VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vir z facebooku

https://forum.viry.cz:443/viewtopic.php?t=116530

Stránka 3 z 7

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 31 říj 2011 16:35
od Temgotin
dobře, hlavní je, že jsem se ho pravděpodobně zbavil...

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 31 říj 2011 22:02
od 1danab
:arrow: stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
spusťte, pak do dolního okna zkopírujte následující skript

Kód: Vybrat vše

 netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys 
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys 
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys 
nvrd32.sys 
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack*
*keygen*
Zaškrtněte čtvereček Pro všechny uživatele
a Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 14:03
od Temgotin
Počkejte prosím, ono je to trochu pomalé...

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 14:19
od Temgotin
Celkem ti to vytvořilo dva listy, první byl ale příliš dlouhý, tak jsem ho rozdělil:

1/2

OTL logfile created on: 1.11.2011 14:00:19 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\PC1\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 65,12% Memory free
6,50 Gb Paging File | 5,21 Gb Available in Paging File | 80,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 48,26 Gb Free Space | 24,72% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 129,04 Gb Free Space | 47,71% Space Free | Partition Type: NTFS
Drive E: | 454,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC1-PC | User Name: PC1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.01 13:57:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\PC1\Desktop\OTL.exe
PRC - [2011.08.15 15:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.08.15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.08.04 07:44:20 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2011.08.01 13:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.14 17:08:56 | 000,402,832 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011.04.14 17:08:52 | 000,352,144 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.08 16:46:58 | 001,115,568 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.10.03 20:21:46 | 001,511,424 | ---- | M] (Alexey ILJIN) -- C:\Program Files\Translate Client\translateclient.exe
PRC - [2010.08.26 02:57:32 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.04.12 20:15:20 | 001,917,600 | ---- | M] () -- C:\Program Files\Micro-Sys Software\Launcher\Launcher.exe
PRC - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- D:\Users\PC1\Desktop\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.07.14 02:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.12 14:27:38 | 014,410,024 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2011.10.12 14:27:38 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
MOD - [2011.10.12 14:27:38 | 000,194,344 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2011.10.12 14:27:38 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dll
MOD - [2011.10.12 14:27:38 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.04.12 20:15:20 | 001,917,600 | ---- | M] () -- C:\Program Files\Micro-Sys Software\Launcher\Launcher.exe
MOD - [2006.01.08 14:53:24 | 000,005,120 | ---- | M] () -- C:\Windows\System32\hash2.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wlidsvc)
SRV - File not found [On_Demand | Stopped] -- -- (Steam Client Service)
SRV - File not found [On_Demand | Stopped] -- -- (NisSrv)
SRV - File not found [Auto | Stopped] -- -- (MsMpSvc)
SRV - File not found [On_Demand | Stopped] -- -- (IDriverT)
SRV - [2011.08.15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.14 17:08:52 | 000,352,144 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011.04.05 18:05:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- D:\Users\PC1\Desktop\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.10.05 18:03:11 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011.04.15 17:59:34 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.04.12 16:17:28 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.08.26 04:36:28 | 006,380,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.08.26 02:20:36 | 000,221,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.07.15 13:47:36 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.04.27 11:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2010.03.04 11:26:56 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.06.24 12:39:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.06.24 12:39:19 | 000,000,000 | ---D | M]

[2011.10.02 15:03:33 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: Facecons = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabdeiamlolpdknhnpflnijogclooij\1.0_0\

