Mrznutí kompu - prosím o kontrolu logu

Zpráva

NimitzCZ · #1 Příspěvek od **NimitzCZ** » 09 lis 2011 13:28

Dobrý den, v posledním čase mi mrzne počítač a problikávají občas ikony. Před reklamaci graf. karty prosím o kontrolu logu, jestli to nemá co dočinění z havědí. Uctivě děkuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Nimitz at 2011-11-08 17:22:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 701 GB (73%) free of 954 GB
Total RAM: 8175 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:22:33, on 8.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Nimitz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Nimitz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1616389802-3361126038-1429883897-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1616389802-3361126038-1429883897-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8164 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000005e0
\??\C:\Windows\system32\conhost.exe "543255854-763602775-766463284-18954358231772083688618634847-1683986727-1591636139
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b57a623b-02a9-4a06-8920-4886b47c5cf5 -SystemEventPortName:HostProcess-609a99b0-7831-4f68-bd55-471a4a64fd74 -IoCancelEventPortName:HostProcess-4baf3b97-3230-42e1-ac9b-40791f955baf -NonStateChangingEventPortName:HostProcess-32115da0-9ff0-41e4-aed9-14e50440b8c1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:832e342c-6ad7-4769-aede-7f05b8b33c17
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {F54A4780-A785-4936-8BA4-7C2D69CA9BC6}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Práca L+K\Lubinko\Anticervy\RSIT (výpis)\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-09-03 11464296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Nimitz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-23 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-01-10 281768]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-08 17:15:32 ----D---- C:\Users\Nimitz\AppData\Roaming\gtk-2.0
2011-11-08 15:58:02 ----D---- C:\rsit
2011-11-08 15:58:02 ----D---- C:\Program Files\trend micro
2011-11-08 15:55:14 ----D---- C:\Program Files (x86)\CCleaner
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\wextract.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\url.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\msrating.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\msls31.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\mshta.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\inseng.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\icardie.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2011-11-08 15:52:19 ----A---- C:\Windows\SYSWOW64\admparse.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\wininet.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\urlmon.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-11-08 15:52:19 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-11-08 15:52:19 ----A---- C:\Windows\system32\pngfilt.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\occache.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\msrating.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\msls31.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\mshtmler.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\mshtml.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\mshta.exe
2011-11-08 15:52:19 ----A---- C:\Windows\system32\msfeedssync.exe
2011-11-08 15:52:19 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\jsproxy.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\jscript9.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\jscript.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\imgutil.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\ieUnatt.exe
2011-11-08 15:52:19 ----A---- C:\Windows\system32\ieui.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\iesysprep.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\iertutil.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\iepeers.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\ieframe.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\ieakui.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\ieaksie.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\ieakeng.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-11-08 15:52:19 ----A---- C:\Windows\system32\admparse.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\wextract.exe
2011-11-08 15:52:18 ----A---- C:\Windows\system32\webcheck.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\vbscript.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\url.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\mshtmled.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\msfeeds.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\licmgr10.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\inseng.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\iexpress.exe
2011-11-08 15:52:18 ----A---- C:\Windows\system32\iesetup.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\iernonce.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\iedkcs32.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\ieapfltr.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\ieapfltr.dat
2011-11-08 15:52:18 ----A---- C:\Windows\system32\ie4uinit.exe
2011-11-08 15:52:18 ----A---- C:\Windows\system32\icardie.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\dxtrans.dll
2011-11-08 15:52:18 ----A---- C:\Windows\system32\dxtmsft.dll
2011-11-08 15:50:40 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-11-08 15:50:40 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-11-08 15:50:40 ----A---- C:\Windows\SYSWOW64\java.exe
2011-11-08 15:49:38 ----A---- C:\Windows\system32\shell32.dll
2011-11-08 15:49:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-06 20:31:39 ----D---- C:\Program Files (x86)\GIMP-2.0
2011-11-01 20:31:19 ----A---- C:\Windows\system32\nvhdap64.dll
2011-11-01 20:31:19 ----A---- C:\Windows\system32\nvhdagenco6420102.dll
2011-11-01 20:31:19 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2011-11-01 20:31:17 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\OpenCL.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\nvoglv64.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\nvd3dumx.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\nvcuvid.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\nvcuda.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\nvcompiler.dll
2011-11-01 20:31:17 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-10-30 14:32:31 ----D---- C:\Users\Nimitz\AppData\Roaming\GRETECH
2011-10-30 14:31:48 ----D---- C:\Program Files (x86)\GomPlayer
2011-10-18 20:41:29 ----D---- C:\Program Files (x86)\Google
2011-10-18 15:26:39 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2011-10-18 15:26:39 ----A---- C:\Windows\system32\nvgenco64.dll
2011-10-18 15:26:39 ----A---- C:\Windows\system32\nvdispco64.dll
2011-10-16 08:29:21 ----D---- C:\Users\Nimitz\AppData\Roaming\Might & Magic Heroes VI
2011-10-15 00:54:52 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2011-10-13 16:02:46 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 16:01:26 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-13 16:01:26 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 16:01:03 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-13 16:01:03 ----A---- C:\Windows\system32\oleacc.dll
2011-10-13 16:01:02 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-13 16:01:02 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 1 month======

