDOWS.~BT\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:38:05 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\$WINDOWS.~BT\Windows\System32\drivers\atapi.sys
[2009.07.14 03:38:05 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:38:05 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\$WINDOWS.~BT\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\$WINDOWS.~BT\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2009.07.14 03:38:05 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\$WINDOWS.~BT\Windows\System32\drivers\cdrom.sys
[2009.07.14 03:38:05 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 03:38:05 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\$WINDOWS.~BT\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\$WINDOWS.~BT\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\$WINDOWS.~BT\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2009.07.14 03:38:05 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\$WINDOWS.~BT\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:38:05 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:38:05 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:38:05 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\$WINDOWS.~BT\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:38:05 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 03:38:05 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011.11.17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\$WINDOWS.~BT\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\$WINDOWS.~BT\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\$WINDOWS.~BT\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2009.07.14 03:38:05 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\$WINDOWS.~BT\Windows\System32\drivers\nvraid.sys
[2009.07.14 03:38:05 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:38:05 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\$WINDOWS.~BT\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011.03.11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011.03.11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2009.07.14 03:38:05 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\$WINDOWS.~BT\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:38:05 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:38:05 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\$WINDOWS.~BT\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\$WINDOWS.~BT\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\$WINDOWS.~BT\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\$WINDOWS.~BT\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\$WINDOWS.~BT\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\$WINDOWS.~BT\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\$WINDOWS.~BT\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.01.18 21:08:50 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\.minecraft
[2010.12.25 12:17:40 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Adobe
[2010.10.03 18:00:06 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ATI
[2012.02.18 05:28:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Audacity
[2011.10.06 22:47:21 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\AVG
[2011.02.20 15:57:40 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\AVS4YOU
[2010.12.03 00:44:44 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Bioshock
[2011.06.25 18:56:20 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Bioshock2
[2010.10.15 19:20:42 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\bizarre creations
[2010.10.15 22:07:32 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\BlackBean
[2011.06.04 21:48:01 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.06.02 12:34:04 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Command and Conquer 4
[2010.10.14 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\CyberLink
[2012.02.26 21:11:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\DAEMON Tools Lite
[2011.05.05 17:40:55 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Digiarty
[2011.03.14 07:20:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\dvdcss
[2010.10.02 20:40:01 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ESET
[2011.10.14 01:33:05 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Genie-Soft
[2011.11.24 12:26:07 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\GetRightToGo
[2011.03.12 15:50:08 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\GHISLER
[2011.07.18 22:06:29 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\gnupg
[2010.10.06 19:44:48 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Hamachi
[2010.10.02 17:56:53 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Identities
[2011.11.17 23:24:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\InstallShield
[2010.10.14 09:21:15 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\KWorld Multimedia
[2010.11.12 12:53:40 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Leawo
[2010.10.02 18:44:45 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Macromedia
[2010.10.27 21:47:03 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Malwarebytes
[2012.03.03 15:54:33 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Maxthon3
[2009.07.14 16:36:58 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Media Center Programs
[2011.10.14 01:20:06 | 000,000,000 | --SD | M] -- C:\Users\CART\AppData\Roaming\Microsoft
[2011.06.20 00:34:08 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mirillis
[2012.02.26 08:23:07 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Moyea
[2012.02.12 05:19:52 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mozilla
[2012.02.26 15:14:06 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Mp3 Audio Editor
[2011.01.30 21:14:02 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\NCH Software
[2010.10.17 00:12:54 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Nero
[2010.11.28 23:49:26 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Opera
[2011.06.25 15:13:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\ProtectDISC
[2011.05.13 18:49:35 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Real
[2011.05.28 22:00:54 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Red Alert 3
[2011.01.20 23:17:47 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\SecuROM
[2011.03.12 16:17:12 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Sierra Entertainment