O1 HOSTS File: ([2011.10.30 19:56:08 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (IObitCom Toolbar) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (Fast Search by Surf Canyon) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (FACECONS Class) - {B2A44031-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files\Facecons\Facecons.dll (Facecons)
O2 - BHO: (The Game Creators Ltd Toolbar) - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IObitCom Toolbar) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (The Game Creators Ltd Toolbar) - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SFT_eng7 Toolbar) - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IObitCom Toolbar) - {31C7D459-9CC3-44F2-9DCA-FC11795309B4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [MicroSys-Launcher] C:\Program Files\Micro-Sys Software\Launcher\Launcher.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/stati ... 0.66.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6249D906-22F1-45CE-B924-A8F097840139}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.08.24 00:25:02 | 000,000,034 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.g723 - g723.acm File not found
Drivers32: msacm.iac2 - C:\Windows\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.I263 - C:\Windows\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - C:\Windows\System32\i263_32.drv (Intel Corporation)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.11.01 13:59:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\PC1\Desktop\OTL.exe
[2011.10.30 19:59:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.10.30 19:59:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.10.30 17:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.30 16:21:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.10.30 16:21:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.10.30 16:21:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.10.30 16:21:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.10.30 16:21:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.10.30 16:20:54 | 004,278,480 | R--- | C] (Swearware) -- D:\Users\PC1\Desktop\ComboFix.exe
[2011.10.30 15:48:39 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\Malwarebytes
[2011.10.30 15:48:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.10.30 15:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.30 15:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.30 15:48:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.30 15:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.30 15:46:51 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- D:\Users\PC1\Desktop\mbam-setup.exe
[2011.10.30 15:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.30 15:32:12 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.30 12:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.10.28 12:35:35 | 000,000,000 | ---D | C] -- C:\TopCD
[2011.10.27 08:18:35 | 000,000,000 | ---D | C] -- D:\Users\PC1\Desktop\Message Script
[2011.10.25 15:02:40 | 000,000,000 | ---D | C] -- C:\UDK
[2011.10.24 20:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Development Kit
[2011.10.24 20:03:12 | 000,000,000 | ---D | C] -- C:\Unreal Engine
[2011.10.23 16:44:58 | 000,000,000 | ---D | C] -- D:\Users\PC1\Desktop\dlc
[2011.10.17 18:58:25 | 000,695,296 | ---- | C] (AnjoCaido) -- D:\Users\PC1\Desktop\Minecraft Updater.exe
[2011.10.14 17:48:51 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\Battlefield Play4Free
[2011.10.10 15:43:17 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\Any Video Converter
[2011.10.10 15:43:09 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\AnvSoft
[2011.10.10 15:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011.10.10 15:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2011.10.08 18:04:05 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\NinjaBlade
[2011.10.08 17:50:32 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioFile2.dll
[2011.10.08 17:50:32 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioInformation2.dll
[2011.10.08 17:50:32 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\System32\NCTAudioCDGrabber2.dll
[2011.10.08 17:50:32 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMAFile2.dll
[2011.10.08 17:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mp3WmaOgg Converter
[2011.10.08 17:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\Free Mp3WmaOgg Converter
[2011.10.08 17:49:34 | 005,919,294 | ---- | C] ( ) -- D:\Users\PC1\Desktop\FreeMp3WmaOggConverter.exe
[2011.10.08 17:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
[2011.10.08 17:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\TopCD
[2011.10.05 18:59:13 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\Skype
[2011.10.05 18:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.10.05 18:59:06 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.10.05 18:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.10.05 18:03:37 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\Hamachi
[2011.10.05 18:03:11 | 000,017,480 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.10.05 18:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi
[2011.10.05 18:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\Hamachi
[2011.10.05 17:52:36 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Local\LogMeIn Hamachi
[2011.10.05 17:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.10.05 17:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.10.05 15:20:40 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\Amnesia
[2011.10.02 15:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3D 6.5.28
[2011.10.02 15:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\AC3D 6.5.28
[2011.10.02 15:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3D
[2011.10.02 15:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\AC3D
[2011.10.02 15:11:42 | 005,721,344 | ---- | C] (Inivis ) -- D:\Users\PC1\Desktop\ac3d6205.exe
[2011.10.02 15:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Facecons
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.01 14:01:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.01 14:00:53 | 000,664,300 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.11.01 14:00:53 | 000,649,842 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.01 14:00:53 | 000,138,776 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.11.01 14:00:53 | 000,119,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.01 13:58:13 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job
[2011.11.01 13:57:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\PC1\Desktop\OTL.exe
[2011.11.01 13:55:04 | 000,003,298 | ---- | M] () -- C:\Windows\System32\StyleVista.png
[2011.11.01 13:55:04 | 000,003,137 | ---- | M] () -- C:\Windows\System32\StyleVistaDown.png
[2011.11.01 13:53:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.01 13:53:44 | 2616,037,376 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.31 16:01:42 | 000,001,371 | ---- | M] () -- D:\Users\PC1\Desktop\Internet Explorer.lnk
[2011.10.31 15:46:16 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.10.31 15:00:38 | 000,002,045 | ---- | M] () -- D:\Users\PC1\Desktop\Google Chrome.lnk
[2011.10.30 19:56:08 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.10.30 16:20:57 | 004,278,480 | R--- | M] (Swearware) -- D:\Users\PC1\Desktop\ComboFix.exe
[2011.10.30 15:48:18 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.30 15:47:36 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- D:\Users\PC1\Desktop\mbam-setup.exe
[2011.10.29 19:44:59 | 000,043,470 | ---- | M] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-29 20-43-18-51.bmp
[2011.10.29 19:18:48 | 000,037,943 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Original_CZ_.torrent
[2011.10.29 19:03:06 | 000,001,828 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Vysetrovani_Inquisition_CZ.torrent
[2011.10.29 18:56:10 | 000,020,057 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2.torrent
[2011.10.28 12:41:42 | 000,001,466 | ---- | M] () -- D:\Users\PC1\Desktop\Amnesia.lnk
[2011.10.27 18:29:13 | 000,138,264 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.10.27 18:29:06 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.10.27 14:30:08 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for PC1.job
[2011.10.26 17:51:39 | 000,252,204 | ---- | M] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-41-03-85.jpg
[2011.10.26 17:51:15 | 000,234,498 | ---- | M] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-40-08-34.jpg
[2011.10.26 09:39:16 | 001,226,946 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-26 10-39-16-24.bmp
[2011.10.25 15:07:29 | 000,001,902 | ---- | M] () -- D:\Users\PC1\Desktop\UDK Game.lnk
[2011.10.25 15:07:29 | 000,001,846 | ---- | M] () -- D:\Users\PC1\Desktop\UDK Editor.lnk
[2011.10.23 16:50:50 | 000,070,852 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2_CZ.torrent
[2011.10.23 07:24:41 | 000,015,933 | ---- | M] () -- D:\Users\PC1\Desktop\GoG.x
[2011.10.22 18:12:23 | 024,534,382 | ---- | M] () -- D:\Users\PC1\Desktop\Terraria-by-Ajdam.zip
[2011.10.20 12:39:48 | 000,000,000 | ---- | M] () -- C:\Users\PC1\AppData\Local\{5333C051-68AD-4433-878B-1B274F0EB1FB}
[2011.10.16 12:19:56 | 002,964,769 | ---- | M] () -- D:\Users\PC1\Desktop\Minecraft Svatyně SCORE.rar
[2011.10.16 10:58:32 | 000,840,312 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-58-30-01.avi
[2011.10.16 10:58:29 | 000,000,429 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-86 fps.csv
[2011.10.16 10:57:15 | 508,021,272 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-96.avi
[2011.10.15 17:01:19 | 416,398,363 | ---- | M] () -- D:\Users\PC1\Desktop\batman_arkham_city-15min-fhd.zip
[2011.10.15 16:50:02 | 000,031,778 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mirrors_Edge.torrent
[2011.10.14 19:10:28 | 046,267,078 | ---- | M] () -- D:\Users\PC1\Desktop\Minecraft-1.8.1--CRACKED-.rar
[2011.10.14 17:48:25 | 000,138,056 | ---- | M] () -- C:\Users\PC1\AppData\Roaming\PnkBstrK.sys
[2011.10.13 20:28:03 | 000,011,330 | ---- | M] () -- D:\Users\PC1\Desktop\uzi.jpg
[2011.10.12 18:19:48 | 000,403,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.10 15:43:04 | 000,001,018 | ---- | M] () -- D:\Users\PC1\Desktop\Any Video Converter.lnk
[2011.10.09 17:58:19 | 000,018,848 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Harry_Potter_a_Relikvie_smrti_cast_2_Harry_Potter_and_the_Deathly_Hallows_Part_II_TS_CZ.torrent
[2011.10.08 20:04:18 | 000,358,115 | ---- | M] () -- D:\Users\PC1\Desktop\fpsjeep.rar
[2011.10.08 19:14:54 | 002,169,095 | ---- | M] () -- D:\Users\PC1\Desktop\-Tunnel Segments- V1.0b.zip
[2011.10.08 18:01:19 | 002,921,408 | ---- | M] () -- D:\Users\PC1\Desktop\05. Detroit City Ambient Part 1.ogg
[2011.10.08 17:50:33 | 000,000,868 | ---- | M] () -- D:\Users\PC1\Desktop\Free Mp3WmaOGG Converter.lnk
[2011.10.08 17:50:33 | 000,000,170 | ---- | M] () -- D:\Users\PC1\Desktop\Try Audio Editing Lab for FREE.url
[2011.10.08 17:50:06 | 005,919,294 | ---- | M] ( ) -- D:\Users\PC1\Desktop\FreeMp3WmaOggConverter.exe
[2011.10.08 17:46:30 | 000,000,954 | ---- | M] () -- D:\Users\PC1\Desktop\Ninja Blade.lnk
[2011.10.07 18:52:23 | 070,013,369 | ---- | M] () -- D:\Users\PC1\Desktop\Soundtrack-Aliens.rar
[2011.10.07 18:37:17 | 000,829,288 | ---- | M] () -- D:\Users\PC1\Desktop\Conveyor Belt Pack.zip
[2011.10.05 18:59:09 | 000,002,521 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.05 18:03:11 | 000,017,480 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.10.03 15:04:54 | 000,280,904 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.10.03 12:44:29 | 000,000,144 | ---- | M] () -- D:\Users\PC1\Desktop\Tma.fpi
[2011.10.02 15:41:35 | 000,000,840 | ---- | M] () -- D:\Users\PC1\Desktop\AC3D.lnk
[2011.10.02 15:19:01 | 000,003,710 | ---- | M] () -- D:\Users\PC1\Desktop\AC3D_6.5.28___KeyGen_[H].5735118.TPB.torrent
[2011.10.02 15:14:23 | 005,721,344 | ---- | M] (Inivis ) -- D:\Users\PC1\Desktop\ac3d6205.exe
[2011.10.02 15:14:18 | 000,013,521 | ---- | M] () -- D:\Users\PC1\Desktop\Stul.3ds
[2011.10.02 14:40:35 | 000,028,898 | ---- | M] () -- D:\Users\PC1\Desktop\untitled.3ds
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.01 14:01:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.31 15:46:16 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.10.31 15:00:38 | 000,002,045 | ---- | C] () -- D:\Users\PC1\Desktop\Google Chrome.lnk
[2011.10.30 16:21:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.10.30 16:21:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.10.30 16:21:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.10.30 16:21:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.10.30 16:21:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.10.30 15:48:18 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.30 08:58:32 | 000,003,298 | ---- | C] () -- C:\Windows\System32\StyleVista.png
[2011.10.30 08:58:32 | 000,003,137 | ---- | C] () -- C:\Windows\System32\StyleVistaDown.png
[2011.10.29 19:43:18 | 000,043,470 | ---- | C] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-29 20-43-18-51.bmp
[2011.10.29 19:18:45 | 000,037,943 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Original_CZ_.torrent
[2011.10.29 19:03:03 | 000,001,828 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Vysetrovani_Inquisition_CZ.torrent
[2011.10.29 18:56:06 | 000,020,057 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2.torrent
[2011.10.28 12:41:42 | 000,001,466 | ---- | C] () -- D:\Users\PC1\Desktop\Amnesia.lnk
[2011.10.26 17:51:39 | 000,252,204 | ---- | C] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-41-03-85.jpg
[2011.10.26 17:51:14 | 000,234,498 | ---- | C] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-40-08-34.jpg
[2011.10.26 09:39:16 | 001,226,946 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-26 10-39-16-24.bmp
[2011.10.26 07:49:38 | 000,001,902 | ---- | C] () -- D:\Users\PC1\Desktop\UDK Game.lnk
[2011.10.25 15:22:27 | 000,001,846 | ---- | C] () -- D:\Users\PC1\Desktop\UDK Editor.lnk
[2011.10.23 16:44:53 | 000,070,852 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2_CZ.torrent
[2011.10.23 07:24:41 | 000,015,933 | ---- | C] () -- D:\Users\PC1\Desktop\GoG.x
[2011.10.22 18:08:28 | 024,534,382 | ---- | C] () -- D:\Users\PC1\Desktop\Terraria-by-Ajdam.zip
[2011.10.20 12:39:48 | 000,000,000 | ---- | C] () -- C:\Users\PC1\AppData\Local\{5333C051-68AD-4433-878B-1B274F0EB1FB}
[2011.10.16 12:19:29 | 002,964,769 | ---- | C] () -- D:\Users\PC1\Desktop\Minecraft Svatyně SCORE.rar
[2011.10.16 10:58:29 | 000,840,312 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-58-30-01.avi
[2011.10.16 10:58:29 | 000,000,429 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-86 fps.csv
[2011.10.16 10:56:44 | 508,021,272 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-96.avi
[2011.10.15 17:00:57 | 416,398,363 | ---- | C] () -- D:\Users\PC1\Desktop\batman_arkham_city-15min-fhd.zip
[2011.10.15 16:50:00 | 000,031,778 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mirrors_Edge.torrent
[2011.10.14 19:10:24 | 046,267,078 | ---- | C] () -- D:\Users\PC1\Desktop\Minecraft-1.8.1--CRACKED-.rar
[2011.10.13 20:27:55 | 000,011,330 | ---- | C] () -- D:\Users\PC1\Desktop\uzi.jpg
[2011.10.10 15:43:04 | 000,001,018 | ---- | C] () -- D:\Users\PC1\Desktop\Any Video Converter.lnk
[2011.10.09 17:58:17 | 000,018,848 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Harry_Potter_a_Relikvie_smrti_cast_2_Harry_Potter_and_the_Deathly_Hallows_Part_II_TS_CZ.torrent
[2011.10.08 20:03:49 | 000,358,115 | ---- | C] () -- D:\Users\PC1\Desktop\fpsjeep.rar
[2011.10.08 19:20:42 | 003,145,856 | ---- | C] () -- D:\Users\PC1\Desktop\TF341_01_2_D2.DDS
[2011.10.08 19:12:37 | 002,169,095 | ---- | C] () -- D:\Users\PC1\Desktop\-Tunnel Segments- V1.0b.zip
[2011.10.08 18:01:00 | 002,921,408 | ---- | C] () -- D:\Users\PC1\Desktop\05. Detroit City Ambient Part 1.ogg
[2011.10.08 17:50:33 | 000,000,868 | ---- | C] () -- D:\Users\PC1\Desktop\Free Mp3WmaOGG Converter.lnk
[2011.10.08 17:50:33 | 000,000,170 | ---- | C] () -- D:\Users\PC1\Desktop\Try Audio Editing Lab for FREE.url
[2011.10.08 17:50:32 | 000,113,486 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx
[2011.10.08 17:50:31 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.10.08 17:46:30 | 000,000,954 | ---- | C] () -- D:\Users\PC1\Desktop\Ninja Blade.lnk
[2011.10.07 18:52:21 | 070,013,369 | ---- | C] () -- D:\Users\PC1\Desktop\Soundtrack-Aliens.rar
[2011.10.07 18:37:10 | 000,829,288 | ---- | C] () -- D:\Users\PC1\Desktop\Conveyor Belt Pack.zip
[2011.10.05 18:59:09 | 000,002,521 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.03 12:43:19 | 000,000,144 | ---- | C] () -- D:\Users\PC1\Desktop\Tma.fpi

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 14:19
od Temgotin
Celkem ti to vytvořilo dva listy, první byl ale příliš dlouhý, tak jsem ho rozdělil:

1/2

OTL logfile created on: 1.11.2011 14:00:19 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Users\PC1\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 65,12% Memory free
6,50 Gb Paging File | 5,21 Gb Available in Paging File | 80,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 48,26 Gb Free Space | 24,72% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 129,04 Gb Free Space | 47,71% Space Free | Partition Type: NTFS
Drive E: | 454,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC1-PC | User Name: PC1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.01 13:57:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\PC1\Desktop\OTL.exe
PRC - [2011.08.15 15:18:14 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.08.15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.08.04 07:44:20 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2011.08.01 13:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.14 17:08:56 | 000,402,832 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011.04.14 17:08:52 | 000,352,144 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.08 16:46:58 | 001,115,568 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.10.03 20:21:46 | 001,511,424 | ---- | M] (Alexey ILJIN) -- C:\Program Files\Translate Client\translateclient.exe
PRC - [2010.08.26 02:57:32 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.04.12 20:15:20 | 001,917,600 | ---- | M] () -- C:\Program Files\Micro-Sys Software\Launcher\Launcher.exe
PRC - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- D:\Users\PC1\Desktop\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.07.14 02:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.12 14:27:38 | 014,410,024 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2011.10.12 14:27:38 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
MOD - [2011.10.12 14:27:38 | 000,194,344 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2011.10.12 14:27:38 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dll
MOD - [2011.10.12 14:27:38 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.04.12 20:15:20 | 001,917,600 | ---- | M] () -- C:\Program Files\Micro-Sys Software\Launcher\Launcher.exe
MOD - [2006.01.08 14:53:24 | 000,005,120 | ---- | M] () -- C:\Windows\System32\hash2.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wlidsvc)
SRV - File not found [On_Demand | Stopped] -- -- (Steam Client Service)
SRV - File not found [On_Demand | Stopped] -- -- (NisSrv)
SRV - File not found [Auto | Stopped] -- -- (MsMpSvc)
SRV - File not found [On_Demand | Stopped] -- -- (IDriverT)
SRV - [2011.08.15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.14 17:08:52 | 000,352,144 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011.04.05 18:05:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- D:\Users\PC1\Desktop\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.10.05 18:03:11 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011.04.15 17:59:34 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.04.12 16:17:28 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.08.26 04:36:28 | 006,380,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.08.26 02:20:36 | 000,221,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.07.15 13:47:36 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.04.27 11:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2010.03.04 11:26:56 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.06.24 12:39:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.06.24 12:39:19 | 000,000,000 | ---D | M]

[2011.10.02 15:03:33 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: Facecons = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabdeiamlolpdknhnpflnijogclooij\1.0_0\