2011-11-08 17:22:34 ----D---- C:\Windows\Temp
2011-11-08 17:22:16 ----RD---- C:\Program Files (x86)
2011-11-08 17:18:46 ----D---- C:\Windows
2011-11-08 17:13:04 ----SHD---- C:\System Volume Information
2011-11-08 16:29:51 ----D---- C:\Windows\system32\config
2011-11-08 16:21:37 ----D---- C:\Windows\System32
2011-11-08 16:21:37 ----D---- C:\Windows\inf
2011-11-08 16:21:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-08 16:16:08 ----D---- C:\Windows\Prefetch
2011-11-08 16:15:48 ----D---- C:\Windows\winsxs
2011-11-08 16:15:20 ----D---- C:\ProgramData\NVIDIA
2011-11-08 16:14:19 ----D---- C:\Program Files (x86)\Internet Explorer
2011-11-08 16:14:18 ----D---- C:\Windows\SYSWOW64\migration
2011-11-08 16:14:18 ----D---- C:\Windows\SYSWOW64\en-US
2011-11-08 16:14:18 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-11-08 16:14:18 ----D---- C:\Windows\SysWOW64
2011-11-08 16:14:18 ----D---- C:\Windows\system32\cs-CZ
2011-11-08 16:14:18 ----D---- C:\Program Files\Internet Explorer
2011-11-08 16:14:17 ----D---- C:\Windows\system32\migration
2011-11-08 16:14:17 ----D---- C:\Windows\system32\en-US
2011-11-08 16:14:17 ----D---- C:\Windows\PolicyDefinitions
2011-11-08 16:03:38 ----SHD---- C:\Windows\Installer
2011-11-08 16:01:37 ----D---- C:\Windows\system32\drivers
2011-11-08 15:58:02 ----RD---- C:\Program Files
2011-11-08 15:57:00 ----D---- C:\Users\Nimitz\AppData\Roaming\Media Player Classic
2011-11-08 15:56:59 ----D---- C:\Windows\Minidump
2011-11-08 15:56:59 ----D---- C:\Windows\debug
2011-11-08 15:53:05 ----D---- C:\Windows\Logs
2011-11-08 15:52:52 ----D---- C:\Windows\system32\catroot2
2011-11-08 15:52:52 ----D---- C:\Windows\system32\catroot
2011-11-08 15:50:48 ----D---- C:\Program Files (x86)\Common Files
2011-11-08 15:50:15 ----D---- C:\Program Files (x86)\Java
2011-11-07 17:12:34 ----RSD---- C:\Windows\Fonts
2011-11-06 21:02:49 ----D---- C:\Users\Nimitz\AppData\Roaming\uTorrent
2011-11-06 20:26:02 ----HD---- C:\ProgramData
2011-11-06 20:25:34 ----RD---- C:\Games
2011-11-06 20:25:19 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-01 20:32:56 ----D---- C:\Windows\system32\DriverStore
2011-11-01 20:32:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-11-01 20:13:30 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-11-01 20:13:15 ----D---- C:\Windows\system32\Tasks
2011-11-01 20:10:51 ----RSD---- C:\Windows\assembly
2011-11-01 18:38:05 ----D---- C:\Users\Nimitz\AppData\Roaming\ICQ
2011-10-31 19:32:53 ----D---- C:\Program Files (x86)\ICQ7.5
2011-10-18 20:42:05 ----D---- C:\Windows\Tasks
2011-10-18 15:27:21 ----D---- C:\Program Files\NVIDIA Corporation
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvwgf2umx.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvvsvc.exe
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvsvcr.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvsvc64.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvshext.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvmctray.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvcpl.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\nvapi64.dll
2011-10-15 09:53:00 ----A---- C:\Windows\system32\easyUpdatusAPIU64.dll
2011-10-14 17:01:39 ----D---- C:\Windows\Microsoft.NET
2011-10-14 16:00:51 ----D---- C:\Windows\ehome
2011-10-13 19:56:43 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-06-28 123784]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-23 254528]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-05-29 314016]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-06-28 88288]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-05-29 43680]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-03 2480104]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-07-08 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-12-12 31232]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-06-28 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-07-18 75064]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-23 1255736]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 09 lis 2011 18:22

Zdravím.

Dej mi minutku, hnedle se na to mrknu.

#3 Příspěvek od **Mc_Murphy** » 09 lis 2011 18:31

Na první pohled havěť nevidno. Jen pár nebezpečných toolbarů a Conduit Engine.

Jako první v nabídce Přidat nebo odebrat programy odinstaluj všechny nepotřebné toolbary! Jsou to veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti.

Fixni v HJT tyto položky:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Nimitz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1616389802-3361126038-1429883897-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Nimitz.exe

Pro jistotu dáme ještě scan s MBAM.

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

Proveď aktualizaci virové databáze.
V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
Předem nic nemaž!!
MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

NimitzCZ · #4 Příspěvek od **NimitzCZ** » 09 lis 2011 19:23

Všechno provedeno, našlo 2 infekce, ale nic zásadní asi. Už to vypadá na reklamaci grafiky? :

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 8126

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9.11.2011 19:21:32
mbam-log-2011-11-09 (19-21-23).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 303485
Uplynulý čas: 28 minut, 14 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Nimitz\downloads\downloadsetup (50).exe (Affiliate.Downloader) -> No action taken.
c:\Users\Nimitz\downloads\setup (20).exe (Affiliate.Downloader) -> No action taken.

#5 Příspěvek od **Mc_Murphy** » 09 lis 2011 19:30

Nálezy MBAMu dej smazat - to budou nějaké bejkárny z µTorrent, co?!

Ještě nehaž grafárnu do žita, můžeme zkusit dočistit přes OTL zbytky po Conduitu a toolbarech. I když to nepomůže, budeš mít alespoň k reklamaci "potvrzení".

Stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
*legalizator* /s
*registration* /s
*Office 2010* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

NimitzCZ · #6 Příspěvek od **NimitzCZ** » 09 lis 2011 19:59

asi po půl hodině skenu mi vyhodilo error že nejde zapsat a vytvořit nějaký soubor a seklo se to na windows/winsxs, dam zas?

NimitzCZ · #7 Příspěvek od **NimitzCZ** » 09 lis 2011 20:14

tak na 2. pokus se zdařilo:

OTL logfile created on: 9.11.2011 20:01:57 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nimitz\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 5,94 Gb Available Physical Memory | 74,46% Memory free
15,97 Gb Paging File | 13,74 Gb Available in Paging File | 86,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 682,19 Gb Free Space | 73,24% Space Free | Partition Type: NTFS
Drive H: | 5,58 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: NIMITZCOMP | User Name: Nimitz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.11.09 19:34:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nimitz\Desktop\OTL.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.18 08:15:49 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.06.28 12:48:01 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.29 16:01:44 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.04.27 03:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

========== Modules (No Company Name) ==========

MOD - [2011.10.26 09:10:46 | 000,420,920 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\ppgooglenaclpluginchrome.dll
MOD - [2011.10.26 09:10:45 | 003,702,840 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll
MOD - [2011.10.26 09:09:24 | 000,518,712 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\libglesv2.dll
MOD - [2011.10.26 09:09:23 | 000,112,696 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\libegl.dll
MOD - [2011.10.26 09:09:09 | 000,122,952 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\avutil-51.dll
MOD - [2011.10.26 09:09:07 | 000,222,280 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\avformat-53.dll
MOD - [2011.10.26 09:09:06 | 001,745,992 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\avcodec-53.dll
MOD - [2011.10.26 06:14:43 | 008,587,936 | ---- | M] () -- C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.04 13:34:48 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.07.18 08:15:49 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.06.28 12:48:01 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.29 16:01:44 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.06.28 12:48:01 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.28 12:48:01 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.29 19:22:15 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.05.29 19:22:14 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.23 20:43:09 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.03 06:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.07.27 02:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.07.27 02:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.04.27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2009.12.12 00:48:04 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1616389802-3361126038-1429883897-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
IE - HKU\S-1-5-21-1616389802-3361126038-1429883897-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nimitz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nimitz\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

[2011.08.14 10:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nimitz\AppData\Roaming\Mozilla\Extensions
[2011.08.14 10:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nimitz\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
File not found (No name found) -- C:\PROGRAM FILES (X86)\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nimitz\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Nimitz\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Nimitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\

O1 HOSTS File: ([2011.03.22 16:22:13 | 000,001,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1616389802-3361126038-1429883897-1002\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1616389802-3361126038-1429883897-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1616389802-3361126038-1429883897-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C811CC3-FDC3-48E3-9254-2E05872627D9}: DhcpNameServer = 94.74.192.252 94.74.192.244
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{586f801f-3f70-11e0-8bd9-1c6f65882358}\Shell - "" = AutoRun
O33 - MountPoints2\{586f801f-3f70-11e0-8bd9-1c6f65882358}\Shell\AutoRun\command - "" = "D:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