[2011.06.07 22:32:51 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Simnet
[2012.02.26 07:13:28 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Skype
[2011.12.23 19:05:13 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\skypePM
[2011.10.05 01:20:25 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Sondle Soft
[2012.02.26 07:04:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\systweak
[2011.03.26 09:32:03 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\The Creative Assembly
[2010.10.27 22:01:39 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Thunderbird
[2010.10.20 00:44:38 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\URSoft
[2012.03.03 16:31:22 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\uTorrent
[2011.10.29 18:58:27 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\vlc
[2012.01.15 20:54:39 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\wargaming.net
[2010.10.02 23:09:49 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\WinRAR
[2012.03.03 04:32:56 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\XnView
[2012.03.03 02:20:24 | 000,000,000 | ---D | M] -- C:\Users\CART\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_1E02B3D8732010A792DC8B.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_21F3885A18D238E15AAE81.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_415493353D745EEA216D94.exe
[2011.06.20 00:33:38 | 000,009,662 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_57171CA7761BF4A88F7E34.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_6FEFF9B68218417F98F549.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_806048DC66200FE6D24FF3.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_85972F4A73DF7EADFBAFC2.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_934312A2105DE40686D86A.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_A5279446A5A2E345996804.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_A753214149FB4F8721C1CB.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_A7A1F24988209FFD6FF84A.exe
[2011.06.20 00:33:39 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_BD3CC5E8F02CE8257CF964.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_C7D4D81C64CE2B2A005D42.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_C7EFEC170C2E3BE8B9D183.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_CF15DB293FB3ABD44856FB.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_D707CE1C009F1381803C2C.exe
[2011.06.20 00:33:38 | 000,287,934 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3BED8560-ED90-40AD-8023-60B92B98AE29}\_FD8B6BA922FF5C34868F02.exe
[2011.01.30 20:42:01 | 000,069,944 | R--- | M] (Macrovision Corporation) -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{3D587291-A4D7-4D0B-AB47-F322D24402D8}\New_Shortcut_S1418_E404E3F7ABAD4D71949F30D2A9D5566C.exe
[2011.01.01 02:04:28 | 000,010,134 | R--- | M] () -- C:\Users\CART\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2007.08.29 15:36:00 | 000,110,592 | ---- | M] () -- C:\Users\CART\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe
[2007.11.27 08:41:32 | 000,405,504 | ---- | M] () -- C:\Users\CART\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.03.01 20:59:05 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.03 17:16:16 | 000,000,512 | ---- | M] () MD5=AF21D813AD2D7DA624AF7548D9E46A0B -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.04.24 09:22:14 | 006,638,616 | R--- | M] () -- \hry files\Euro\Radio\Radio Bot\Fix the Cracks - Humanzi.mp3
[2012.02.26 19:29:24 | 000,001,406 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackfound.com%2Ffavicon.ico
[2012.02.26 19:30:06 | 000,001,150 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackserialcodes.com%2Ffavicon.ico
[2012.02.26 19:28:41 | 000,001,150 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackserialkeygen.com%2Ffavicon.ico
[2012.02.26 19:29:24 | 000,000,113 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackfound.com.idx
[2012.02.26 19:30:06 | 000,000,148 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackserialcodes.com.idx
[2012.02.26 19:28:41 | 000,000,102 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackserialkeygen.com.idx
[2012.02.26 08:24:59 | 000,000,802 | ---- | M] () -- \Users\CART\AppData\Roaming\Microsoft\Windows\Recent\Mp3.Audio.Editor.v7.3.1+%2B+Crack.lnk
[2011.10.05 02:23:00 | 000,000,354 | ---- | M] () -- \Users\CART\AppData\Roaming\uTorrent\E-mail Password Cracker 2010 V1.0.rar.torrent
[2011.09.20 16:43:09 | 000,041,743 | ---- | M] () -- \Users\CART\AppData\Roaming\uTorrent\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM.torrent
[2010.10.21 00:54:28 | 005,209,629 | ---- | M] () -- \Users\CART\Desktop\B.A.T.D\Nová složka (2)\Crack GTA IV Razor 1911.rar
[2010.10.21 00:57:46 | 037,751,764 | ---- | M] () -- \Users\CART\Desktop\B.A.T.D\Nová složka (2)\GTA IV patch 1.0.2.0 + NO - CD Crack (Razor 1911).zip
[2010.01.24 07:45:48 | 000,000,706 | ---- | M] () -- \Users\CART\Desktop\COH\company iof heroes\Company of Heroes\Eastern_Front\Data\sound\weapons\ppsh41\ppsh41_whipcrack.bsc
[2010.01.24 07:45:48 | 000,000,706 | ---- | M] () -- \Users\CART\Desktop\COH\company iof heroes\Eastern_Front\Data\sound\weapons\ppsh41\ppsh41_whipcrack.bsc
[2011.06.25 15:13:00 | 000,881,609 | ---- | M] () -- \Users\CART\Desktop\cracks\air crack.7z
[2010.10.31 16:41:13 | 008,472,483 | ---- | M] () -- \Users\CART\Desktop\MP3 SLOZKY VSE\TOP DNB\Brookes Brothers Crackdown (Shock One Remix).mp3
[2012.02.26 08:24:59 | 014,320,851 | ---- | M] () -- \Users\CART\Desktop\UMB.REW\Mp3.Audio.Editor.v7.3.1+%2B+Crack.rar
[2012.02.26 04:58:05 | 006,416,228 | ---- | M] () -- \Users\CART\Desktop\UMB.REW\Power-Mp3-Editor-Deluxe-Pro-2004---digital-audio-editor+CRACK.zip
[2004.05.06 18:46:36 | 000,001,002 | ---- | M] () -- \Users\CART\Desktop\UMB.REW\Power-Mp3-Editor-Deluxe-Pro-2004---digital-audio-editor+CRACK\Power Mp3 Editor Deluxe Pro 2004 CRACK.rar
[2012.03.01 21:09:30 | 000,315,178 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\ADBE_CRACK - 32bit.rar
[2012.03.01 21:09:15 | 000,377,747 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\ADBE_CRACK - 64bit.rar
[2011.09.20 17:37:14 | 000,002,799 | ---- | M] () -- \Users\CART\Downloads\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM.txt
[2011.09.14 05:32:25 | 005,021,038 | ---- | M] () -- \Users\CART\Downloads\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\red\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\Crack.rar