O1 HOSTS File: ([2011.10.30 19:56:08 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (IObitCom Toolbar) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (Fast Search by Surf Canyon) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (FACECONS Class) - {B2A44031-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files\Facecons\Facecons.dll (Facecons)
O2 - BHO: (The Game Creators Ltd Toolbar) - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IObitCom Toolbar) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (The Game Creators Ltd Toolbar) - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SFT_eng7 Toolbar) - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IObitCom Toolbar) - {31C7D459-9CC3-44F2-9DCA-FC11795309B4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [MicroSys-Launcher] C:\Program Files\Micro-Sys Software\Launcher\Launcher.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/stati ... 0.66.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6249D906-22F1-45CE-B924-A8F097840139}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.08.24 00:25:02 | 000,000,034 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.g723 - g723.acm File not found
Drivers32: msacm.iac2 - C:\Windows\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.I263 - C:\Windows\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - C:\Windows\System32\i263_32.drv (Intel Corporation)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.11.01 13:59:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Users\PC1\Desktop\OTL.exe
[2011.10.30 19:59:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.10.30 19:59:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.10.30 17:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.10.30 16:21:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.10.30 16:21:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.10.30 16:21:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.10.30 16:21:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.10.30 16:21:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.10.30 16:20:54 | 004,278,480 | R--- | C] (Swearware) -- D:\Users\PC1\Desktop\ComboFix.exe
[2011.10.30 15:48:39 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\Malwarebytes
[2011.10.30 15:48:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.10.30 15:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.30 15:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.30 15:48:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.30 15:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.30 15:46:51 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- D:\Users\PC1\Desktop\mbam-setup.exe
[2011.10.30 15:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.30 15:32:12 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.30 12:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.10.28 12:35:35 | 000,000,000 | ---D | C] -- C:\TopCD
[2011.10.27 08:18:35 | 000,000,000 | ---D | C] -- D:\Users\PC1\Desktop\Message Script
[2011.10.25 15:02:40 | 000,000,000 | ---D | C] -- C:\UDK
[2011.10.24 20:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Development Kit
[2011.10.24 20:03:12 | 000,000,000 | ---D | C] -- C:\Unreal Engine
[2011.10.23 16:44:58 | 000,000,000 | ---D | C] -- D:\Users\PC1\Desktop\dlc
[2011.10.17 18:58:25 | 000,695,296 | ---- | C] (AnjoCaido) -- D:\Users\PC1\Desktop\Minecraft Updater.exe
[2011.10.14 17:48:51 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\Battlefield Play4Free
[2011.10.10 15:43:17 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\Any Video Converter
[2011.10.10 15:43:09 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\AnvSoft
[2011.10.10 15:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011.10.10 15:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2011.10.08 18:04:05 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\NinjaBlade
[2011.10.08 17:50:32 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioFile2.dll
[2011.10.08 17:50:32 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioInformation2.dll
[2011.10.08 17:50:32 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\System32\NCTAudioCDGrabber2.dll
[2011.10.08 17:50:32 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMAFile2.dll
[2011.10.08 17:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mp3WmaOgg Converter
[2011.10.08 17:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\Free Mp3WmaOgg Converter
[2011.10.08 17:49:34 | 005,919,294 | ---- | C] ( ) -- D:\Users\PC1\Desktop\FreeMp3WmaOggConverter.exe
[2011.10.08 17:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
[2011.10.08 17:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\TopCD
[2011.10.05 18:59:13 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\Skype
[2011.10.05 18:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.10.05 18:59:06 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.10.05 18:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.10.05 18:03:37 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Roaming\Hamachi
[2011.10.05 18:03:11 | 000,017,480 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.10.05 18:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi
[2011.10.05 18:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\Hamachi
[2011.10.05 17:52:36 | 000,000,000 | ---D | C] -- C:\Users\PC1\AppData\Local\LogMeIn Hamachi
[2011.10.05 17:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.10.05 17:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.10.05 15:20:40 | 000,000,000 | ---D | C] -- D:\Users\PC1\Documents\Amnesia
[2011.10.02 15:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3D 6.5.28
[2011.10.02 15:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\AC3D 6.5.28
[2011.10.02 15:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3D
[2011.10.02 15:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\AC3D
[2011.10.02 15:11:42 | 005,721,344 | ---- | C] (Inivis ) -- D:\Users\PC1\Desktop\ac3d6205.exe
[2011.10.02 15:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Facecons
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.01 14:01:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.01 14:00:53 | 000,664,300 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.11.01 14:00:53 | 000,649,842 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.01 14:00:53 | 000,138,776 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.11.01 14:00:53 | 000,119,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.01 13:58:13 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job
[2011.11.01 13:57:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Users\PC1\Desktop\OTL.exe
[2011.11.01 13:55:04 | 000,003,298 | ---- | M] () -- C:\Windows\System32\StyleVista.png
[2011.11.01 13:55:04 | 000,003,137 | ---- | M] () -- C:\Windows\System32\StyleVistaDown.png
[2011.11.01 13:53:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.01 13:53:44 | 2616,037,376 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.31 16:01:42 | 000,001,371 | ---- | M] () -- D:\Users\PC1\Desktop\Internet Explorer.lnk
[2011.10.31 15:46:16 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.10.31 15:00:38 | 000,002,045 | ---- | M] () -- D:\Users\PC1\Desktop\Google Chrome.lnk
[2011.10.30 19:56:08 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.10.30 16:20:57 | 004,278,480 | R--- | M] (Swearware) -- D:\Users\PC1\Desktop\ComboFix.exe
[2011.10.30 15:48:18 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.30 15:47:36 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- D:\Users\PC1\Desktop\mbam-setup.exe
[2011.10.29 19:44:59 | 000,043,470 | ---- | M] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-29 20-43-18-51.bmp
[2011.10.29 19:18:48 | 000,037,943 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Original_CZ_.torrent
[2011.10.29 19:03:06 | 000,001,828 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Vysetrovani_Inquisition_CZ.torrent
[2011.10.29 18:56:10 | 000,020,057 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2.torrent
[2011.10.28 12:41:42 | 000,001,466 | ---- | M] () -- D:\Users\PC1\Desktop\Amnesia.lnk
[2011.10.27 18:29:13 | 000,138,264 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.10.27 18:29:06 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.10.27 14:30:08 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for PC1.job
[2011.10.26 17:51:39 | 000,252,204 | ---- | M] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-41-03-85.jpg
[2011.10.26 17:51:15 | 000,234,498 | ---- | M] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-40-08-34.jpg
[2011.10.26 09:39:16 | 001,226,946 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-26 10-39-16-24.bmp
[2011.10.25 15:07:29 | 000,001,902 | ---- | M] () -- D:\Users\PC1\Desktop\UDK Game.lnk
[2011.10.25 15:07:29 | 000,001,846 | ---- | M] () -- D:\Users\PC1\Desktop\UDK Editor.lnk
[2011.10.23 16:50:50 | 000,070,852 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2_CZ.torrent
[2011.10.23 07:24:41 | 000,015,933 | ---- | M] () -- D:\Users\PC1\Desktop\GoG.x
[2011.10.22 18:12:23 | 024,534,382 | ---- | M] () -- D:\Users\PC1\Desktop\Terraria-by-Ajdam.zip
[2011.10.20 12:39:48 | 000,000,000 | ---- | M] () -- C:\Users\PC1\AppData\Local\{5333C051-68AD-4433-878B-1B274F0EB1FB}
[2011.10.16 12:19:56 | 002,964,769 | ---- | M] () -- D:\Users\PC1\Desktop\Minecraft Svatyně SCORE.rar
[2011.10.16 10:58:32 | 000,840,312 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-58-30-01.avi
[2011.10.16 10:58:29 | 000,000,429 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-86 fps.csv
[2011.10.16 10:57:15 | 508,021,272 | ---- | M] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-96.avi
[2011.10.15 17:01:19 | 416,398,363 | ---- | M] () -- D:\Users\PC1\Desktop\batman_arkham_city-15min-fhd.zip
[2011.10.15 16:50:02 | 000,031,778 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Mirrors_Edge.torrent
[2011.10.14 19:10:28 | 046,267,078 | ---- | M] () -- D:\Users\PC1\Desktop\Minecraft-1.8.1--CRACKED-.rar
[2011.10.14 17:48:25 | 000,138,056 | ---- | M] () -- C:\Users\PC1\AppData\Roaming\PnkBstrK.sys
[2011.10.13 20:28:03 | 000,011,330 | ---- | M] () -- D:\Users\PC1\Desktop\uzi.jpg
[2011.10.12 18:19:48 | 000,403,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.10 15:43:04 | 000,001,018 | ---- | M] () -- D:\Users\PC1\Desktop\Any Video Converter.lnk
[2011.10.09 17:58:19 | 000,018,848 | ---- | M] () -- D:\Users\PC1\Desktop\[CzT]Harry_Potter_a_Relikvie_smrti_cast_2_Harry_Potter_and_the_Deathly_Hallows_Part_II_TS_CZ.torrent
[2011.10.08 20:04:18 | 000,358,115 | ---- | M] () -- D:\Users\PC1\Desktop\fpsjeep.rar
[2011.10.08 19:14:54 | 002,169,095 | ---- | M] () -- D:\Users\PC1\Desktop\-Tunnel Segments- V1.0b.zip
[2011.10.08 18:01:19 | 002,921,408 | ---- | M] () -- D:\Users\PC1\Desktop\05. Detroit City Ambient Part 1.ogg
[2011.10.08 17:50:33 | 000,000,868 | ---- | M] () -- D:\Users\PC1\Desktop\Free Mp3WmaOGG Converter.lnk
[2011.10.08 17:50:33 | 000,000,170 | ---- | M] () -- D:\Users\PC1\Desktop\Try Audio Editing Lab for FREE.url
[2011.10.08 17:50:06 | 005,919,294 | ---- | M] ( ) -- D:\Users\PC1\Desktop\FreeMp3WmaOggConverter.exe
[2011.10.08 17:46:30 | 000,000,954 | ---- | M] () -- D:\Users\PC1\Desktop\Ninja Blade.lnk
[2011.10.07 18:52:23 | 070,013,369 | ---- | M] () -- D:\Users\PC1\Desktop\Soundtrack-Aliens.rar
[2011.10.07 18:37:17 | 000,829,288 | ---- | M] () -- D:\Users\PC1\Desktop\Conveyor Belt Pack.zip
[2011.10.05 18:59:09 | 000,002,521 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.05 18:03:11 | 000,017,480 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.10.03 15:04:54 | 000,280,904 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.10.03 12:44:29 | 000,000,144 | ---- | M] () -- D:\Users\PC1\Desktop\Tma.fpi
[2011.10.02 15:41:35 | 000,000,840 | ---- | M] () -- D:\Users\PC1\Desktop\AC3D.lnk
[2011.10.02 15:19:01 | 000,003,710 | ---- | M] () -- D:\Users\PC1\Desktop\AC3D_6.5.28___KeyGen_[H].5735118.TPB.torrent
[2011.10.02 15:14:23 | 005,721,344 | ---- | M] (Inivis ) -- D:\Users\PC1\Desktop\ac3d6205.exe
[2011.10.02 15:14:18 | 000,013,521 | ---- | M] () -- D:\Users\PC1\Desktop\Stul.3ds
[2011.10.02 14:40:35 | 000,028,898 | ---- | M] () -- D:\Users\PC1\Desktop\untitled.3ds
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.01 14:01:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.31 15:46:16 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.10.31 15:00:38 | 000,002,045 | ---- | C] () -- D:\Users\PC1\Desktop\Google Chrome.lnk
[2011.10.30 16:21:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.10.30 16:21:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.10.30 16:21:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.10.30 16:21:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.10.30 16:21:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.10.30 15:48:18 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.30 08:58:32 | 000,003,298 | ---- | C] () -- C:\Windows\System32\StyleVista.png
[2011.10.30 08:58:32 | 000,003,137 | ---- | C] () -- C:\Windows\System32\StyleVistaDown.png
[2011.10.29 19:43:18 | 000,043,470 | ---- | C] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-29 20-43-18-51.bmp
[2011.10.29 19:18:45 | 000,037,943 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Original_CZ_.torrent
[2011.10.29 19:03:03 | 000,001,828 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_Vysetrovani_Inquisition_CZ.torrent
[2011.10.29 18:56:06 | 000,020,057 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2.torrent
[2011.10.28 12:41:42 | 000,001,466 | ---- | C] () -- D:\Users\PC1\Desktop\Amnesia.lnk
[2011.10.26 17:51:39 | 000,252,204 | ---- | C] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-41-03-85.jpg
[2011.10.26 17:51:14 | 000,234,498 | ---- | C] () -- D:\Users\PC1\Desktop\FPSC-Game 2011-10-26 18-40-08-34.jpg
[2011.10.26 09:39:16 | 001,226,946 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-26 10-39-16-24.bmp
[2011.10.26 07:49:38 | 000,001,902 | ---- | C] () -- D:\Users\PC1\Desktop\UDK Game.lnk
[2011.10.25 15:22:27 | 000,001,846 | ---- | C] () -- D:\Users\PC1\Desktop\UDK Editor.lnk
[2011.10.23 16:44:53 | 000,070,852 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mass_Effect_2_CZ.torrent
[2011.10.23 07:24:41 | 000,015,933 | ---- | C] () -- D:\Users\PC1\Desktop\GoG.x
[2011.10.22 18:08:28 | 024,534,382 | ---- | C] () -- D:\Users\PC1\Desktop\Terraria-by-Ajdam.zip
[2011.10.20 12:39:48 | 000,000,000 | ---- | C] () -- C:\Users\PC1\AppData\Local\{5333C051-68AD-4433-878B-1B274F0EB1FB}
[2011.10.16 12:19:29 | 002,964,769 | ---- | C] () -- D:\Users\PC1\Desktop\Minecraft Svatyně SCORE.rar
[2011.10.16 10:58:29 | 000,840,312 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-58-30-01.avi
[2011.10.16 10:58:29 | 000,000,429 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-86 fps.csv
[2011.10.16 10:56:44 | 508,021,272 | ---- | C] () -- D:\Users\PC1\Desktop\javaw 2011-10-16 11-56-44-96.avi
[2011.10.15 17:00:57 | 416,398,363 | ---- | C] () -- D:\Users\PC1\Desktop\batman_arkham_city-15min-fhd.zip
[2011.10.15 16:50:00 | 000,031,778 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Mirrors_Edge.torrent
[2011.10.14 19:10:24 | 046,267,078 | ---- | C] () -- D:\Users\PC1\Desktop\Minecraft-1.8.1--CRACKED-.rar
[2011.10.13 20:27:55 | 000,011,330 | ---- | C] () -- D:\Users\PC1\Desktop\uzi.jpg
[2011.10.10 15:43:04 | 000,001,018 | ---- | C] () -- D:\Users\PC1\Desktop\Any Video Converter.lnk
[2011.10.09 17:58:17 | 000,018,848 | ---- | C] () -- D:\Users\PC1\Desktop\[CzT]Harry_Potter_a_Relikvie_smrti_cast_2_Harry_Potter_and_the_Deathly_Hallows_Part_II_TS_CZ.torrent
[2011.10.08 20:03:49 | 000,358,115 | ---- | C] () -- D:\Users\PC1\Desktop\fpsjeep.rar
[2011.10.08 19:20:42 | 003,145,856 | ---- | C] () -- D:\Users\PC1\Desktop\TF341_01_2_D2.DDS
[2011.10.08 19:12:37 | 002,169,095 | ---- | C] () -- D:\Users\PC1\Desktop\-Tunnel Segments- V1.0b.zip
[2011.10.08 18:01:00 | 002,921,408 | ---- | C] () -- D:\Users\PC1\Desktop\05. Detroit City Ambient Part 1.ogg
[2011.10.08 17:50:33 | 000,000,868 | ---- | C] () -- D:\Users\PC1\Desktop\Free Mp3WmaOGG Converter.lnk
[2011.10.08 17:50:33 | 000,000,170 | ---- | C] () -- D:\Users\PC1\Desktop\Try Audio Editing Lab for FREE.url
[2011.10.08 17:50:32 | 000,113,486 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx
[2011.10.08 17:50:31 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.10.08 17:46:30 | 000,000,954 | ---- | C] () -- D:\Users\PC1\Desktop\Ninja Blade.lnk
[2011.10.07 18:52:21 | 070,013,369 | ---- | C] () -- D:\Users\PC1\Desktop\Soundtrack-Aliens.rar
[2011.10.07 18:37:10 | 000,829,288 | ---- | C] () -- D:\Users\PC1\Desktop\Conveyor Belt Pack.zip
[2011.10.05 18:59:09 | 000,002,521 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.03 12:43:19 | 000,000,144 | ---- | C] () -- D:\Users\PC1\Desktop\Tma.fpi

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 14:20
od Temgotin
2/2

[2011.10.02 15:41:35 | 000,000,840 | ---- | C] () -- D:\Users\PC1\Desktop\AC3D.lnk
[2011.10.02 15:18:59 | 000,003,710 | ---- | C] () -- D:\Users\PC1\Desktop\AC3D_6.5.28___KeyGen_[H].5735118.TPB.torrent
[2011.10.02 15:14:18 | 000,013,521 | ---- | C] () -- D:\Users\PC1\Desktop\Stul.3ds
[2011.10.02 14:40:34 | 000,028,898 | ---- | C] () -- D:\Users\PC1\Desktop\untitled.3ds
[2011.09.30 17:34:36 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.09.30 17:34:36 | 000,138,056 | ---- | C] () -- C:\Users\PC1\AppData\Roaming\PnkBstrK.sys
[2011.09.30 17:34:04 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.09.30 17:34:02 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.06.08 16:39:49 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2011.05.05 19:37:18 | 000,004,608 | ---- | C] () -- C:\Users\PC1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.05 15:55:10 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.04.17 09:34:29 | 000,000,169 | ---- | C] () -- C:\Windows\disney.ini
[2011.04.17 07:01:45 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2011.04.15 14:10:46 | 000,000,504 | ---- | C] () -- C:\Windows\eReg.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.04.02 17:03:22 | 000,021,496 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011.04.02 16:51:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.03 08:55:27 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.03.02 17:40:55 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2011.03.02 17:40:55 | 000,019,496 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2011.03.02 17:37:29 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.03.02 17:36:50 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.06.16 14:22:56 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.08.27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009.07.14 09:44:22 | 000,664,300 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 09:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 09:44:22 | 000,138,776 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 09:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,403,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,649,842 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,119,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.02.18 18:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.02.03 21:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2006.01.08 14:53:24 | 000,005,120 | ---- | C] () -- C:\Windows\System32\hash2.dll