NimitzCZ · #8 Příspěvek od **NimitzCZ** » 09 lis 2011 20:15

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.11.09 19:34:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Nimitz\Desktop\OTL.exe
[2011.11.09 18:48:28 | 000,000,000 | ---D | C] -- C:\Users\Nimitz\AppData\Roaming\Malwarebytes
[2011.11.09 18:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.09 18:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.09 18:48:21 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.11.09 18:48:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.11.09 18:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.11.09 18:19:48 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.11.09 18:19:47 | 000,301,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.11.09 18:19:43 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.11.09 18:19:42 | 000,601,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.11.09 18:19:42 | 000,058,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.11.09 18:19:40 | 000,254,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.11.09 18:19:40 | 000,065,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.11.09 18:19:27 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.11.09 18:19:27 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.11.09 18:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.11.09 18:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.11.08 22:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.11.08 22:02:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.11.08 22:01:48 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2011.11.08 22:01:48 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2011.11.08 22:01:47 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2011.11.08 22:01:47 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011.11.08 22:01:47 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011.11.08 22:01:47 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2011.11.08 22:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.11.08 21:58:20 | 001,452,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420102.dll
[2011.11.08 21:58:20 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.11.08 21:58:20 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.11.08 21:58:18 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.11.08 21:58:18 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.11.08 21:58:18 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.11.08 21:58:18 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.11.08 21:58:18 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.11.08 21:58:18 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011.11.08 21:58:18 | 008,791,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2011.11.08 21:58:18 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.11.08 21:58:18 | 007,041,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011.11.08 21:58:18 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.11.08 21:58:18 | 002,808,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011.11.08 21:58:18 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.11.08 21:58:18 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011.11.08 21:58:18 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.11.08 21:58:18 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.11.08 21:58:18 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.11.08 21:58:18 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2011.11.08 21:58:18 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2011.11.08 21:58:18 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.11.08 21:58:18 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.11.08 19:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.11.08 19:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2011.11.08 17:15:57 | 000,000,000 | ---D | C] -- C:\Users\Nimitz\.thumbnails
[2011.11.08 17:15:32 | 000,000,000 | ---D | C] -- C:\Users\Nimitz\AppData\Roaming\gtk-2.0
[2011.11.08 16:05:49 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.08 16:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nimitz\AppData\Local\Secunia PSI
[2011.11.08 15:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.08 15:58:02 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.08 15:55:15 | 000,000,000 | ---D | C] -- C:\Users\Nimitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.11.08 15:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2011.11.08 15:52:19 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.11.08 15:52:19 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.11.08 15:52:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.11.08 15:52:19 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.11.08 15:52:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.11.08 15:52:19 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.11.08 15:52:19 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.11.08 15:52:19 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.11.08 15:52:19 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.11.08 15:52:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.11.08 15:52:19 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.11.08 15:52:19 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.11.08 15:52:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.11.08 15:52:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.11.08 15:52:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.11.08 15:52:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.11.08 15:52:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.11.08 15:52:19 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.11.08 15:52:19 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.11.08 15:52:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.11.08 15:52:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.11.08 15:52:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.11.08 15:52:19 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.11.08 15:52:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.11.08 15:52:19 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.11.08 15:52:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.11.08 15:52:19 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.11.08 15:52:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.11.08 15:52:19 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.11.08 15:52:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.11.08 15:52:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.11.08 15:52:19 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.11.08 15:52:19 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.11.08 15:52:19 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.11.08 15:52:19 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.11.08 15:52:19 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.11.08 15:52:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.11.08 15:52:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.11.08 15:52:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.11.08 15:52:19 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.11.08 15:52:19 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.11.08 15:52:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.11.08 15:52:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.11.08 15:52:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.11.08 15:52:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.11.08 15:52:19 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.11.08 15:52:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.11.08 15:52:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.11.08 15:52:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.11.08 15:52:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.11.08 15:52:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.11.08 15:52:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.11.08 15:52:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.11.08 15:52:18 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.11.08 15:52:18 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.11.08 15:52:18 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.11.08 15:52:18 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.11.08 15:52:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.11.08 15:52:18 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.11.08 15:52:18 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.11.08 15:52:18 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.11.08 15:52:18 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.11.08 15:52:18 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.11.08 15:52:18 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.11.08 15:52:18 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.11.08 15:52:18 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.11.08 15:52:18 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.11.08 15:52:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.11.08 15:52:18 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.11.08 15:52:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.11.08 15:52:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.11.08 15:52:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.11.08 15:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.11.08 15:50:40 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.11.08 15:50:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.11.08 15:50:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.11.06 20:31:55 | 000,000,000 | ---D | C] -- C:\Users\Nimitz\Documents\gegl-0.0
[2011.11.06 20:31:55 | 000,000,000 | ---D | C] -- C:\Users\Nimitz\.gimp-2.6
[2011.11.06 20:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011.11.06 20:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.11.09 20:02:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.09 19:34:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nimitz\Desktop\OTL.exe
[2011.11.09 19:21:02 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002UA.job
[2011.11.09 18:48:25 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.09 18:24:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.11.09 18:19:49 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.11.09 18:11:42 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.09 18:11:42 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.09 17:58:45 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.09 17:58:45 | 000,631,148 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.11.09 17:58:45 | 000,615,904 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.09 17:58:45 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.11.09 17:58:45 | 000,106,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.09 17:54:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.09 17:54:17 | 2134,446,079 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.08 21:21:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002Core.job
[2011.11.08 20:24:58 | 000,433,937 | ---- | M] () -- C:\Users\Nimitz\Desktop\Bez názvu.jpg
[2011.11.08 17:42:38 | 000,002,183 | ---- | M] () -- C:\Users\Nimitz\.recently-used.xbel
[2011.11.08 17:20:29 | 000,048,010 | ---- | M] () -- C:\Users\Nimitz\Documents\cc_20111108_172014.reg
[2011.11.08 16:05:49 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.08 15:52:19 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.11.08 15:52:19 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.11.08 15:52:19 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.11.08 15:52:19 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.11.08 15:52:19 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.11.08 15:52:19 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.11.08 15:52:19 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.11.08 15:52:19 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.11.08 15:52:19 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.11.08 15:52:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.11.08 15:52:19 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.11.08 15:52:19 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.11.08 15:52:19 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.11.08 15:52:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.11.08 15:52:19 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.11.08 15:52:19 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.11.08 15:52:19 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.11.08 15:52:19 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.11.08 15:52:19 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.11.08 15:52:19 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.11.08 15:52:19 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.11.08 15:52:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.11.08 15:52:19 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.11.08 15:52:19 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.11.08 15:52:19 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.11.08 15:52:19 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.11.08 15:52:19 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.11.08 15:52:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.11.08 15:52:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.11.08 15:52:19 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.11.08 15:52:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.11.08 15:52:19 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.11.08 15:52:19 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.11.08 15:52:19 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.11.08 15:52:19 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.11.08 15:52:19 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.11.08 15:52:19 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.11.08 15:52:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.11.08 15:52:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.11.08 15:52:19 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.11.08 15:52:19 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.11.08 15:52:19 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.11.08 15:52:19 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.11.08 15:52:19 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.11.08 15:52:19 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.11.08 15:52:19 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.11.08 15:52:19 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.11.08 15:52:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.11.08 15:52:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.11.08 15:52:19 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.11.08 15:52:19 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.11.08 15:52:19 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.11.08 15:52:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.11.08 15:52:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.11.08 15:52:18 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.11.08 15:52:18 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.11.08 15:52:18 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.11.08 15:52:18 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.11.08 15:52:18 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.11.08 15:52:18 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.11.08 15:52:18 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.11.08 15:52:18 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.11.08 15:52:18 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.11.08 15:52:18 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.11.08 15:52:18 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.11.08 15:52:18 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.11.08 15:52:18 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.11.08 15:52:18 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.11.08 15:52:18 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.11.08 15:52:18 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.11.08 15:52:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.11.08 15:52:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.11.08 15:52:18 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.11.08 15:52:18 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.11.08 08:49:00 | 000,306,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.09 19:37:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.09 18:48:25 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.09 18:19:49 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.11.09 18:19:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011.11.08 21:58:18 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011.11.08 20:24:58 | 000,433,937 | ---- | C] () -- C:\Users\Nimitz\Desktop\Bez názvu.jpg
[2011.11.08 17:42:38 | 000,002,183 | ---- | C] () -- C:\Users\Nimitz\.recently-used.xbel
[2011.11.08 17:20:20 | 000,048,010 | ---- | C] () -- C:\Users\Nimitz\Documents\cc_20111108_172014.reg
[2011.11.08 15:52:19 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.11.08 15:52:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.10.05 19:28:59 | 000,000,200 | ---- | C] () -- C:\Windows\AUDC80UI.dat
[2011.09.21 19:41:09 | 000,003,584 | ---- | C] () -- C:\Users\Nimitz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.18 08:15:49 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.06.06 18:51:01 | 000,000,976 | ---- | C] () -- C:\Windows\eReg.dat
[2011.06.04 14:59:39 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.05.30 18:49:03 | 000,000,749 | ---- | C] () -- C:\Windows\CoD.INI
[2011.03.22 15:32:30 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.03.22 15:32:29 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.23 20:06:21 | 000,000,917 | ---- | C] () -- C:\Users\Nimitz\AppData\Roaming\coreavc.ini
[2011.02.22 11:28:07 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.02.22 11:03:02 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009.08.27 08:04:14 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.09.24 19:37:00 | 000,169,472 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll

========== LOP Check ==========

[2011.09.27 15:54:15 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\avidemux
[2011.06.21 19:45:24 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\calibre
[2011.02.23 20:43:57 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\DAEMON Tools Lite
[2011.11.08 17:17:44 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\gtk-2.0
[2011.11.01 18:38:05 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\ICQ
[2011.11.05 15:37:44 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Might & Magic Heroes VI
[2011.02.27 07:57:25 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\OpenOffice.org
[2011.06.21 20:16:02 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\PDM
[2011.03.22 15:32:28 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\PunkBuster
[2011.08.02 19:44:18 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Red Alert 3
[2011.06.21 20:02:02 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Spacejock Software
[2011.08.14 10:47:15 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\TomTom
[2011.06.08 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Ubisoft
[2011.11.09 18:36:17 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\uTorrent
[2011.07.07 18:58:01 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CSRSS.EXE >
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 02:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NTFS.SYS >
[2010.11.20 14:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2009.07.14 02:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
[2011.03.11 07:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys
[2011.03.11 07:25:53 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys
[2011.03.11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\SysNative\drivers\ntfs.sys
[2011.03.11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.20 06:38:12 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[2009.07.14 02:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010.11.20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\SysNative\spoolsv.exe
[2010.11.20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2010.08.21 07:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\SoftwareDistribution\Download\c9160191b1bec61d9b277b3571f4ec8a\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\SoftwareDistribution\Download\c9160191b1bec61d9b277b3571f4ec8a\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\SoftwareDistribution\Download\c9160191b1bec61d9b277b3571f4ec8a\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SoftwareDistribution\Download\c9160191b1bec61d9b277b3571f4ec8a\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2010.11.20 14:27:28 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009.07.14 16:17:26 | 000,003,584 | ---- | M] (Lexmark International Inc.) --

NimitzCZ · #9 Příspěvek od **NimitzCZ** » 09 lis 2011 20:16

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2010.10.05 20:50:58 | 000,008,192 | ---- | M] () -- C:\Windows\system32\drivers\IntelMEFWVer.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.11.08 15:52:19 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\admparse.dll
[2011.11.09 18:24:08 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2011.11.08 15:52:19 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2011.11.08 15:52:19 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2011.11.08 16:05:49 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011.11.08 15:52:19 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2011.11.08 15:52:19 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2011.11.08 15:52:19 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ie4uinit.exe
[2011.11.08 15:52:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2011.11.08 15:52:19 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakeng.dll
[2011.11.08 15:52:19 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieaksie.dll
[2011.11.08 15:52:19 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieakui.dll
[2011.11.08 15:52:19 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2011.11.08 15:52:19 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2011.11.08 15:52:19 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2011.11.08 15:52:19 | 009,704,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2011.11.08 15:52:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2011.11.08 15:52:19 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2011.11.08 15:52:19 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2011.11.08 15:52:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2011.11.08 15:52:19 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2011.11.08 15:52:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2011.11.08 15:52:19 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2011.11.08 15:52:19 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2011.11.08 15:52:19 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2011.11.08 15:52:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2011.11.08 15:52:19 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2011.11.08 15:52:19 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2011.11.08 15:52:19 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2011.11.08 15:52:19 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2011.11.08 15:52:19 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2011.11.08 15:50:15 | 000,003,002 | ---- | M] () -- C:\Windows\system32\jupdate-1.6.0_29-b11.log
[2011.11.08 15:52:19 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2011.11.08 15:52:19 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2011.11.08 15:52:19 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2011.11.08 15:52:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2011.11.08 15:52:19 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2011.11.08 15:52:19 | 012,275,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2011.11.08 15:52:19 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2011.11.08 15:52:19 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2011.11.08 15:52:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2011.11.08 15:52:19 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2011.11.08 15:52:19 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2011.11.08 15:52:19 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2011.11.08 15:52:19 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2011.11.08 15:52:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2011.11.08 15:52:19 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2011.11.08 15:52:19 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2011.11.08 15:52:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2011.11.08 15:52:19 | 001,102,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2011.11.08 15:52:19 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2011.11.08 15:52:19 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2011.11.08 15:52:19 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2011.11.08 15:52:19 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.06.01 19:02:42 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Adobe
[2011.09.27 15:54:15 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\avidemux
[2011.05.08 10:32:17 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Avira
[2011.06.21 19:45:24 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\calibre
[2011.02.23 20:43:57 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\DAEMON Tools Lite
[2011.10.30 14:32:31 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\GRETECH
[2011.11.08 17:17:44 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\gtk-2.0
[2011.05.30 17:55:17 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Hamachi
[2011.11.01 18:38:05 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\ICQ
[2011.02.23 18:26:14 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Identities
[2011.07.10 17:07:06 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\InstallShield
[2011.02.23 18:56:47 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Macromedia
[2011.11.09 18:48:28 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:31 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Media Center Programs
[2011.11.08 20:35:45 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Media Player Classic
[2011.07.10 16:16:13 | 000,000,000 | --SD | M] -- C:\Users\Nimitz\AppData\Roaming\Microsoft
[2011.11.05 15:37:44 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Might & Magic Heroes VI
[2011.08.14 10:47:16 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Mozilla
[2011.02.23 20:02:44 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\NVIDIA
[2011.02.27 07:57:25 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\OpenOffice.org
[2011.06.21 20:16:02 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\PDM
[2011.06.21 19:59:29 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\PSpad
[2011.03.22 15:32:28 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\PunkBuster
[2011.08.02 19:44:18 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Red Alert 3
[2011.06.21 20:02:02 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Spacejock Software
[2011.08.14 10:47:15 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\TomTom
[2011.06.08 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\Ubisoft
[2011.11.09 18:36:17 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\uTorrent
[2011.02.23 20:51:09 | 000,000,000 | ---D | M] -- C:\Users\Nimitz\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2011.02.23 20:06:21 | 000,000,917 | ---- | M] () -- C:\Users\Nimitz\AppData\Roaming\coreavc.ini