< *keygen* /s >
[2012.02.26 19:26:07 | 000,000,318 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fkeygens.nl%2Ffavicon.ico
[2012.02.26 19:28:41 | 000,001,150 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.crackserialkeygen.com%2Ffavicon.ico
[2012.02.26 19:26:07 | 000,000,070 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\keygens.nl.idx
[2012.02.26 19:28:41 | 000,000,102 | ---- | M] () -- \Users\CART\AppData\Local\Opera\Opera\icons\www.crackserialkeygen.com.idx
[2000.10.30 08:32:48 | 000,025,088 | ---- | M] () -- \Users\CART\Desktop\hry\red-alert2-portable-jonathan-pack\redalert2_portable\redalert2_portable\redalert2_portable\Keygen.exe
[2000.11.01 02:13:38 | 000,002,293 | ---- | M] () -- \Users\CART\Desktop\hry\red-alert2-portable-jonathan-pack\redalert2_portable\redalert2_portable\redalert2_portable\keygen.nfo
[2012.03.01 21:09:31 | 000,063,365 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe
[2012.03.01 21:09:31 | 000,003,121 | ---- | M] () -- \Users\CART\Downloads\Adobe Photoshop CS5 CZ\Crack\KeyGen-Readme.txt

cart3 · #21 Příspěvek od **cart3** » 04 bře 2012 07:55

< *loader* /s >
[2009.07.14 13:25:34 | 000,223,744 | R--- | M] () -- \$WINDOWS.~BT\Sources\upgloader.dll
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \$WINDOWS.~BT\Sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe
[2009.07.14 13:25:34 | 000,024,064 | R--- | M] () -- \$WINDOWS.~BT\Sources\cs-cz\upgloader.dll.mui
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \$WINDOWS.~BT\Windows\SETUP\SCRIPTS\Windows7Loader.exe
[2009.07.14 02:03:49 | 000,003,584 | ---- | M] () -- \$WINDOWS.~BT\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 04:43:26 | 000,002,883 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 04:43:26 | 000,034,896 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 04:43:26 | 000,030,272 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 03:06:56 | 000,004,225 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 03:06:56 | 000,507,568 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winload.exe_75835076
[2009.07.14 03:06:56 | 000,442,920 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9_winresume.exe_85cd1215
[2009.07.14 04:43:01 | 000,002,883 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.07.14 02:03:49 | 000,003,584 | ---- | M] () -- \$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.12 04:58:25 | 001,546,384 | ---- | M] () -- \Casino\EuroGrand Casino\data\loader.dll
[2012.02.12 04:58:23 | 000,006,783 | ---- | M] () -- \Casino\EuroGrand Casino\data\loader.gam
[2010.08.18 14:42:30 | 000,000,115 | ---- | M] () -- \hry files\audio\audio_loader.xml
[2010.08.18 14:48:52 | 000,000,342 | ---- | M] () -- \hry files\scenes\garage_loader.xml
[2010.08.18 14:48:52 | 000,001,042 | ---- | M] () -- \hry files\scenes\paddock_gameloader.xml
[2010.08.18 14:48:52 | 000,000,645 | ---- | M] () -- \hry files\scenes\paddock_loader.xml
[2010.08.18 14:48:52 | 000,000,532 | ---- | M] () -- \hry files\scenes\paddock_unloader.xml
[2010.08.18 14:48:54 | 000,000,478 | ---- | M] () -- \hry files\scenes\pitstop_loader.xml
[2010.08.18 14:48:54 | 000,000,514 | ---- | M] () -- \hry files\scenes\pitstop_unloader.xml
[2010.08.18 14:48:56 | 000,001,341 | ---- | M] () -- \hry files\scenes\trackside_garage_loader.xml