========== LOP Check ==========

[2011.10.15 11:15:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\.minecraft
[2011.06.14 19:25:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Activision
[2011.10.10 15:43:09 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\AnvSoft
[2011.04.02 17:00:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Blender Foundation
[2011.04.14 13:27:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\com.w3i.FlipToast
[2011.04.16 09:04:58 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Lite
[2011.04.12 19:27:59 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Pro
[2011.05.15 14:02:29 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Dev-Cpp
[2011.05.29 14:50:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DisneyInteractiveStudios
[2011.09.08 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\FinalTorrent
[2011.05.15 12:08:53 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\gtk-2.0
[2011.04.02 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\InterTrust
[2011.04.19 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\IObit
[2011.04.28 13:15:48 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Micro-Sys
[2011.04.13 13:30:33 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Spore
[2011.04.15 16:43:36 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\SPORE Creature Creator
[2011.04.24 15:36:56 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\TGCStore
[2011.11.01 13:55:17 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\translateclient
[2011.11.01 13:58:13 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job
[2011.10.03 12:38:24 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Advanced SystemCare 4" = "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe" -- [2011.04.14 17:08:56 | 000,402,832 | ---- | M] (IObit)
"MicroSys-Launcher" = C:\Program Files\Micro-Sys Software\Launcher\launcher.exe -- [2010.04.12 20:15:20 | 001,917,600 | ---- | M] ()
"Steam" = "C:\Program Files\Steam\Steam.exe" -silent -- [2011.08.04 07:44:20 | 001,242,448 | ---- | M] (Valve Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2011.04.06 13:04:08 | 000,039,408 | ---- | M] (Google Inc.)

< >


< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\System32\drivers\fastfat.sys
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_ae8981a3b8b7be50\fastfat.sys

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NTFS.SYS >
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\ERDNT\cache\ntfs.sys
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\System32\drivers\ntfs.sys
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010.11.20 13:30:06 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009.07.14 02:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011.03.11 06:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011.03.11 06:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2011.03.11 06:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\$WINDOWS.~Q\DATA\Windows\System32\drivers\nvstor32.sys
[2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\drivers\nvstor32.sys
[2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_42c5f57853db3f80\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.20 05:25:14 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=2FB4CE429488156B19C0D8E5C4552043 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe
[2009.07.14 02:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010.11.20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\ERDNT\cache\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\System32\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2010.04.09 08:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 08:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\ERDNT\cache\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009.07.14 02:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009.07.14 09:43:31 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >
[2011.10.27 18:29:13 | 000,138,264 | ---- | M] () -- C:\Windows\system32\drivers\PnkBstrK.sys

< %systemroot%\system32\drivers\*.sys /X >
[2010.08.26 02:19:28 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009.06.10 22:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011.03.06 14:51:13 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.03.13 15:06:19 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.02.22 00:45:52 | 000,010,084 | R--- | M] () -- C:\Windows\system32\drivers\nvphy.bin

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.04.12 16:17:28 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.31 15:46:16 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll
[2011.10.31 15:46:16 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2011.10.31 15:46:16 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2011.10.30 17:08:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011.10.31 15:46:16 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2011.10.31 15:46:16 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2011.10.31 15:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2011.10.31 15:46:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2011.10.31 15:46:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll
[2011.10.31 15:46:16 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll
[2011.10.31 15:46:16 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll
[2011.10.31 15:46:16 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2011.10.31 15:46:16 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2011.10.31 15:46:16 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2011.10.31 15:46:16 | 009,704,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2011.10.31 15:46:16 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2011.10.31 15:46:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2011.10.31 15:46:16 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2011.10.31 15:46:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2011.10.31 15:46:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2011.10.31 15:46:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2011.10.31 15:46:16 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2011.10.31 15:46:16 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2011.10.31 15:46:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2011.10.31 15:46:16 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2011.10.31 15:46:16 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2011.10.31 15:46:16 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2011.10.31 15:46:16 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2011.10.31 15:46:16 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2011.10.31 15:46:16 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2011.10.31 15:46:16 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2011.10.31 15:46:16 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2011.10.31 15:46:16 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2011.10.31 15:46:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2011.10.31 15:46:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2011.10.31 15:46:16 | 012,275,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2011.10.31 15:46:16 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2011.10.31 15:46:16 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2011.10.31 15:46:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2011.10.31 15:46:16 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2011.10.31 15:46:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2011.10.31 15:46:16 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2011.11.01 14:00:53 | 000,138,776 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.11.01 14:00:53 | 000,119,872 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.11.01 14:00:53 | 000,664,300 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.11.01 14:00:53 | 000,649,842 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.11.01 14:00:53 | 001,569,968 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2011.10.31 15:46:16 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2011.10.27 18:29:04 | 000,234,768 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2011.10.27 18:29:06 | 000,234,768 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr
[2011.10.31 15:46:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2011.10.31 15:46:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2011.11.01 13:55:04 | 000,003,298 | ---- | M] () -- C:\Windows\system32\StyleVista.png
[2011.11.01 13:55:04 | 000,003,137 | ---- | M] () -- C:\Windows\system32\StyleVistaDown.png
[2011.10.31 15:46:16 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2011.10.31 15:46:16 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2011.10.31 15:46:16 | 001,102,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2011.10.31 15:46:16 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2011.10.31 15:46:16 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2011.10.31 15:46:16 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2011.10.31 15:46:16 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp files -> C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b8afe7db1d09b65e7248f100afd1405b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b8afe7db1d09b65e7248f100afd1405b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bc8dc82f2185d04a4a1cc78913e6041e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bc8dc82f2185d04a4a1cc78913e6041e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\dc5785e9c8b3c9af476ade166b57dd6e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\dc5785e9c8b3c9af476ade166b57dd6e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1172ec065789780f3e853c2a63ff94c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1172ec065789780f3e853c2a63ff94c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fe5aac9f4de0437922a7397ece1336d9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fe5aac9f4de0437922a7397ece1336d9\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.10.15 11:15:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\.minecraft
[2011.06.14 19:25:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Activision
[2011.06.11 07:25:13 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Adobe
[2011.10.10 15:43:09 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\AnvSoft
[2011.04.02 17:00:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\ATI
[2011.04.02 17:00:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Blender Foundation
[2011.04.14 13:27:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\com.w3i.FlipToast
[2011.04.16 09:04:58 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Lite
[2011.04.12 19:27:59 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Pro
[2011.05.15 14:02:29 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Dev-Cpp
[2011.05.29 14:50:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DisneyInteractiveStudios
[2011.09.08 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\FinalTorrent
[2011.04.08 13:50:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Google
[2011.05.15 12:08:53 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\gtk-2.0
[2011.10.07 16:08:19 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Hamachi
[2011.04.02 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Identities
[2011.04.02 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\InterTrust
[2011.04.19 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\IObit
[2011.04.06 13:05:19 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Macromedia
[2011.10.30 15:48:39 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Malwarebytes
[2009.07.14 10:19:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Media Center Programs
[2011.04.28 13:15:48 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Micro-Sys
[2011.06.11 07:25:13 | 000,000,000 | --SD | M] -- C:\Users\PC1\AppData\Roaming\Microsoft
[2011.10.31 19:53:43 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Skype
[2011.04.13 13:30:33 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Spore
[2011.04.15 16:43:36 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\SPORE Creature Creator
[2011.04.24 15:36:56 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\TGCStore
[2011.11.01 13:55:17 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\translateclient
[2011.04.24 12:55:00 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2011.10.14 17:48:25 | 000,138,056 | ---- | M] () -- C:\Users\PC1\AppData\Roaming\PnkBstrK.sys

< %APPDATA%\*.exe /s >
[2009.11.04 15:49:36 | 000,635,664 | ---- | M] (IObit) -- C:\Users\PC1\AppData\Roaming\IObit\Common\TB_Helper.exe
[2011.04.14 13:27:10 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\PC1\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.05.05 15:24:03 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\ARPPRODUCTICON.exe
[2011.05.05 15:24:04 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.05.05 15:24:04 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.05.05 15:24:04 | 000,008,854 | R--- | M] () -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\Uninstall_GameShadow_A6013C06C1D149219479FC243E7FEDE1.exe
[2011.06.14 12:43:54 | 002,497,217 | ---- | M] () -- C:\Users\PC1\AppData\Roaming\translateclient\Updates\TranslateClient_Update.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-26 20:19:30

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.07.14 02:14:59 | 000,039,936 | ---- | M] (Microsoft Corporation)
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.01 14:01:15 | 000,000,512 | ---- | M] () MD5=E6E7139A8255C52BE72D3A3674D94DF4 -- C:\PhysicalMBR.bin

< *crack* >

< *keygen* >

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:64217CD0

< End of report >

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 14:22
od Temgotin
A tady ten druhý list, ten sem mohu dát celý:


[2011.10.02 15:41:35 | 000,000,840 | ---- | C] () -- D:\Users\PC1\Desktop\AC3D.lnk
[2011.10.02 15:18:59 | 000,003,710 | ---- | C] () -- D:\Users\PC1\Desktop\AC3D_6.5.28___KeyGen_[H].5735118.TPB.torrent
[2011.10.02 15:14:18 | 000,013,521 | ---- | C] () -- D:\Users\PC1\Desktop\Stul.3ds
[2011.10.02 14:40:34 | 000,028,898 | ---- | C] () -- D:\Users\PC1\Desktop\untitled.3ds
[2011.09.30 17:34:36 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.09.30 17:34:36 | 000,138,056 | ---- | C] () -- C:\Users\PC1\AppData\Roaming\PnkBstrK.sys
[2011.09.30 17:34:04 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.09.30 17:34:02 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.06.08 16:39:49 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2011.05.05 19:37:18 | 000,004,608 | ---- | C] () -- C:\Users\PC1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.05 15:55:10 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.04.17 09:34:29 | 000,000,169 | ---- | C] () -- C:\Windows\disney.ini
[2011.04.17 07:01:45 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2011.04.15 14:10:46 | 000,000,504 | ---- | C] () -- C:\Windows\eReg.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.04.02 17:03:22 | 000,021,496 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011.04.02 16:51:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.03 08:55:27 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.03.02 17:40:55 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2011.03.02 17:40:55 | 000,019,496 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2011.03.02 17:37:29 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.03.02 17:36:50 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.06.16 14:22:56 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.08.27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009.07.14 09:44:22 | 000,664,300 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 09:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 09:44:22 | 000,138,776 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 09:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,403,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,649,842 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,119,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.02.18 18:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.02.03 21:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2006.01.08 14:53:24 | 000,005,120 | ---- | C] () -- C:\Windows\System32\hash2.dll

========== LOP Check ==========

[2011.10.15 11:15:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\.minecraft
[2011.06.14 19:25:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Activision
[2011.10.10 15:43:09 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\AnvSoft
[2011.04.02 17:00:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Blender Foundation
[2011.04.14 13:27:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\com.w3i.FlipToast
[2011.04.16 09:04:58 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Lite
[2011.04.12 19:27:59 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Pro
[2011.05.15 14:02:29 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Dev-Cpp
[2011.05.29 14:50:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DisneyInteractiveStudios
[2011.09.08 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\FinalTorrent
[2011.05.15 12:08:53 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\gtk-2.0
[2011.04.02 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\InterTrust
[2011.04.19 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\IObit
[2011.04.28 13:15:48 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Micro-Sys
[2011.04.13 13:30:33 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Spore
[2011.04.15 16:43:36 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\SPORE Creature Creator
[2011.04.24 15:36:56 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\TGCStore
[2011.11.01 13:55:17 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\translateclient
[2011.11.01 13:58:13 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job
[2011.10.03 12:38:24 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"Advanced SystemCare 4" = "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe" -- [2011.04.14 17:08:56 | 000,402,832 | ---- | M] (IObit)
"MicroSys-Launcher" = C:\Program Files\Micro-Sys Software\Launcher\launcher.exe -- [2010.04.12 20:15:20 | 001,917,600 | ---- | M] ()
"Steam" = "C:\Program Files\Steam\Steam.exe" -silent -- [2011.08.04 07:44:20 | 001,242,448 | ---- | M] (Valve Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2011.04.06 13:04:08 | 000,039,408 | ---- | M] (Google Inc.)

< >


< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\System32\drivers\fastfat.sys
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_ae8981a3b8b7be50\fastfat.sys

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NTFS.SYS >
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\ERDNT\cache\ntfs.sys
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\System32\drivers\ntfs.sys
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010.11.20 13:30:06 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009.07.14 02:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011.03.11 06:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011.03.11 06:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2011.03.11 06:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\$WINDOWS.~Q\DATA\Windows\System32\drivers\nvstor32.sys
[2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\drivers\nvstor32.sys
[2010.04.08 19:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_42c5f57853db3f80\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.20 05:25:14 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=2FB4CE429488156B19C0D8E5C4552043 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe
[2009.07.14 02:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010.11.20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\ERDNT\cache\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\System32\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2010.04.09 08:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 08:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\ERDNT\cache\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009.07.14 02:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009.07.14 09:43:31 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >
[2011.10.27 18:29:13 | 000,138,264 | ---- | M] () -- C:\Windows\system32\drivers\PnkBstrK.sys

< %systemroot%\system32\drivers\*.sys /X >
[2010.08.26 02:19:28 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009.06.10 22:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011.03.06 14:51:13 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.03.13 15:06:19 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.02.22 00:45:52 | 000,010,084 | R--- | M] () -- C:\Windows\system32\drivers\nvphy.bin

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.04.12 16:17:28 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.01 14:01:06 | 000,014,816 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.31 15:46:16 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll
[2011.10.31 15:46:16 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2011.10.31 15:46:16 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2011.10.30 17:08:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011.10.31 15:46:16 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2011.10.31 15:46:16 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2011.10.31 15:46:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2011.10.31 15:46:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2011.10.31 15:46:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll
[2011.10.31 15:46:16 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll
[2011.10.31 15:46:16 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll
[2011.10.31 15:46:16 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2011.10.31 15:46:16 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2011.10.31 15:46:16 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2011.10.31 15:46:16 | 009,704,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2011.10.31 15:46:16 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2011.10.31 15:46:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2011.10.31 15:46:16 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2011.10.31 15:46:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2011.10.31 15:46:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2011.10.31 15:46:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2011.10.31 15:46:16 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2011.10.31 15:46:16 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2011.10.31 15:46:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2011.10.31 15:46:16 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2011.10.31 15:46:16 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2011.10.31 15:46:16 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2011.10.31 15:46:16 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2011.10.31 15:46:16 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2011.10.31 15:46:16 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2011.10.31 15:46:16 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2011.10.31 15:46:16 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2011.10.31 15:46:16 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2011.10.31 15:46:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2011.10.31 15:46:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2011.10.31 15:46:16 | 012,275,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2011.10.31 15:46:16 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2011.10.31 15:46:16 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2011.10.31 15:46:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2011.10.31 15:46:16 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2011.10.31 15:46:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2011.10.31 15:46:16 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2011.11.01 14:00:53 | 000,138,776 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.11.01 14:00:53 | 000,119,872 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.11.01 14:00:53 | 000,664,300 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.11.01 14:00:53 | 000,649,842 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.11.01 14:00:53 | 001,569,968 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2011.10.31 15:46:16 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2011.10.27 18:29:04 | 000,234,768 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2011.10.27 18:29:06 | 000,234,768 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr
[2011.10.31 15:46:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2011.10.31 15:46:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2011.11.01 13:55:04 | 000,003,298 | ---- | M] () -- C:\Windows\system32\StyleVista.png
[2011.11.01 13:55:04 | 000,003,137 | ---- | M] () -- C:\Windows\system32\StyleVistaDown.png
[2011.10.31 15:46:16 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2011.10.31 15:46:16 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2011.10.31 15:46:16 | 001,102,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2011.10.31 15:46:16 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2011.10.31 15:46:16 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2011.10.31 15:46:16 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2011.10.31 15:46:16 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp files -> C:\Windows\SoftwareDistribution\Download\122c08a963fbdcba346ad4fbad854720\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b3c3400cd81b193adcc8650b6281372\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b8afe7db1d09b65e7248f100afd1405b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b8afe7db1d09b65e7248f100afd1405b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bc8dc82f2185d04a4a1cc78913e6041e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bc8dc82f2185d04a4a1cc78913e6041e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c45e8cd7d41298f44f460842a9347c70\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\d9ad0644b362e8208605baad436c65c0\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\dc5785e9c8b3c9af476ade166b57dd6e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\dc5785e9c8b3c9af476ade166b57dd6e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ec2cc6ab7853f7f87c73b2f137bf7916\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1172ec065789780f3e853c2a63ff94c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1172ec065789780f3e853c2a63ff94c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fe5aac9f4de0437922a7397ece1336d9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fe5aac9f4de0437922a7397ece1336d9\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.10.15 11:15:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\.minecraft
[2011.06.14 19:25:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Activision
[2011.06.11 07:25:13 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Adobe
[2011.10.10 15:43:09 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\AnvSoft
[2011.04.02 17:00:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\ATI
[2011.04.02 17:00:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Blender Foundation
[2011.04.14 13:27:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\com.w3i.FlipToast
[2011.04.16 09:04:58 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Lite
[2011.04.12 19:27:59 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Pro
[2011.05.15 14:02:29 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Dev-Cpp
[2011.05.29 14:50:15 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DisneyInteractiveStudios
[2011.09.08 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\FinalTorrent
[2011.04.08 13:50:06 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Google
[2011.05.15 12:08:53 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\gtk-2.0
[2011.10.07 16:08:19 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Hamachi
[2011.04.02 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Identities
[2011.04.02 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\InterTrust
[2011.04.19 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\IObit
[2011.04.06 13:05:19 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Macromedia
[2011.10.30 15:48:39 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Malwarebytes
[2009.07.14 10:19:24 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Media Center Programs
[2011.04.28 13:15:48 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Micro-Sys
[2011.06.11 07:25:13 | 000,000,000 | --SD | M] -- C:\Users\PC1\AppData\Roaming\Microsoft
[2011.10.31 19:53:43 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Skype
[2011.04.13 13:30:33 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Spore
[2011.04.15 16:43:36 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\SPORE Creature Creator
[2011.04.24 15:36:56 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\TGCStore
[2011.11.01 13:55:17 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\translateclient
[2011.04.24 12:55:00 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2011.10.14 17:48:25 | 000,138,056 | ---- | M] () -- C:\Users\PC1\AppData\Roaming\PnkBstrK.sys

< %APPDATA%\*.exe /s >
[2009.11.04 15:49:36 | 000,635,664 | ---- | M] (IObit) -- C:\Users\PC1\AppData\Roaming\IObit\Common\TB_Helper.exe
[2011.04.14 13:27:10 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\PC1\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.05.05 15:24:03 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\ARPPRODUCTICON.exe
[2011.05.05 15:24:04 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.05.05 15:24:04 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.05.05 15:24:04 | 000,008,854 | R--- | M] () -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{A6013C06-C1D1-4921-9479-FC243E7FEDE1}\Uninstall_GameShadow_A6013C06C1D149219479FC243E7FEDE1.exe
[2011.06.14 12:43:54 | 002,497,217 | ---- | M] () -- C:\Users\PC1\AppData\Roaming\translateclient\Updates\TranslateClient_Update.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-26 20:19:30