< %APPDATA%\*.exe /s >
[2011.02.24 16:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Nimitz\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2010.04.09 21:01:48 | 003,629,776 | ---- | M] () -- \Games\Assassin Creed 2\InstallAC2Crack.exe
[2011.06.07 16:18:59 | 123,968,310 | ---- | M] () -- \Games\Assassin Creed Brotherhood\patch\assassins-creed-brotherhood-patch-1-01-crack-skidrow.rar
[2011.03.22 17:19:55 | 015,772,185 | ---- | M] () -- \Games\Civilization V\Sid.Meiers.Civilization.V-SKIDROW.Crack.Only.7z
[2011.02.22 16:01:04 | 000,040,962 | ---- | M] () -- \Moje Dokumenty\[isoHunt] Need.for.Speed.Hot.Pursuit-WAiT4CRACK.torrent
[2010.10.04 22:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2011.11.06 19:57:44 | 000,000,608 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Adobe Photoshop CS5 Extended (Crack + Instructions).torrent
[2011.05.07 21:20:53 | 000,004,935 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood CRACK FOR MULTIPLAYER SKIDROW -- SERvICE.torrent
[2011.05.07 21:13:13 | 000,013,519 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER crack-1.01 uplay all type game working.torrent
[2011.05.07 21:08:07 | 000,003,872 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER Only.Crack.SKIDROW.torrent
[2011.06.04 10:13:29 | 000,005,548 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER UBISOFT 4.04.11 cracked - SKIDROW.torrent
[2011.03.22 16:08:31 | 000,003,317 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Assassin's Creed 2 Crack (Final and complete).torrent
[2011.02.27 08:49:05 | 000,004,047 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Need.for.Speed.Hot.Pursuit.CrackOnly-WAiT4SCENE.torrent
[2011.10.05 17:02:26 | 000,002,670 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Portal.2.Crack.Fix-SKIDROW.torrent
[2011.03.22 17:18:57 | 000,001,744 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\Sid.Meiers.Civilization.V-SKIDROW.Crack.Only.7z.torrent
[2011.02.27 13:52:27 | 000,006,854 | ---- | M] () -- \Users\Nimitz\AppData\Roaming\uTorrent\StarCraft_II_Crack.torrent

< *keygen* /s >

< *loader* /s >
[2011.02.24 10:11:20 | 000,234,104 | ---- | M] () -- \Games\Assassin Creed Brotherhood\ubiorbitapi_r2_loader.dll
[2010.02.10 22:49:20 | 000,057,856 | ---- | M] () -- \Games\Civilization V\sid meier's civilization v\HL2Loader.exe
[2009.05.01 21:49:56 | 000,034,304 | ---- | M] () -- \Games\Civilization V\sid meier's civilization v\revLoader.exe
[2011.09.30 17:51:34 | 000,235,032 | ---- | M] () -- \Games\Might and Magic Heroes VI\ubiorbitapi_r2_loader.dll
[2011.08.24 16:15:10 | 000,002,134 | ---- | M] () -- \Games\Might and Magic Heroes VI\Data\html\dynapi\examples\dynapi.functions.imageloader.html
[2011.06.28 12:48:01 | 000,034,664 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avnetworkloader.dll
[2011.06.28 12:48:01 | 000,343,400 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avnetworkloadergui.dll
[2011.06.28 12:48:01 | 000,214,184 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2011.02.27 13:11:40 | 000,000,001 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.02.07 22:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 18:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 18:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 18:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 18:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 18:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 18:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 18:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 18:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 18:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 18:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 18:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 18:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 18:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 18:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 18:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 20:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011.05.30 17:32:47 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.30 17:32:47 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.30 17:32:47 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.05.30 17:33:58 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.30 17:33:58 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.05.30 17:33:58 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 18:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2009.05.18 09:51:58 | 000,006,308 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2009.05.15 00:28:34 | 000,022,528 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2009.05.18 10:50:42 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2009.05.15 00:28:28 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2009.05.18 09:18:34 | 000,003,872 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2010.03.15 11:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.09.14 08:26:30 | 000,000,051 | ---- | M] () -- \Users\Nimitz\Documents\TomTom\HOME\Backup\XXL\Backup01\InternalMemory\bootloaderversion.txt
[2009.06.23 11:43:38 | 005,328,711 | ---- | M] () -- \Users\Nimitz\Documents\Zo stareho kompu\Utility\vdownloader_setup.exe
[2007.01.16 18:59:12 | 001,172,480 | ---- | M] () -- \Windows\ConfigSetRoot\OfficeBCM\Loader\SBALoader.msi
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2011.02.05 14:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 14:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 18:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 14:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.05.30 20:13:36 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.30 20:13:36 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.05.30 20:13:36 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.05.30 20:13:36 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.05.30 20:13:36 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.04.25 22:42:26 | 000,000,750 | ---- | M] () -- \Users\Nimitz\Documents\Zo stareho kompu\Utility\Arcade\AAD205312Full\PCinema\Config\CopyRightNoDTS.ini