[2010.08.18 14:48:56 | 000,000,854 | ---- | M] () -- \hry files\scenes\trackside_garage_reloader.xml
[2011.12.13 18:49:23 | 000,000,147 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2011.03.09 04:59:58 | 000,036,917 | ---- | M] () -- \Program Files (x86)\iOrgSoft\AVCHD Video Converter\Skins\Default\Loader.png
[2011.09.02 06:59:02 | 000,056,640 | ---- | M] () -- \Program Files (x86)\Maxthon3\Bin\MxAppLoader.exe
[2011.11.10 11:21:36 | 000,762,688 | ---- | M] () -- \Program Files (x86)\Maxthon3\Bin\MxDownloader.dll
[2011.11.02 08:54:36 | 000,014,757 | ---- | M] () -- \Program Files (x86)\Maxthon3\Modules\MxMiniThunder\Skin\downloader.xml
[2009.11.12 13:50:16 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.11.12 14:10:52 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.02.02 05:44:40 | 000,016,896 | ---- | M] () -- \Program Files (x86)\Sondle Software\ScrKlg\ObjLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer1431\ImLoader.dll
[2011.12.06 13:06:24 | 000,429,568 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\ZPSPluginLoader.exe
[2011.12.06 13:06:24 | 000,319,488 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2011.12.06 13:06:40 | 000,444,416 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\ZPSPluginLoader.exe
[2011.12.06 13:06:40 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2011.03.08 17:09:04 | 000,194,048 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\ZPSPluginLoader.exe
[2010.11.11 12:07:12 | 000,323,584 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Plugins\Picasa\en\ZPSPicasaUploader.resources.dll
[2011.12.21 18:07:52 | 000,102,792 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\8bfLoader.exe
[2011.12.21 18:08:06 | 000,016,776 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 14\Program32\WICLoader.exe
[2010.03.15 10:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.02.05 13:22:02 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.02.05 13:22:02 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2011.11.09 15:03:06 | 000,000,673 | ---- | M] () -- \Users\CART\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_19864\CRX_INSTALL\Media\ajax-loader.gif
[2011.10.05 01:02:51 | 000,000,000 | ---- | M] () -- \Users\CART\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Keylogger.data
[2011.10.05 01:03:39 | 000,000,000 | ---- | M] () -- \Users\CART\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Password_Finder.data
[2011.10.05 01:01:58 | 000,000,000 | ---- | M] () -- \Users\CART\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Wireless_Key_Generator.data
[2011.10.10 12:19:30 | 000,010,144 | ---- | M] () -- \Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\conduitCommon\modules\3.7.0.6\ExternalLibraryLoader.jsm
[2012.01.18 20:09:14 | 000,010,144 | ---- | M] () -- \Users\CART\AppData\Roaming\Mozilla\Firefox\Profiles\jqlromh4.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\modules\ExternalLibraryLoader.jsm
[2010.07.17 17:35:58 | 003,726,063 | ---- | M] () -- \Users\CART\Desktop\KOTATKO SD\90. leta\Toploader - Dancing In The Moonlight.mp3
[2011.09.23 04:13:36 | 000,003,208 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\openfeint\webui\images\loader.gif
[2011.01.07 22:09:32 | 000,585,728 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\Vsechno\HTC Sync 3.0\htcUPCTLoader.exe