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.07.14 02:14:59 | 000,039,936 | ---- | M] (Microsoft Corporation)
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.01 14:01:15 | 000,000,512 | ---- | M] () MD5=E6E7139A8255C52BE72D3A3674D94DF4 -- C:\PhysicalMBR.bin

< *crack* >

< *keygen* >

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:64217CD0

< End of report >

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 16:11
od 1danab
Až dojedu domu z práce, hned na to mrknu a budeme pokračovat dál :)

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 19:54
od Temgotin
Jo a dnes jsem zjistil, že jsem v den nakažení automaticky poslal ten vir po chatu ostatním kámošům, to mě rozčililo ještě víc... :evil:

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 01 lis 2011 21:08
od 1danab
Je to poučení, že není dobré klikat na neznámé věci :twisted:

:arrow: spustte HiJackThis odtud C:\Program Files\trend micro\PC1.exe


v operačních systémech Windows Vista a Windows 7 spouštějte aplikaci jako správce (kliknutím pravým tlačítkem myši na ikonu aplikace a volbou "Spustit jako správce" :!:

neprovádějte sken, ale klikněte na tlačítko Open the Misc Tools Section

nahoře jsou čtyři tlačítka, musí být zamáčknuté Misc Tools:

Obrázek

najděte vlevo tlačítko Open ADS Spy , klikněte na něj, v následujícím okně zrušte zaškrtnutí chlívku Quick scan (Windows base folder only), klikněte na Scan, chvíli vyčkejte, než proběhne sken, poté klikněte na Save log (obsah logu sem vložte) a dále pak klikněte na Remove selected

:arrow: Až to budete mít spusťte znovu HJT a proveďte sken Do a system scan only po proběhnutí skenu v následujícím okně najděte tyto řádky a označte je kliknutím do čtverečku:

Kód: Vybrat vše

O2 - BHO: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (IObitCom Toolbar) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (FACECONS Class) - {B2A44031-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files\Facecons\Facecons.dll (Facecons)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IObitCom Toolbar) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (The Game Creators Ltd Toolbar) - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SFT_eng7 Toolbar) - {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - C:\Program Files\SFT_eng7\prxtbSFT_.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IObitCom Toolbar) - {31C7D459-9CC3-44F2-9DCA-FC11795309B4} - C:\Program Files\IObitCom\tbIObi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
poté klikněte na tlačítko Fix checked

:arrow: No a až budete mít všechno tohle hotovo, restartujte pc, udělejte nový sken RSIT a výsledný log mi sem vložte :)

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 02 lis 2011 14:05
od Temgotin
prominte, ale kde mám stáhnout ten hijack :shock:

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 02 lis 2011 14:15
od 1danab
Měl byste ho najít ve vašem pc zde C:\Program Files\trend micro\PC1.exe :)

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 02 lis 2011 14:59
od Temgotin
C:\ProgramData\TEMP : 64217CD0 (122 bytes)
C:\ProgramData\TEMP : 64217CD0 (122 bytes)
C:\Qoobox\Quarantine\Registry_backups\AddRemove-Tomb Raider : Anniversary.reg.dat (538 bytes)
C:\Qoobox\Quarantine\Registry_backups\AddRemove-Tomb Raider : Underworld.reg.dat (540 bytes)
C:\Qoobox\Quarantine\Registry_backups\AddRemove-čeština do hry Vampire the Masquerade : Bloodlines_is1.reg.dat (1984 bytes)
C:\Users\All Users\TEMP : 64217CD0 (122 bytes)
C:\Users\All Users\TEMP : 64217CD0 (122 bytes)
C:\Users\PC1\Favorites\A bronz je doma. Jsem zas nabitý láskou k hokeji, přiznal Hadamczik – Sport.cz.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Autodesk 3ds Max 2010.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\batman arkham asylum.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Batman Arkham City (3D O-ring) [141749] NETRA.CZ, netradičně dobrý obchod.url : favicon (3638 bytes)
C:\Users\PC1\Favorites\Crafting - Minecraft Wiki.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Creating your first zone with Realm Crafter [Part 1] - YouTube.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Alice Madness Returns (2011).url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Crysis 2 CZ.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Crysis cz.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Duke Nukem Forever - demo.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Duke Nukem Forever [Razor 1911].url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Fantastická čtyřka a silver surfer PS2.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Harry Potter and the Deathly Hallows Part.2 (2011).url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Lego Batman (CZ).url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - LEGO Harry Potter Years 1-4.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - LEGO Pirates of the Caribbean.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Lego Star Wars III The Clone Wars#page=1;s=.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Mirrors Edge.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Piráti z Karibiku - Na konci světa-Pirates of the Caribbean At World's End.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Portal 2 CZ.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Spiderman Web of Shadow.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Tomb Raider Underworld CZ.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Toy Story 3.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Transformers 2 - Revenge of the Fallen.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Transformers 2-Revenge of the Fallen.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\CzTorrent - 1. CZ Free Torrent Tracker - Zaklínač 2 Vrahové králů - The Witcher 2 Assassins of Kings - saves 100%.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\DC Universe Online, FREE Accounts on a Private Server!Download!! - Video.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Duke Nukem - Wikiquote.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Facebook.url : favicon (659 bytes)
C:\Users\PC1\Favorites\FPS Creator Návody.url : favicon (5686 bytes)
C:\Users\PC1\Favorites\FPS Creator - The Game Creators.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\FPS-Files Expand the Game! Downloads - Scripts - Cash System.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\FPS-Files Expand the Game! Downloads.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Harry Potter and the Deathly Hallows, Part 1 - Hry zdarma ke stažení - Warez AZbase.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\INVedit - MineCraft.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\Jak se domluvit s otcem, aby mi dovolil… Odpovědi.cz.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\Jsem číslo čtyři (2011) mobil.kinotip.cz - filmy do mobilu zdarma.url : favicon (5686 bytes)
C:\Users\PC1\Favorites\Malému Chorvatovi mizí rány a jeho tělo funguje jako magnet – Novinky.cz.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Minecraft cheaty Minecraft – multiplayer server.url : favicon (318 bytes)
C:\Users\PC1\Favorites\Minecraft Mods Pokeball - YouTube.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Nejlekavější osoba na světě ) - Autor sranda, Video na Stream.cz (ID 524307).url : favicon (1406 bytes)
C:\Users\PC1\Favorites\Piráti z Karibiku Na vlnách podivna Oficiální stránky Disney CZ.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Portal 2 Authoring Tools Released, News from GamePro.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\Portal 2 Map Editor v.1 download - Mod DB.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Punské války - Wikipedie.url : favicon (318 bytes)
C:\Users\PC1\Favorites\Překladač Google.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Superhry.cz - Trouble in Hair Saloon - online hry zdarma.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\The Game Creators Forum - FPSC Models - Mech hud pack (free).url : favicon (318 bytes)
C:\Users\PC1\Favorites\The Game Creators Forum - FPSC Models - Space Port pack [Released].url : favicon (318 bytes)
C:\Users\PC1\Favorites\Ukolydoskoly.cz - Jak se učit.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\Uloz.to! - American McGees Alice.iso.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Uloz.to! - Harry Potter a kámen mudrců PC hra.rar.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Uloz.to! - Harry Potter a vězeň z azkabanu PC hra.rar.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Uloz.to! - HARRY_POTTER a kámen mudrců PC hra + crack+ CD key.iso.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Uloz.to! - kopiha - stahování z rapidshare, stahuj, sdílej, obrázky, online video, na mobil.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Uloz.to! - Spiderman.exe.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Uloz.to! - stahování z rapidshare,ulozto, stahuj, sdílej, obrázky, online video, na mobil.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\update Projection Painting in Blender 2.5 on Vimeo.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\Videonávod pro začátečníky Blender - 3D grafika snadno a rychle.url : favicon (3638 bytes)
C:\Users\PC1\Favorites\VIRY.CZ • Zobrazit téma - FACEBOOK VIR - PROSIME CIST !!!.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Vtipy Chuck Norris.url : favicon (3126 bytes)
C:\Users\PC1\Favorites\VyžeňNudu.cz - Strašidelné schody.url : favicon (3262 bytes)
C:\Users\PC1\Favorites\Welcome to Steam.url : favicon (1406 bytes)
C:\Users\PC1\Favorites\World of Warcraft Mists of Pandaria Preview Trailer - YouTube.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\YouTube - Alien Vs Predator 2 Walkthrough - Alien - [Part 1].url : favicon (1150 bytes)
C:\Users\PC1\Favorites\YouTube - Batman Arkham Asylum Soundtrack Track 1.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\YouTube - Batman Arkham City - Official Gameplay Trailer - This Ain't No Place for a Hero.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\YouTube - LEGO Star Wars III The Clone Wars - Escena Yoda y Soldado Clon.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\YouTube - triky v malování.url : favicon (1150 bytes)
C:\Users\PC1\Favorites\Česko - Rusko a díl druhý. Aneb opět tu je Arťuchin, dvoumetrový kolos – Sport.cz.url : favicon (1150 bytes)
D:\Users\PC1\Desktop\Filmy\Sherlock Holmes 2009 titulky ve filmu CZ.avi : TOC.WMV (64 bytes)

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 02 lis 2011 15:20
od Temgotin
Výsledný log, tak jak to vypadá?:


Logfile of random's system information tool 1.09 (written by random/random)
Run by PC1 at 2011-11-02 15:18:24
Microsoft Windows 7 Home Premium
System drive C: has 49 GB (25%) free of 200 GB
Total RAM: 3326 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:18:43, on 2.11.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\Micro-Sys Software\Launcher\Launcher.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe
C:\Windows\system32\wuauclt.exe
C:\Users\PC1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LS1RWWVO\RSIT.exe
C:\Program Files\trend micro\PC1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - (no file)
R3 - URLSearchHook: The Game Creators Ltd Toolbar - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll
R3 - URLSearchHook: (no name) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: IE BHO Utility - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: The Game Creators Ltd Toolbar - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O3 - Toolbar: (no name) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe"
O4 - HKCU\..\Run: [MicroSys-Launcher] C:\Program Files\Micro-Sys Software\Launcher\launcher.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.66.2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (file missing)
O23 - Service: @C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243 (NisSrv) - Unknown owner - C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - D:\Users\PC1\Desktop\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Unknown owner - C:\Program Files\Common Files\Steam\SteamService.exe (file missing)
O23 - Service: Windows Live ID Sign-in Assistant (wlidsvc) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (file missing)