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.12.21 09:06:24 | 000,000,056 | ---- | M] () -- \Users\Nimitz\Documents\Zo stareho kompu\Utility\Veci na prehravanie videa HD\serial.txt
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.14 16:02:30 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.14 16:59:11 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
[2011.10.14 16:53:15 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll
[2011.10.14 16:04:03 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.14 17:00:26 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011.10.14 17:00:29 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.14 17:01:32 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2011.10.14 16:57:02 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\6cd778cd2c8c61130ff71ee7a685222b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.14 16:56:57 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\f68180d9f4ade9c313f9ad20422eb1c0\System.Runtime.Serialization.ni.dll
[2011.10.14 16:58:51 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\59e70022e798ce28f9f5b8870c5c8bf2\System.Xml.Serialization.ni.dll
[2011.06.29 20:36:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.10.13 19:54:59 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.29 20:36:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2011.10.13 19:54:59 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 19:55:01 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2011.05.30 20:13:20 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.05.30 20:13:20 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< *legalizator* /s >

< *registration* /s >
[2011.02.16 16:25:54 | 000,039,659 | ---- | M] () -- \Games\Assassin Creed Brotherhood\LauncherConfig\background-registration.jpg
[2008.02.22 12:08:40 | 000,967,304 | R--- | M] () -- \Games\Assassin Creed\Assassins.Creed.Full-Rip.Skullptura\Assassin's Creed\Register\RegistrationReminder.exe
[2003.10.03 06:45:34 | 000,005,324 | ---- | M] () -- \Games\Call Of Duty\Call of Duty\Docs\Help\Tech Help\Information\Electronic_Registration.htm
[2011.08.24 15:50:32 | 000,026,847 | ---- | M] () -- \Games\Might and Magic Heroes VI\Data\UbisoftGameLauncher\background_registration.jpg
[2011.11.08 15:50:43 | 000,001,568 | ---- | M] () -- \Program Files (x86)\Java\jre6\lib\servicetag\registration.xml
[2009.05.15 00:28:34 | 000,041,472 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\productregistration.uno.dll
[2009.05.15 00:28:34 | 000,003,312 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\resource\productregistrationcs.res
[2011.06.06 18:48:40 | 000,001,917 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Command & Conquer Generals\Electronic Registration.lnk
[2011.06.06 18:56:07 | 000,002,135 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games\Command and ConquerTM Generals Zero Hour\Electronic Registration.lnk
[2011.06.06 18:48:40 | 000,001,917 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\EA Games\Command & Conquer Generals\Electronic Registration.lnk
[2011.06.06 18:56:07 | 000,002,135 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\EA Games\Command and ConquerTM Generals Zero Hour\Electronic Registration.lnk
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]
[2006.09.23 05:09:58 | 000,000,350 | ---- | M] () -- \Windows\ConfigSetRoot\OfficeBCM\CommonAppData\Microsoft\Business Contact Manager\Registration.xml
[2006.11.07 13:01:42 | 000,004,145 | ---- | M] () -- \Windows\ConfigSetRoot\OfficeBCM\Program Files\Microsoft Small Business\Business Contact Manager\cs-CZ\WelcomeMessage\registration.htm
[2009.07.14 04:01:01 | 000,008,183 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-MediaPlayer-DVDRegistration-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.cat
[2009.07.13 21:48:32 | 000,001,457 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-MediaPlayer-DVDRegistration-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum
[2010.11.20 15:37:08 | 000,008,586 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-MediaPlayer-DVDRegistration-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat
[2010.11.20 15:22:56 | 000,001,462 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-MediaPlayer-DVDRegistration-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum
[2009.07.14 04:01:01 | 000,008,183 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-DVDRegistration-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.cat
[2010.11.20 15:37:08 | 000,008,586 | --S- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-MediaPlayer-DVDRegistration-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat
[2009.07.14 03:12:10 | 000,004,509 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-m..yer-dvdregistration_31bf3856ad364e35_6.1.7600.16385_none_e0e4a1875c30d8c6.manifest
[2009.07.14 03:11:54 | 000,001,124 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-shell-registration_31bf3856ad364e35_6.1.7600.16385_none_1da19e3bba8c6d0f.manifest
[2009.07.14 03:12:00 | 000,003,429 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-t..client-registration_31bf3856ad364e35_6.1.7600.16385_none_d786f194796c48b2.manifest
[2009.07.14 03:17:09 | 000,012,512 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-xwizards-registration_31bf3856ad364e35_6.1.7600.16385_none_750dbfac02518b59.manifest
[2009.07.14 02:42:16 | 000,001,124 | ---- | M] () -- \Windows\winsxs\Manifests\wow64_microsoft-windows-shell-registration_31bf3856ad364e35_6.1.7600.16385_none_27f6488deeed2f0a.manifest
[2009.07.14 02:42:19 | 000,002,254 | ---- | M] () -- \Windows\winsxs\Manifests\wow64_microsoft-windows-t..client-registration_31bf3856ad364e35_6.1.7600.16385_none_e1db9be6adcd0aad.manifest
[2009.07.14 02:51:15 | 000,012,510 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-xwizards-registration_31bf3856ad364e35_6.1.7600.16385_none_18ef242849f41a23.manifest

< *Office 2010* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
PENDINGFILERENAMEOPERATIONS REG_MULTI_SZ \??\C:\Program Files\AVAST Software\Avast\Setup\snxReboot.txt\0\??\C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll\0\??\C:\Program Files (x86)\Conduit\Community Alerts\0\??\C:\Program Files (x86)\Conduit\0\??\C:\Users\Nimitz\AppData\LocalLow\Conduit\0\??\C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll\0\??\C:\Program Files (x86)\ConduitEngine\ConduitEngineUninstall.exe\0\??\C:\Program Files (x86)\ConduitEngine\0\??\C:\Users\Nimitz\AppData\Local\Temp\GLB1A2B.EXE

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.09 20:02:42 | 000,000,512 | ---- | M] () MD5=9F4EFD488CDCEF06E89A083F7284EFF4 -- C:\PhysicalMBR.bin

< End of report >

NimitzCZ · #10 Příspěvek od **NimitzCZ** » 09 lis 2011 20:17

a ten extras.txt:

OTL Extras logfile created on: 9.11.2011 20:01:57 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nimitz\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 5,94 Gb Available Physical Memory | 74,46% Memory free
15,97 Gb Paging File | 13,74 Gb Available in Paging File | 86,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 682,19 Gb Free Space | 73,24% Space Free | Partition Type: NTFS
Drive H: | 5,58 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: NIMITZCOMP | User Name: Nimitz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.0.2827 x64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23E797E9-F852-4AEA-93F0-772ED2B9D9F9}" = OpenOffice.org 3.1
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1" = AC2 server emulator 0.44 by Dormine
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Audio Converter" = Audio Converter
"avast" = avast! Free Antivirus
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"GOM Player" = GOM Player
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Postal 2_is1" = Portal 2
"PunkBusterSvc" = PunkBuster Services
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1616389802-3361126038-1429883897-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5.10.2011 12:21:12 | Computer Name = NimitzCOMP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0x13d4 Čas spuštění
chybující aplikace: 0x01cc837ab3edbea3 Cesta k chybující aplikaci: C:\Games\Portal
2\portal2.exe Cesta k chybujícímu modulu: unknown ID zprávy: 09bf13b6-ef6e-11e0-a5d4-1c6f65882358

Error - 5.10.2011 12:21:15 | Computer Name = NimitzCOMP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: portal2.exe, verze: 0.0.0.0, časové razítko:
0x4d4c804d Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x6f725056 ID chybujícího procesu: 0x13d4 Čas spuštění
chybující aplikace: 0x01cc837ab3edbea3 Cesta k chybující aplikaci: C:\Games\Portal
2\portal2.exe Cesta k chybujícímu modulu: unknown ID zprávy: 0c103856-ef6e-11e0-a5d4-1c6f65882358

Error - 16.10.2011 2:47:44 | Computer Name = NimitzCOMP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mpc-hc64.exe, verze: 1.5.0.2827, časové
razítko: 0x4d469cdb Název chybujícího modulu: mpc-hc64.exe, verze: 1.5.0.2827, časové
razítko: 0x4d469cdb Kód výjimky: 0xc0000409 Posun chyby: 0x000000000067ce98 ID chybujícího
procesu: 0xc10 Čas spuštění chybující aplikace: 0x01cc8bcf65421284 Cesta k chybující
aplikaci: C:\Program Files\Media Player Classic - Home Cinema\mpc-hc64.exe Cesta
k chybujícímu modulu: C:\Program Files\Media Player Classic - Home Cinema\mpc-hc64.exe
ID
zprávy: c00432cf-f7c2-11e0-add6-1c6f65882358

Error - 16.10.2011 2:48:11 | Computer Name = NimitzCOMP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mpc-hc64.exe, verze: 1.5.0.2827, časové
razítko: 0x4d469cdb Název chybujícího modulu: mpc-hc64.exe, verze: 1.5.0.2827, časové
razítko: 0x4d469cdb Kód výjimky: 0xc0000409 Posun chyby: 0x000000000067ce98 ID chybujícího
procesu: 0x2a0 Čas spuštění chybující aplikace: 0x01cc8bcf90b1a5cb Cesta k chybující
aplikaci: C:\Program Files\Media Player Classic - Home Cinema\mpc-hc64.exe Cesta
k chybujícímu modulu: C:\Program Files\Media Player Classic - Home Cinema\mpc-hc64.exe
ID
zprávy: cfcfd69c-f7c2-11e0-add6-1c6f65882358

Error - 16.10.2011 2:48:32 | Computer Name = NimitzCOMP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mpc-hc64.exe, verze: 1.5.0.2827, časové
razítko: 0x4d469cdb Název chybujícího modulu: mpc-hc64.exe, verze: 1.5.0.2827, časové
razítko: 0x4d469cdb Kód výjimky: 0xc0000409 Posun chyby: 0x000000000067ce98 ID chybujícího
procesu: 0xe38 Čas spuštění chybující aplikace: 0x01cc8bcf97370627 Cesta k chybující
aplikaci: C:\Program Files\Media Player Classic - Home Cinema\mpc-hc64.exe Cesta
k chybujícímu modulu: C:\Program Files\Media Player Classic - Home Cinema\mpc-hc64.exe
ID
zprávy: dc638144-f7c2-11e0-add6-1c6f65882358

Error - 16.10.2011 5:40:09 | Computer Name = NimitzCOMP | Source = Application Hang | ID = 1002
Description = Program mpc-hc64.exe verze 1.5.0.2827 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
c08 Čas spuštění: 01cc8be784a52906 Čas ukončení: 19 Cesta k aplikaci: C:\Program Files\Media
Player Classic - Home Cinema\mpc-hc64.exe ID hlášení: d43834f3-f7da-11e0-add6-1c6f65882358

Error - 16.10.2011 9:58:38 | Computer Name = NimitzCOMP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl.exe, verze: 1.1.1.1, časové razítko:
0x3fd11900 Název chybujícího modulu: serverbrowser.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x42f19fab Kód výjimky: 0xc0000005 Posun chyby: 0x0d99e290 ID chybujícího
procesu: 0x710 Čas spuštění chybující aplikace: 0x01cc8c0b991b7ee8 Cesta k chybující
aplikaci: C:\Games\Counter Strike\hl.exe Cesta k chybujícímu modulu: serverbrowser.dll
ID
zprávy: f21b499a-f7fe-11e0-add6-1c6f65882358

Error - 30.10.2011 9:24:43 | Computer Name = NimitzCOMP | Source = Application Hang | ID = 1002
Description = Program mpc-hc64.exe verze 1.5.0.2827 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
524 Čas spuštění: 01cc96f365a6a18f Čas ukončení: 28 Cesta k aplikaci: C:\Program Files\Media
Player Classic - Home Cinema\mpc-hc64.exe ID hlášení: 76a74fe0-02fa-11e1-924b-1c6f65882358

Error - 5.11.2011 5:14:53 | Computer Name = NimitzCOMP | Source = Application Hang | ID = 1002
Description = Program bf3.exe verze 1.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: a00 Čas
spuštění: 01cc9b99215cd529 Čas ukončení: 41 Cesta k aplikaci: C:\Games\Battlefield
3\Battlefield 3\bf3.exe ID hlášení:

Error - 5.11.2011 11:42:01 | Computer Name = NimitzCOMP | Source = Application Hang | ID = 1002
Description = Program mpc-hc64.exe verze 1.5.0.2827 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
d20 Čas spuštění: 01cc9bd145987b2a Čas ukončení: 63 Cesta k aplikaci: C:\Program Files\Media
Player Classic - Home Cinema\mpc-hc64.exe ID hlášení: a72dcec2-07c4-11e1-a87b-1c6f65882358

[ System Events ]
Error - 11.10.2011 8:50:57 | Computer Name = NimitzCOMP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:49:10, ?11.?10.?2011) bylo neočekávané.

Error - 11.10.2011 11:44:08 | Computer Name = NimitzCOMP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:41:35, ?11.?10.?2011) bylo neočekávané.

Error - 11.10.2011 11:44:14 | Computer Name = NIMITZCOMP | Source = BugCheck | ID = 1001
Description =

Error - 15.10.2011 12:14:50 | Computer Name = NimitzCOMP | Source = DCOM | ID = 10010
Description =

Error - 16.10.2011 13:08:59 | Computer Name = NimitzCOMP | Source = bowser | ID = 8003
Description =

Error - 18.10.2011 8:17:03 | Computer Name = NimitzCOMP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:14:35, ?18.?10.?2011) bylo neočekávané.

Error - 18.10.2011 10:15:54 | Computer Name = NimitzCOMP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:13:13, ?18.?10.?2011) bylo neočekávané.

Error - 26.10.2011 14:28:56 | Computer Name = NimitzCOMP | Source = BROWSER | ID = 8032
Description =

Error - 1.11.2011 15:17:31 | Computer Name = NimitzCOMP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (20:15:37, ?1.?11.?2011) bylo neočekávané.

Error - 2.11.2011 10:37:33 | Computer Name = NimitzCOMP | Source = bowser | ID = 8003
Description =

< End of report >

#11 Příspěvek od **Mc_Murphy** » 10 lis 2011 07:11

MBAM můžeš odinstalovat.

Vidím tam jako antivir Aviru a Avast!. Jeden musí jít pryč, protože dva antiviry v PC jsou kontraproduktivní a způsobují kolize. Mrkni na tento topic, vyber si jeden antivir, který chceš nechat a ten druhý odinstaluj pomocí daného removeru (odinstalátoru).

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O3 - HKU\S-1-5-21-1616389802-3361126038-1429883897-1002\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1616389802-3361126038-1429883897-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

:Files
%windir%\*.tmp /s
%windir%\system32\SET*.tmp /s
%windir%\system32\*.tmp.dll /s
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002UA.job
C:\Games\Assassin Creed 2\InstallAC2Crack.exe /d
C:\Games\Assassin Creed Brotherhood\patch /d
C:\Games\Civilization V\Sid.Meiers.Civilization.V-SKIDROW.Crack.Only.7z /d
C:\Moje Dokumenty\[isoHunt] Need.for.Speed.Hot.Pursuit-WAiT4CRACK.torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Adobe Photoshop CS5 Extended (Crack + Instructions).torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood CRACK FOR MULTIPLAYER SKIDROW -- SERvICE.torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER crack-1.01 uplay all type game working.torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER UBISOFT 4.04.11 cracked - SKIDROW.torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER Only.Crack.SKIDROW.torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin's Creed 2 Crack (Final and complete).torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Need.for.Speed.Hot.Pursuit.CrackOnly-WAiT4SCENE.torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Sid.Meiers.Civilization.V-SKIDROW.Crack.Only.7z.torrent /d
C:\Users\Nimitz\Documents\Zo stareho kompu\Utility\Veci na prehravanie videa HD\serial.txt /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\Portal.2.Crack.Fix-SKIDROW.torrent /d
C:\Users\Nimitz\AppData\Roaming\uTorrent\StarCraft_II_Crack.torrent /d
C:\Program Files (x86)\ConduitEngine
C:\Program Files (x86)\uTorrentBar

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

Jak je na tom počítač?

NimitzCZ · #12 Příspěvek od **NimitzCZ** » 10 lis 2011 10:16

Avast jsem doinstalnut včera jenom na 1 test, tak pro jistotu. Zítra ho zruším. Dnes jsem v práci i v noci takže se k tomu dostanu zítra, včera večer mi to ale už nedělalo. Vše provedu zítra když budu doma. děkuji

#13 Příspěvek od **Mc_Murphy** » 10 lis 2011 12:08

OK, počkám si.

NimitzCZ · #14 Příspěvek od **NimitzCZ** » 11 lis 2011 10:01

No, děkuji za pomoc, problikává a seka chrome pořád, asi fakt grafika teda

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
127.0.0.1 static3.cdn.ubi.com removed from HOSTS file successfully
127.0.0.1 ubisoft-orbit.s3.amazonaws.com removed from HOSTS file successfully
127.0.0.1 onlineconfigservice.ubi.com removed from HOSTS file successfully
127.0.0.1 orbitservice.ubi.com removed from HOSTS file successfully
127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com removed from HOSTS file successfully
Registry value HKEY_USERS\S-1-5-21-1616389802-3361126038-1429883897-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1616389802-3361126038-1429883897-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59D4.tmp\Microsoft.VisualC.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59D4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2433.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC13C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE782.tmp folder deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
========== FILES ==========
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1616389802-3361126038-1429883897-1002UA.job moved successfully.
C:\Games\Assassin Creed 2\InstallAC2Crack.exe deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\ACBSP.exe deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\ac_brotherhood_1.01_update.exe deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\assassins-creed-brotherhood-da-vinci-disappearance-dlc.zip deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\assassins-creed-brotherhood-patch-1-01-crack-skidrow.rar deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\AssassinsCreedBrotherhood.exe deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\changelog.txt deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\návod.txt deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\OPTIONS deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch\skidrow.nfo deleted successfully.
C:\Games\Assassin Creed Brotherhood\patch folder deleted successfully.
C:\Games\Civilization V\Sid.Meiers.Civilization.V-SKIDROW.Crack.Only.7z deleted successfully.
C:\Moje Dokumenty\[isoHunt] Need.for.Speed.Hot.Pursuit-WAiT4CRACK.torrent deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Adobe Photoshop CS5 Extended (Crack + Instructions).torrent deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood CRACK FOR MULTIPLAYER SKIDROW -- SERvICE.torrent deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER crack-1.01 uplay all type game working.torrent deleted successfully.
File\Folder C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER UBISOFT 4.04.11 cracked - SKIDROW.torrent not found.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin Creed Brotherhood MULTIPLAYER Only.Crack.SKIDROW.torrent deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Assassin's Creed 2 Crack (Final and complete).torrent deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Need.for.Speed.Hot.Pursuit.CrackOnly-WAiT4SCENE.torrent deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Sid.Meiers.Civilization.V-SKIDROW.Crack.Only.7z.torrent deleted successfully.
C:\Users\Nimitz\Documents\Zo stareho kompu\Utility\Veci na prehravanie videa HD\serial.txt deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\Portal.2.Crack.Fix-SKIDROW.torrent deleted successfully.
C:\Users\Nimitz\AppData\Roaming\uTorrent\StarCraft_II_Crack.torrent deleted successfully.
File\Folder C:\Program Files (x86)\ConduitEngine not found.
File\Folder C:\Program Files (x86)\uTorrentBar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nimitz
->Temp folder emptied: 12761736 bytes
->Temporary Internet Files folder emptied: 2001922 bytes
->Java cache emptied: 4942075 bytes
->Google Chrome cache emptied: 149193481 bytes
->Flash cache emptied: 2491 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1670 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 161,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Nimitz
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.31.0 log created on 11112011_095235

Files\Folders moved on Reboot...
C:\Users\Nimitz\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

#15 Příspěvek od **Mc_Murphy** » 11 lis 2011 14:32

A vysvětlíš mi, proč to samé řešíš v dalším topicu, aniž bys to dokončil zde?!

Mluvím o tomto threadu: http://www.viry.cz/forum/viewtopic.php?f=13&t=116831

A na Tvé "Nikdo se nemůže prosím vyjádřit? Sám bez rady si s tím asi nepomůžu." Ti napíšu, aby sis laskavě uvědomil, že tu u toho všichni sedíme zadarmo a ve svém volném čase.

VIRY.CZ

Mrznutí kompu - prosím o kontrolu logu

Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu

Re: Mrznutí kompu - prosím o kontrolu logu