[2011.01.07 22:09:32 | 000,000,108 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\Vsechno\HTC Sync 3.0\htcUPCTLoader.ini
[2011.01.19 19:13:46 | 000,003,208 | ---- | M] () -- \Users\CART\Desktop\Nová složka (2)\Vsechno\openfeint\webui\images\loader.gif
[2009.07.14 13:25:34 | 000,223,744 | ---- | M] () -- \Users\CART\Desktop\Nová složka\sources\upgloader.dll
[2009.07.14 13:25:34 | 002,202,645 | ---- | M] () -- \Users\CART\Desktop\Nová složka\sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe
[2009.07.14 13:25:34 | 000,024,064 | ---- | M] () -- \Users\CART\Desktop\Nová složka\sources\cs-cz\upgloader.dll.mui
[2010.09.22 13:16:48 | 000,005,273 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2012.02.13 19:51:52 | 000,003,208 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AC185JFB\ajax_loader[1].gif
[2011.11.05 20:38:05 | 000,006,494 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\avg@toolbar\modules\skin\ajax-loader.gif
[2011.11.05 20:38:05 | 000,000,729 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\avg@toolbar\modules\skin\loader.gif
[2011.02.05 20:33:50 | 000,001,891 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\Temporary Internet Files\Content.IE5\V37F6T9V\preloader[1].js
[2011.02.05 20:33:54 | 000,002,931 | ---- | M] () -- \Users\CART\Desktop\wwwwwwwwwww\Users\ANDY A JARDA\AppData\Local\Temp\Temporary Internet Files\Content.IE5\V37F6T9V\preloader[1].swf
[2011.09.13 14:07:31 | 000,063,256 | ---- | M] () -- \Users\CART\Downloads\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\red\Red Orchestra 2 Heroes Of Stalingrad STEAM CRACKED-3DM\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2010.01.28 22:52:11 | 010,750,324 | ---- | M] () -- \Users\CART\Downloads\Windows 7 Home Premium CZ 32bit\New Windows 7 Activator [2010]\New Windows 7 Activator [2010]\7Loader Release 5.exe
[2011.12.18 02:26:46 | 002,067,706 | ---- | M] () -- \Users\CART\Downloads\World of Warcraft - 3.3.5a (12340) - enUS (No Install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2010.12.14 07:32:45 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2011.12.18 19:37:20 | 002,067,706 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2011.12.18 20:10:06 | 000,022,692 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2008.04.01 08:11:42 | 000,070,944 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\FCC7C0F46665B4740BE2CA15A459CE39\2.8.1\PhysXLoader.dll.EFBABE66_E43C_474F_A6F1_F0312317E9E1
[2012.03.03 14:34:59 | 000,050,654 | ---- | M] () -- \Windows\Prefetch\7LOADER RELEASE 5.EXE-F2A76E9D.pf
[2012.03.03 14:35:01 | 000,142,080 | ---- | M] () -- \Windows\Prefetch\7LOADER.EXE-03DDFA73.pf
[2012.03.03 14:35:01 | 000,068,684 | ---- | M] () -- \Windows\Prefetch\LOADER.EXE-63C6C20B.pf
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.13 16:11:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.13 16:11:33 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.13 16:11:33 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.13 16:11:33 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.13 16:11:33 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll [2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5F7539FF
@Alternate Data Stream - 199 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:B3D74A13
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >

cart3 · #22 Příspěvek od **cart3** » 04 bře 2012 07:55

OTL Extras logfile created on: 3.3.2012 17:13:19 - Run 1
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\CART\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,93 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 64,09% Memory free
7,86 Gb Paging File | 6,35 Gb Available in Paging File | 80,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 244,73 Gb Free Space | 26,28% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 22,14 Gb Free Space | 14,86% Space Free | Partition Type: NTFS

Computer Name: CARTMAN-PC | User Name: CART | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3607321302-1505321999-3635864961-1000\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prozkoumat v XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prozkoumat v XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{16B03921-11C2-4351-9DF8-C83F4F2674F1}" = ESET NOD32 Antivirus
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{70DFF8B2-44A3-2C2C-FB21-783E8291265F}" = ATI Catalyst Install Manager
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D9B52C63-4209-7129-BF10-FA5DCD38579E}" = ccc-utility64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"DriverAgent.exe" = DriverAgent by eSupport.com
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA04779-346C-30FD-EB9B-8EEA2CE094B3}" = CCC Help Thai
"{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1" = Men of War (Remove Only)
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1C160168-BF5B-72FE-BAFA-6DD5F737404C}" = CCC Help Chinese Standard
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1E445925-273D-4186-88A0-B8D1B6B119E2}" = WRC FIA World Rally Championship
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{33B670D7-8A06-DA5B-0341-5630D1E12007}" = ccc-core-static
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3B4325A0-43CD-10D1-64F6-BD2F90DCB756}" = Catalyst Control Center Graphics Previews Vista
"{3BED8560-ED90-40AD-8023-60B92B98AE29}" = Splash PRO
"{3D587291-A4D7-4D0B-AB47-F322D24402D8}" = EasyMPEG Lite
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{55043DDE-D718-C7F7-9B4C-2B3D818D8A1F}" = Catalyst Control Center InstallProxy
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56BDDC6B-A676-4559-B9D7-D2E19264E80D}" = Cnc4WorldBuilder
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{60341104-FC8E-EF26-12CB-93B17DF55976}" = CCC Help Japanese
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75794DD1-5D69-4E33-A141-C3D4B0724C71}" = Catalyst Control Center Graphics Previews Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}" = Sentinel Protection Installer 7.6.1
"{7CE47764-9A8F-380D-FB9E-FCFC37B9F727}" = CCC Help Korean
"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6E3F2A0-DDBB-4F0A-BA7C-09138605DDAC}" = WRC FIA World Rally Championship
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}" = Google Talk Plugin
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{DA60AB6B-6C9C-4B5F-BC61-3B0D9BCBD50B}" = GIGABYTE Remote Utilities
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5682FDA-E8C5-497D-ADE0-F5B2089940D5}" = Dead Disc Doctor
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{E8454B5F-4122-864C-002D-31F878D2CBF4}" = CCC Help English
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB6F9DC-A0FF-621E-DE53-877E63864DD1}" = CCC Help Chinese Traditional
"{FE4466A3-76B3-A9F4-9B22-150D6F8B4647}" = Catalyst Control Center Localization All
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"4Musics AVI to MP3 Converter_is1" = 4Musics AVI to MP3 Converter Shareware Version 4.1
"Adobe AIR" = Adobe AIR
"Alone In The Dark_is1" = Alone In The Dark
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audio MP3 Editor_is1" = Audio MP3 Editor 4.60
"AVI MPEG WMV RM to MP3 Converter_is1" = AVI MPEG WMV RM to MP3 Converter 1.8.4
"Avi2Dvd" = Avi2Dvd 0.6.1
"AviSynth" = AviSynth 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BrotherSoft_Extreme Toolbar" = BrotherSoft Extreme Toolbar
"CajA9as-v_is1" = All-In-I-Key-logger
"Company of Heroes" = Company of Heroes
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.8.0c
"CzechWoW" = Český překlad WoW
"Eastern Front" = Eastern Front
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Free FLV Player" = Free FLV Player
"Free MP3 Cutter and Editor_is1" = Free MP3 Cutter and Editor 2.5
"Hide IP Platinum_is1" = Hide IP Platinum 3.5
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.60.1.1000
"Maxthon3" = Maxthon 3
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 10.0.2 (x86 cs)" = Mozilla Firefox 10.0.2 (x86 cs)
"Mp3 Audio Editor" = Mp3 Audio Editor
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"OpenAL" = OpenAL
"Outlook Express Backup" = Outlook Express Backup 6.5
"Power Mp3 Editor_is1" = Power Mp3 Editor 2004
"PunkBusterSvc" = PunkBuster Services
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Simnet UnInstaller_is1" = Simnet UnInstaller 2011
"SolveigMM AVI Trimmer 2.0.1201.11" = SolveigMM AVI Trimmer
"Super Ovladač_is1" = Super Ovladač
"TDP x-Ray" = TDP x-Ray
"The KMPlayer" = The KMPlayer (remove only)
"theHunter" = theHunter (remove only)
"TVRTLDrv" = GIGABYTE U7300 BDA Device
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.9
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinX Free FLV to MP3 Converter_is1" = WinX Free FLV to MP3 Converter 2.0.6
"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.10.3
"World of Warcraft" = World of Warcraft
"XnView_is1" = XnView 1.98.7
"ZonerPhotoStudio14_EN_is1" = Zoner Photo Studio 14 FREE

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3607321302-1505321999-3635864961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

cart3 · #23 Příspěvek od **cart3** » 04 bře 2012 07:56

dekuju moc za ochotu a cas

#24 Příspěvek od **motji** » 04 bře 2012 09:59

Mladíku, jste si jistý, že ten systém je legální? Já se domnívám že ne

. Tak nás tu laskavě nevoďte za nos

cart3 · #25 Příspěvek od **cart3** » 04 bře 2012 14:38

mam original win 7 preofesional 64bit a nikoho za nos netaham a urazi me to

#26 Příspěvek od **motji** » 04 bře 2012 16:22

V logu je vidět že stahujete keygeny, vidím activátor na win7 home, proto jsem usuzovala že systém není legální.

#27 Příspěvek od **vyosek** » 04 bře 2012 16:53

Zdravim a omlouvam se kolegyni a kolegovi za vstup,

mate legalni system a tohle je potom co New Windows 7 Activator [2010]\7Loader Release 5.exe - to asi nebude simulator pohybu akvarijnich rybicek

Pokud se vam tu nelibi, nikdo vas tu nenuti byt, tlacitko Odhlasit se je vlevo nahore...

#28 Příspěvek od **vyosek** » 04 bře 2012 17:02

Dale pak

\$WINDOWS.~BT\Windows\SETUP\SCRIPTS\Windows7Loader.exe
$WINDOWS.~BT\Sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe

asi tez nebude standartni dodavka od microsoftu

cart3 · #29 Příspěvek od **cart3** » 04 bře 2012 17:14

mam poslat cd key

. to mam do jineho pc opakuji mam legalni win 7 profesional 64bit

#30 Příspěvek od **vyosek** » 04 bře 2012 17:16

Pokud chcete aby vas CD key nekdo zneuzil, tak klidne jej sem napiste

ten druhy loader se aplikuje takto do systemu az po tom co je pouzit...

Nicmene, i tak porusujete pravidla fora - log je prolezly cracky\keygeny apod a nemame naladu\chut tady lecit PC ktere je defakto hned zaliskane zpatky, s prominutim, blbosti uzivatele...

v interni porade jsme se shodli, ze nebude pokracovano

VIRY.CZ

kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry

Re: kontrola logu asi viry