--
End of file - 8011 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FinalTorrent Update Checker.job
C:\Windows\tasks\Norton Security Scan for PC1.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-09-05 64928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll [2011-02-08 721288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}]
Fast Search by Surf Canyon - C:\Program Files\Surf Canyon\surfcanyon.dll [2011-03-23 163976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-15 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eae1e35c-bdd4-49aa-adc9-e82496f88370}]
The Game Creators Ltd Toolbar - C:\Program Files\The_Game_Creators_Ltd\tbThe_.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]
{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-30 9210400]
"DATAMNGR"=C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE [2011-02-08 1115568]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-04-14 402832]
"MicroSys-Launcher"=C:\Program Files\Micro-Sys Software\Launcher\launcher.exe [2010-04-12 1917600]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-08-04 1242448]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-04-06 39408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Translate Client.lnk - C:\Program Files\Translate Client\translateclient.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-10-31 203776]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\update.tray-14-0-lnk\svchost.exe"="C:\Windows\update.tray-14-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-14-0-lnk\svchost.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=i263_32.drv
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
"msacm.g723"=g723.acm
"vidc.I263"=I263_32.drv
"VIDC.IV41"=ir41_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-10-31 15:46:16 ----A---- C:\Windows\system32\wininet.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\wextract.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\webcheck.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\vbscript.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\urlmon.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\url.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\pngfilt.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\occache.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\msrating.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\msls31.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\mshtmler.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\mshtml.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\mshta.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\msfeedssync.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\licmgr10.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\jscript9.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\jscript.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\inseng.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\imgutil.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\iexpress.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieUnatt.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieui.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\iesysprep.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\iesetup.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\iertutil.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\iernonce.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\iepeers.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieframe.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\iedkcs32.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieapfltr.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieapfltr.dat
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieakui.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieaksie.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ieakeng.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\ie4uinit.exe
2011-10-31 15:46:16 ----A---- C:\Windows\system32\icardie.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\dxtrans.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\dxtmsft.dll
2011-10-31 15:46:16 ----A---- C:\Windows\system32\admparse.dll
2011-10-30 19:59:55 ----D---- C:\Windows\temp
2011-10-30 19:59:54 ----A---- C:\ComboFix.txt
2011-10-30 19:59:35 ----SHD---- C:\$RECYCLE.BIN
2011-10-30 16:21:18 ----A---- C:\Windows\zip.exe
2011-10-30 16:21:18 ----A---- C:\Windows\SWSC.exe
2011-10-30 16:21:18 ----A---- C:\Windows\SWREG.exe
2011-10-30 16:21:18 ----A---- C:\Windows\sed.exe
2011-10-30 16:21:18 ----A---- C:\Windows\PEV.exe
2011-10-30 16:21:18 ----A---- C:\Windows\NIRCMD.exe
2011-10-30 16:21:18 ----A---- C:\Windows\MBR.exe
2011-10-30 16:21:18 ----A---- C:\Windows\grep.exe
2011-10-30 16:21:11 ----D---- C:\Windows\ERDNT
2011-10-30 16:21:09 ----AD---- C:\Qoobox
2011-10-30 15:48:39 ----D---- C:\Users\PC1\AppData\Roaming\Malwarebytes
2011-10-30 15:48:18 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-10-30 15:48:17 ----D---- C:\ProgramData\Malwarebytes
2011-10-30 15:48:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-10-30 15:48:14 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-10-30 15:32:12 ----D---- C:\rsit
2011-10-30 15:32:12 ----D---- C:\Program Files\trend micro
2011-10-30 12:42:08 ----D---- C:\Program Files\Common Files\Adobe
2011-10-28 12:35:35 ----D---- C:\TopCD
2011-10-25 15:02:40 ----D---- C:\UDK
2011-10-24 20:03:12 ----D---- C:\Unreal Engine
2011-10-12 13:01:39 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 13:01:37 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 13:01:37 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 13:01:36 ----A---- C:\Windows\system32\win32k.sys
2011-10-10 15:43:09 ----D---- C:\Users\PC1\AppData\Roaming\AnvSoft
2011-10-10 15:42:54 ----D---- C:\Program Files\AnvSoft
2011-10-08 17:50:32 ----A---- C:\Windows\system32\NCTWMAFile2.dll
2011-10-08 17:50:32 ----A---- C:\Windows\system32\NCTAudioInformation2.dll
2011-10-08 17:50:32 ----A---- C:\Windows\system32\NCTAudioFile2.dll
2011-10-08 17:50:32 ----A---- C:\Windows\system32\NCTAudioCDGrabber2.dll
2011-10-08 17:50:32 ----A---- C:\Windows\system32\msvcr70.dll
2011-10-08 17:50:31 ----A---- C:\Windows\system32\lame_enc.dll
2011-10-08 17:50:30 ----D---- C:\Program Files\Free Mp3WmaOgg Converter
2011-10-08 17:37:59 ----D---- C:\Program Files\TopCD
2011-10-05 18:59:13 ----D---- C:\Users\PC1\AppData\Roaming\Skype
2011-10-05 18:59:06 ----RD---- C:\Program Files\Skype
2011-10-05 18:59:04 ----D---- C:\ProgramData\Skype
2011-10-05 18:03:37 ----D---- C:\Users\PC1\AppData\Roaming\Hamachi
2011-10-05 18:03:11 ----A---- C:\Windows\system32\drivers\hamachi.sys
2011-10-05 18:03:10 ----D---- C:\Program Files\Hamachi
2011-10-05 17:52:14 ----D---- C:\Program Files\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2011-11-02 15:15:53 ----D---- C:\Users\PC1\AppData\Roaming\translateclient
2011-11-02 15:15:46 ----D---- C:\Program Files\Steam
2011-11-02 15:15:42 ----D---- C:\Windows\System32
2011-11-02 15:14:06 ----D---- C:\Windows\system32\config
2011-11-02 15:13:43 ----D---- C:\Program Files\IObitCom
2011-11-02 13:54:31 ----D---- C:\Windows\inf
2011-11-02 13:54:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-01 13:55:17 ----D---- C:\Windows\system32\catroot2
2011-10-31 18:48:06 ----SHD---- C:\Windows\Installer
2011-10-31 18:48:06 ----D---- C:\Program Files
2011-10-31 15:48:58 ----D---- C:\Windows\winsxs
2011-10-31 15:47:25 ----D---- C:\Windows\system32\migration
2011-10-31 15:47:25 ----D---- C:\Windows\system32\cs-CZ
2011-10-31 15:47:25 ----D---- C:\Windows\PolicyDefinitions
2011-10-31 15:47:25 ----D---- C:\Program Files\Internet Explorer
2011-10-31 15:47:24 ----D---- C:\Windows\system32\en-US
2011-10-31 15:46:57 ----D---- C:\Windows\system32\catroot
2011-10-31 15:45:30 ----SHD---- C:\System Volume Information
2011-10-31 15:45:07 ----D---- C:\Windows\Logs
2011-10-31 15:44:50 ----D---- C:\Windows
2011-10-30 19:59:56 ----D---- C:\Windows\system32\drivers
2011-10-30 19:56:15 ----A---- C:\Windows\system.ini
2011-10-30 19:56:08 ----D---- C:\Windows\system32\drivers\etc
2011-10-30 19:53:47 ----D---- C:\Windows\Tasks
2011-10-30 19:51:53 ----D---- C:\Windows\AppPatch
2011-10-30 19:51:52 ----D---- C:\Program Files\Common Files
2011-10-30 19:28:57 ----D---- C:\ProgramData\Electronic Arts
2011-10-30 19:28:57 ----D---- C:\ProgramData
2011-10-30 18:57:26 ----D---- C:\Windows\tracing
2011-10-30 17:10:53 ----D---- C:\Program Files\Google
2011-10-30 16:32:51 ----D---- C:\Windows\system32\Tasks
2011-10-30 12:41:40 ----D---- C:\Windows\Prefetch
2011-10-30 09:27:45 ----D---- C:\Program Files\Common Files\System
2011-10-30 09:27:43 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-27 18:29:04 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-10-26 16:24:21 ----RSD---- C:\Windows\assembly
2011-10-26 16:24:21 ----D---- C:\Windows\Microsoft.NET
2011-10-25 18:49:30 ----D---- C:\Program Files\World of Warcraft
2011-10-23 07:21:53 ----AD---- C:\ProgramData\TEMP
2011-10-15 11:15:24 ----D---- C:\Users\PC1\AppData\Roaming\.minecraft
2011-10-14 17:47:54 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-10-13 18:28:34 ----D---- C:\Program Files\EA Games
2011-10-13 18:28:24 ----D---- C:\Windows\Downloaded Program Files
2011-10-12 18:18:44 ----D---- C:\Windows\ehome
2011-10-12 18:18:41 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-12 15:22:46 ----A---- C:\Windows\system32\MRT.exe
2011-10-05 18:03:26 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-12 691696]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 19496]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-15 218688]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-07-15 101904]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-10-05 17480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-04-30 3086752]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-03-04 296936]
S1 MpKsl501c2c56;MpKsl501c2c56; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A1D310EC-7223-474A-B2F2-BD7E53B0560F}\MpKsl501c2c56.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 catchme;catchme; \??\C:\Users\PC1\AppData\Local\Temp\catchme.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-04-14 352144]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-10-14 75136]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 StarWindServiceAE;StarWind AE Service; D:\Users\PC1\Desktop\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-06 136176]
S2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe []
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE []
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-06 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-06 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe []
S3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe []
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-05 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: VIR Z FACEBOOKU!!! POMOOOOOOOOOC!

Napsal: 02 lis 2011 15:27
od 1danab
Vydržte, jsem ještě v práci :)
Všechny časy jsou v UTC+01:00
Stránka 3 z 7

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz