Prosím o zkontrolování logu, děkuji předem.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mrkew at 2013-04-22 17:56:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 67 GB (14%) free of 477 GB
Total RAM: 4092 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:40, on 22.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Mrkew.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1871362649-4237718759-919936708-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1871362649-4237718759-919936708-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: ShareX.lnk = C:\Program Files\ShareX\ShareX.exe
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7193 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\ShareX\ShareX.exe" -silent
"C:\Program Files (x86)\Trillian\trillian.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000634
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Mrkew\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Mrkew\AppData\Roaming\Mozilla\Firefox\Profiles\bvoep98d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.168 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\ProgramData\id Software\QuakeLive\npquakezero.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.168 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-19 551840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-19 209824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-09 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28 18642024]
"AdobeBridge"= []
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-03-29 1631144]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Epson Stylus SX420W(Síť)]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [2013-02-07 224768]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-04-04 345312]
C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe
ShareX.lnk - C:\Program Files\ShareX\ShareX.exe
Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-04-22 17:56:34 ----D---- C:\Program Files\trend micro
2013-04-22 17:56:33 ----D---- C:\rsit
2013-04-22 17:25:14 ----AD---- C:\war2
2013-04-20 22:37:59 ----D---- C:\Program Files (x86)\ATnotes
2013-04-17 21:42:27 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-04-17 21:42:22 ----D---- C:\Users\Mrkew\AppData\Roaming\DAEMON Tools Lite
2013-04-17 21:42:17 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-04-17 21:41:09 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-04-16 21:45:52 ----A---- C:\Windows\EAConfigInfo.txt
2013-04-16 21:45:28 ----A---- C:\Windows\IsUninst.exe
2013-04-14 20:52:19 ----D---- C:\ProgramData\Blizzard Entertainment
2013-04-14 20:43:09 ----D---- C:\ProgramData\Battle.net
2013-04-14 12:41:29 ----D---- C:\ProgramData\id Software
2013-04-14 02:04:34 ----D---- C:\Users\Mrkew\AppData\Roaming\TechSmith
2013-04-14 02:02:00 ----D---- C:\Program Files (x86)\QuickTime
2013-04-14 02:00:42 ----D---- C:\ProgramData\TechSmith
2013-04-14 02:00:42 ----D---- C:\Program Files (x86)\TechSmith
2013-04-13 18:57:29 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-12 18:30:51 ----D---- C:\Windows\Minidump
2013-04-11 18:52:14 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2013-04-11 18:51:54 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-04-11 18:51:52 ----DC---- C:\Windows\system32\DRVSTORE
2013-04-11 18:51:45 ----D---- C:\Program Files\Oracle
2013-04-11 16:44:34 ----D---- C:\Program Files (x86)\DOSBox-0.74
2013-04-10 23:44:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-10 23:44:02 ----A---- C:\Windows\system32\ieui.dll
2013-04-10 23:44:02 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-10 23:44:01 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-10 23:44:01 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-10 23:44:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-10 23:44:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-10 23:44:01 ----A---- C:\Windows\system32\iesetup.dll
2013-04-10 23:44:01 ----A---- C:\Windows\system32\iernonce.dll
2013-04-10 23:44:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-10 23:44:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-10 23:44:00 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-10 23:44:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-10 23:44:00 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-10 23:44:00 ----A---- C:\Windows\system32\iertutil.dll
2013-04-10 23:43:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-10 23:43:58 ----A---- C:\Windows\system32\urlmon.dll
2013-04-10 23:43:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-10 23:43:57 ----A---- C:\Windows\system32\jscript.dll
2013-04-10 23:43:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-10 23:43:56 ----A---- C:\Windows\system32\jscript9.dll
2013-04-10 23:43:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-10 23:43:55 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-10 23:43:54 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-10 23:43:54 ----A---- C:\Windows\system32\wininet.dll
2013-04-10 23:43:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-10 23:43:52 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 23:43:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-10 23:43:48 ----A---- C:\Windows\system32\mshtml.dll
2013-04-10 20:43:55 ----D---- C:\Program Files (x86)\IDroo
2013-04-10 17:01:01 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 17:00:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-10 16:58:38 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 16:58:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 16:58:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 16:58:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 16:58:11 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 16:58:11 ----A---- C:\Windows\system32\smss.exe
2013-04-10 16:58:11 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 22:19:36 ----A---- C:\Windows\ODBC.INI
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\sscsdk32.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\ntwdblib.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\mxintl30.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\msjet35.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\mitmin30.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\mitmdl30.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\midlin30.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\midlg30.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfwpg60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfwmf60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lftif60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lftga60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfpsd60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfpng60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfpcx60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfpct60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfmsp60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfmac60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lffax60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfeps60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfcmp60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\lfbmp60n.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\crutl13.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\crsyb13.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\cror813.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\cror713.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\crgup13.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\crflt13.dll
2013-04-09 22:17:58 ----A---- C:\Windows\SYSWOW64\crdb213.dll
2013-04-09 22:17:57 ----A---- C:\Windows\SYSWOW64\crbas13.dll
2013-04-09 22:16:05 ----D---- C:\OrCAD
2013-04-06 19:58:07 ----D---- C:\Users\Mrkew\AppData\Roaming\Ubisoft
2013-04-06 19:57:46 ----D---- C:\ProgramData\Solidshield
2013-04-06 19:51:33 ----A---- C:\Windows\system32\drivers\atksgt.sys
2013-04-06 19:51:32 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2013-04-04 22:02:49 ----D---- C:\Users\Mrkew\AppData\Roaming\Avira
2013-04-04 21:59:05 ----D---- C:\Program Files (x86)\Oldgames
2013-04-04 21:58:28 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-04-04 21:58:28 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-04-04 21:58:28 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-04-04 21:58:27 ----D---- C:\ProgramData\Avira
2013-04-04 21:58:27 ----D---- C:\Program Files (x86)\Avira
2013-04-04 21:14:50 ----D---- C:\Users\Mrkew\AppData\Roaming\Warsow 1.0
2013-04-04 21:13:07 ----D---- C:\Users\Mrkew\AppData\Roaming\Warsow 1.02
2013-04-03 16:52:53 ----D---- C:\Users\Mrkew\AppData\Roaming\TeamViewer
2013-04-02 22:13:02 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-04-02 21:59:43 ----A---- C:\Windows\system32\aswBoot.exe
2013-04-02 21:58:01 ----D---- C:\Program Files\AVAST Software
2013-04-02 21:56:38 ----D---- C:\ProgramData\AVAST Software
2013-03-26 07:12:41 ----A---- C:\Windows\system32\drivers\usb8023.sys
======List of files/folders modified in the last 1 month======
2013-04-22 17:56:37 ----D---- C:\Windows\Temp
2013-04-22 17:56:34 ----RD---- C:\Program Files
2013-04-22 17:52:25 ----D---- C:\Users\Mrkew\AppData\Roaming\Skype
2013-04-22 14:38:07 ----D---- C:\Windows\system32\config
2013-04-22 14:24:50 ----D---- C:\Users\Mrkew\AppData\Roaming\Dropbox
2013-04-22 14:24:24 ----RD---- C:\Dropbox
2013-04-22 14:23:52 ----D---- C:\Program Files (x86)\Steam
2013-04-22 14:23:47 ----D---- C:\Program Files (x86)\Trillian
2013-04-21 22:15:57 ----D---- C:\Games
2013-04-21 12:02:18 ----D---- C:\Users\Mrkew\AppData\Roaming\Audacity
2013-04-21 11:50:46 ----D---- C:\Users\Mrkew\AppData\Roaming\vlc
2013-04-21 09:55:08 ----D---- C:\Users\Mrkew\AppData\Roaming\Adobe
2013-04-21 00:26:46 ----RSD---- C:\Windows\Fonts
2013-04-20 23:18:20 ----D---- C:\Mrkew
2013-04-20 22:37:59 ----RD---- C:\Program Files (x86)
2013-04-20 22:33:50 ----SD---- C:\Users\Mrkew\AppData\Roaming\Microsoft
2013-04-20 21:10:44 ----D---- C:\Users\Mrkew\AppData\Roaming\.minecraft
2013-04-20 15:27:53 ----D---- C:\Windows\System32
2013-04-20 15:27:53 ----D---- C:\Windows\inf
2013-04-20 15:27:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-20 14:41:36 ----D---- C:\Users\Mrkew\AppData\Roaming\FileZilla
2013-04-17 21:51:31 ----D---- C:\Users\Mrkew\AppData\Roaming\uTorrent
2013-04-17 21:43:18 ----D---- C:\Windows\system32\drivers
2013-04-17 21:43:16 ----D---- C:\Windows\system32\catroot
2013-04-17 21:43:12 ----D---- C:\Windows\system32\DriverStore
2013-04-17 21:43:01 ----SHD---- C:\System Volume Information
2013-04-17 21:41:09 ----HD---- C:\ProgramData
2013-04-16 21:46:56 ----D---- C:\Windows
2013-04-15 22:55:17 ----D---- C:\Users\Mrkew\AppData\Roaming\gtk-2.0
2013-04-14 20:52:25 ----D---- C:\Program Files (x86)\Common Files
2013-04-14 20:00:08 ----D---- C:\Windows\Prefetch
2013-04-14 15:11:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-14 12:41:30 ----SHD---- C:\Windows\Installer
2013-04-14 02:01:59 ----D---- C:\Windows\SysWOW64
2013-04-14 02:01:38 ----D---- C:\Users\Mrkew\AppData\Roaming\Tunngle
2013-04-13 20:10:09 ----D---- C:\ProgramData\Tunngle
2013-04-13 16:44:25 ----SD---- C:\ProgramData\Microsoft
2013-04-13 12:10:16 ----D---- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2
2013-04-11 16:14:20 ----D---- C:\Windows\winsxs
2013-04-11 16:06:43 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-11 16:06:41 ----D---- C:\Program Files\Internet Explorer
2013-04-10 23:45:18 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 23:44:24 ----D---- C:\Windows\system32\catroot2
2013-04-10 20:37:27 ----D---- C:\ProgramData\Skype
2013-04-10 20:37:21 ----RD---- C:\Program Files (x86)\Skype
2013-04-10 00:07:08 ----D---- C:\Bordel
2013-04-09 22:17:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-07 11:41:47 ----D---- C:\Program Files\ShareX
2013-04-06 19:50:38 ----RSD---- C:\Windows\assembly
2013-04-05 17:15:04 ----D---- C:\Program Files\Sublime Text 2
2013-04-04 19:46:11 ----D---- C:\Program Files (x86)\Opera
2013-04-02 22:13:09 ----D---- C:\Windows\system32\Tasks
2013-04-02 22:09:10 ----D---- C:\ProgramData\Adobe
2013-04-02 21:31:04 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-04-04 130016]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-04-04 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-17 283200]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2013-02-16 30112]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-03-15 237840]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-03-15 120080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-04-06 314016]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-04-04 100712]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-04-06 43680]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM); C:\Windows\system32\DRIVERS\vrtaucbl.sys [2013-03-02 66728]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-03-22 29800]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\SmSerl64.sys [2009-06-10 1227776]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2013-03-15 146704]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-03-15 131856]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-04-04 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-04-04 86752]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-13 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-03-29 543656]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o zkontrolování logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o zkontrolování logu
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o zkontrolování logu
OTL logfile created on: 22.4.2013 20:14:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mrkew\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 49,34% Memory free
7,99 Gb Paging File | 5,61 Gb Available in Paging File | 70,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 65,53 Gb Free Space | 14,07% Space Free | Partition Type: NTFS
Drive E: | 495,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MRKEW-NTB | User Name: Mrkew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.22 20:01:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mrkew\Desktop\OTL.exe
PRC - [2013.04.05 00:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.04.04 21:57:27 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.04 21:56:51 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.04.04 21:56:48 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.04 19:46:05 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2013.03.29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012.09.05 01:00:00 | 002,429,904 | ---- | M] (Cerulean Studios) -- C:\Program Files (x86)\Trillian\trillian.exe
PRC - [2012.04.04 07:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.04 19:46:07 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2013.04.04 19:46:07 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013.04.04 19:46:07 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013.04.04 19:46:07 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013.04.04 19:46:07 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013.04.04 19:46:07 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013.04.04 19:46:07 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013.04.04 19:46:07 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013.04.04 19:46:07 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013.04.04 19:46:07 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013.04.04 19:46:07 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013.04.04 19:46:07 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2013.03.29 21:53:56 | 001,114,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.03.26 00:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.02.15 00:22:05 | 014,717,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.09.05 01:00:00 | 000,187,392 | ---- | M] () -- C:\Program Files (x86)\Trillian\libpng15.dll
MOD - [2012.09.05 01:00:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Trillian\libungif.dll
MOD - [2012.09.05 01:00:00 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Trillian\zlib1.dll
MOD - [2012.09.05 01:00:00 | 000,011,264 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\buddy.dll
MOD - [2012.09.05 01:00:00 | 000,007,168 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\talk.dll
MOD - [2012.09.05 01:00:00 | 000,006,656 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\trillian.dll
MOD - [2012.09.05 01:00:00 | 000,006,656 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\events.dll
MOD - [2012.09.05 01:00:00 | 000,003,584 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\toolkit.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.13 18:57:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 21:57:27 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.04 21:56:51 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.26 19:35:10 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.09.23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.17 21:42:27 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.04.06 19:51:33 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013.04.06 19:51:32 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013.04.04 21:57:44 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.04.04 21:57:44 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.04.04 21:57:44 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.03.15 19:14:04 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.03.02 18:38:50 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2013.02.16 16:27:43 | 000,030,112 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2012.08.23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.05.13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.06.29 03:01:38 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:14 | 001,227,776 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SmSerl64.sys -- (smserial)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.11.13 22:53:00 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1871362649-4237718759-919936708-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1871362649-4237718759-919936708-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1871362649-4237718759-919936708-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 18:57:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.02.27 23:40:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mrkew\AppData\Roaming\Mozilla\Extensions
[2013.04.13 18:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.04.13 18:57:38 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 10:25:21 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.16 10:25:21 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.16 10:25:21 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.16 10:25:21 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.16 10:25:21 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1002..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1002..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk = C:\Program Files\ShareX\ShareX.exe (ShareX Developers)
O4 - Startup: C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.13.2)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_13)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E862E885-1D86-4CA1-A50B-E32C0B3AD77B}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA0B12AE-018C-4DD0-9FB4-2C7EE7AFC46A}: DhcpNameServer = 8.8.8.8 8.8.8.4
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.01 08:22:48 | 000,000,000 | ---D | M] - E:\AutoRunSource -- [ CDFS ]
O32 - AutoRun File - [2007.06.28 20:06:56 | 000,011,478 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2007.06.28 20:06:56 | 002,256,896 | R--- | M] (Longtion) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.07.01 08:20:09 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.07.01 08:20:10 | 000,462,809 | R--- | M] () - E:\autorun.tgt -- [ CDFS ]
O33 - MountPoints2\{831d33e0-a766-11e2-b0cd-406186172faa}\Shell - "" = AutoRun
O33 - MountPoints2\{831d33e0-a766-11e2-b0cd-406186172faa}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2007.06.28 20:06:56 | 002,256,896 | R--- | M] (Longtion)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.RTV1 - rtvcvfw64.dll ()
Drivers32:64bit: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
Drivers32: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.22 20:01:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mrkew\Desktop\OTL.exe
[2013.04.22 17:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.22 17:56:33 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.22 17:25:14 | 000,000,000 | ---D | C] -- C:\war2
[2013.04.22 17:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft II
[2013.04.22 17:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft
[2013.04.22 16:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z (Bitmap Brothers)
[2013.04.20 22:37:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATnotes
[2013.04.17 22:10:10 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dungeon Keeper 2 CZ ver.1.0
[2013.04.17 21:48:22 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2013.04.17 21:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2013.04.17 21:42:27 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.17 21:42:22 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\DAEMON Tools Lite
[2013.04.17 21:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013.04.17 21:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013.04.16 21:45:28 | 000,314,880 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2013.04.15 22:16:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OldGames.sk
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\Documents\StarCraft II
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.04.14 20:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013.04.14 12:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\id Software
[2013.04.14 12:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\id Software
[2013.04.14 02:04:34 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\TechSmith
[2013.04.14 02:04:26 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Local\TechSmith
[2013.04.14 02:03:46 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\Documents\Camtasia Studio
[2013.04.14 02:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2013.04.14 02:02:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.04.14 02:01:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2013.04.14 02:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2013.04.14 02:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2013.04.13 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.12 18:30:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.04.11 18:56:12 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\VirtualBox VMs
[2013.04.11 18:53:43 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\.VirtualBox
[2013.04.11 18:52:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.04.11 18:51:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.04.11 18:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013.04.11 16:44:48 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Local\DOSBox
[2013.04.11 16:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2013.04.11 16:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2013.04.10 23:44:03 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 23:44:02 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 23:44:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 23:44:01 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 23:44:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 23:44:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 23:44:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 23:44:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 23:44:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 23:44:00 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 23:44:00 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 23:44:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 23:43:57 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 23:43:57 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 23:43:56 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 21:00:07 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Local\Iteral_Group_Ltd
[2013.04.10 20:43:55 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IDroo
[2013.04.10 20:43:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDroo
[2013.04.10 20:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.10 16:58:12 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 16:58:11 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 16:58:11 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 16:58:11 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 16:58:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 16:58:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.09 22:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrCAD 10.5 Demo
[2013.04.09 22:17:58 | 001,046,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll
[2013.04.09 22:17:58 | 000,901,120 | ---- | C] (Three |D| Graphics, Inc.) -- C:\Windows\SysWow64\sscsdk32.dll
[2013.04.09 22:17:58 | 000,736,768 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\mapx30.ocx
[2013.04.09 22:17:58 | 000,346,112 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crflt13.dll
[2013.04.09 22:17:58 | 000,303,616 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crutl13.dll
[2013.04.09 22:17:58 | 000,274,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntwdblib.dll
[2013.04.09 22:17:58 | 000,178,176 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\mxintl30.dll
[2013.04.09 22:17:58 | 000,159,232 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crsyb13.dll
[2013.04.09 22:17:58 | 000,157,696 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\cror813.dll
[2013.04.09 22:17:58 | 000,139,264 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\midlg30.dll
[2013.04.09 22:17:58 | 000,138,752 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\cror713.dll
[2013.04.09 22:17:58 | 000,112,640 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crgup13.dll
[2013.04.09 22:17:58 | 000,111,616 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crdb213.dll
[2013.04.09 22:17:58 | 000,065,536 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\mitmin30.dll
[2013.04.09 22:17:58 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DBNM5556.rra
[2013.04.09 22:17:58 | 000,026,624 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\midlin30.dll
[2013.04.09 22:17:57 | 000,320,000 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crbas13.dll
[2013.04.09 22:17:57 | 000,147,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ASYCFILT.DL
[2013.04.09 22:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Crystal Decisions
[2013.04.09 22:16:05 | 000,000,000 | ---D | C] -- C:\OrCAD
[2013.04.06 20:02:54 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\Documents\ANNO 1404 Benátky
[2013.04.06 19:58:07 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Ubisoft
[2013.04.06 19:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2013.04.04 22:02:49 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Avira
[2013.04.04 21:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stonekeep Demo
[2013.04.04 21:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oldgames
[2013.04.04 21:58:28 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.04.04 21:58:28 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.04.04 21:58:28 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.04.04 21:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.04.04 21:58:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.04.04 21:14:50 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.0
[2013.04.04 21:13:07 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.02
[2013.04.03 16:52:53 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\TeamViewer
[2013.04.02 22:13:02 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.04.02 21:59:43 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.04.02 21:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.02 21:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.03.26 07:12:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.22 20:18:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.22 20:01:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mrkew\Desktop\OTL.exe
[2013.04.22 17:56:23 | 000,935,175 | ---- | M] () -- C:\Users\Mrkew\Desktop\RSITx64.exe
[2013.04.22 14:31:16 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 14:31:16 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 14:23:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.22 14:23:18 | 3218,153,472 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.21 20:58:10 | 000,000,132 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013.04.21 11:45:11 | 000,826,569 | ---- | M] () -- C:\Users\Mrkew\Desktop\curseoff.png
[2013.04.21 09:00:00 | 004,971,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.20 15:27:53 | 001,604,632 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.20 15:27:53 | 000,675,350 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.20 15:27:53 | 000,145,272 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.20 15:27:53 | 000,125,318 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.20 15:27:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.20 14:17:08 | 000,071,874 | ---- | M] () -- C:\Users\Mrkew\Desktop\p_29150576273712_20130406_123727.jpg
[2013.04.17 21:42:27 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.15 22:55:17 | 000,021,564 | ---- | M] () -- C:\Users\Mrkew\.recently-used.xbel
[2013.04.15 22:16:33 | 000,002,323 | ---- | M] () -- C:\Users\Mrkew\Desktop\OldGames.sk.lnk
[2013.04.14 20:52:26 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.04.14 09:51:55 | 000,004,608 | ---- | M] () -- C:\Users\Mrkew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.14 02:02:02 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2013.04.13 12:21:03 | 000,024,653 | ---- | M] () -- C:\Users\Mrkew\Desktop\config.yml
[2013.04.12 18:30:48 | 451,738,516 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.04.11 16:44:34 | 000,001,918 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2013.04.10 20:43:55 | 000,000,963 | ---- | M] () -- C:\Users\Mrkew\Desktop\IDroo.lnk
[2013.04.09 22:19:36 | 000,000,258 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.04.08 19:53:16 | 007,106,990 | ---- | M] () -- C:\Users\Mrkew\Desktop\YouTubeLayout2013.psd
[2013.04.08 19:53:15 | 000,671,546 | ---- | M] () -- C:\Users\Mrkew\Desktop\temnednybanner.png
[2013.04.07 11:41:47 | 000,000,836 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk
[2013.04.06 19:51:33 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.04.06 19:51:32 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.04.06 17:29:11 | 000,001,011 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.06 13:21:09 | 012,920,218 | ---- | M] () -- C:\Users\Mrkew\Desktop\mc_server_27065.jar
[2013.04.04 22:00:48 | 000,002,198 | ---- | M] () -- C:\Users\Mrkew\Desktop\Stonekeep (Demo).lnk
[2013.04.04 21:57:44 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.04.04 21:57:44 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.04.04 21:57:44 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.04.04 21:14:36 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\Warsow.lnk
[2013.04.02 22:06:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.22 20:18:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.22 17:56:23 | 000,935,175 | ---- | C] () -- C:\Users\Mrkew\Desktop\RSITx64.exe
[2013.04.21 11:45:02 | 000,826,569 | ---- | C] () -- C:\Users\Mrkew\Desktop\curseoff.png
[2013.04.20 14:17:08 | 000,071,874 | ---- | C] () -- C:\Users\Mrkew\Desktop\p_29150576273712_20130406_123727.jpg
[2013.04.15 22:55:17 | 000,021,564 | ---- | C] () -- C:\Users\Mrkew\.recently-used.xbel
[2013.04.15 22:16:33 | 000,002,323 | ---- | C] () -- C:\Users\Mrkew\Desktop\OldGames.sk.lnk
[2013.04.14 20:52:19 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.04.14 02:07:05 | 000,004,608 | ---- | C] () -- C:\Users\Mrkew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.14 02:02:02 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2013.04.13 12:09:43 | 000,024,653 | ---- | C] () -- C:\Users\Mrkew\Desktop\config.yml
[2013.04.12 18:30:48 | 451,738,516 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.04.11 16:44:34 | 000,001,918 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2013.04.10 20:43:55 | 000,000,963 | ---- | C] () -- C:\Users\Mrkew\Desktop\IDroo.lnk
[2013.04.09 22:19:36 | 000,000,258 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.04.09 22:17:58 | 000,903,168 | ---- | C] () -- C:\Windows\SysWow64\mitmdl30.dll
[2013.04.09 22:17:58 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\lffax60n.dll
[2013.04.09 22:17:58 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\lfcmp60n.dll
[2013.04.09 22:17:58 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\lfpng60n.dll
[2013.04.09 22:17:58 | 000,085,184 | ---- | C] () -- C:\Windows\SysWow64\mapInfow.prj
[2013.04.09 22:17:58 | 000,047,759 | ---- | C] () -- C:\Windows\SysWow64\foxpro.int
[2013.04.09 22:17:58 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\lftif60n.dll
[2013.04.09 22:17:58 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\lfpcx60n.dll
[2013.04.09 22:17:58 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfpct60n.dll
[2013.04.09 22:17:58 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfeps60n.dll
[2013.04.09 22:17:58 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\lfbmp60n.dll
[2013.04.09 22:17:58 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\lfpsd60n.dll
[2013.04.09 22:17:58 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\lftga60n.dll
[2013.04.09 22:17:58 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwpg60n.dll
[2013.04.09 22:17:58 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwmf60n.dll
[2013.04.09 22:17:58 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\lfmsp60n.dll
[2013.04.09 22:17:58 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\lfmac60n.dll
[2013.04.09 22:17:58 | 000,014,316 | ---- | C] () -- C:\Windows\SysWow64\rule1.llr
[2013.04.09 22:17:58 | 000,006,664 | ---- | C] () -- C:\Windows\SysWow64\rule1.dfa
[2013.04.09 22:17:58 | 000,000,796 | ---- | C] () -- C:\Windows\SysWow64\qecr.lic
[2013.04.09 22:17:58 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\mapx30.lic
[2013.04.08 19:53:06 | 000,671,546 | ---- | C] () -- C:\Users\Mrkew\Desktop\temnednybanner.png
[2013.04.08 19:49:16 | 007,106,990 | ---- | C] () -- C:\Users\Mrkew\Desktop\YouTubeLayout2013.psd
[2013.04.06 19:51:33 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.04.06 19:51:32 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.04.06 13:20:17 | 012,920,218 | ---- | C] () -- C:\Users\Mrkew\Desktop\mc_server_27065.jar
[2013.04.04 22:00:48 | 000,002,198 | ---- | C] () -- C:\Users\Mrkew\Desktop\Stonekeep (Demo).lnk
[2013.04.04 21:14:36 | 000,000,867 | ---- | C] () -- C:\Users\Public\Desktop\Warsow.lnk
[2013.04.02 21:59:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.03.16 23:44:27 | 000,006,623 | ---- | C] () -- C:\Users\Mrkew\AppData\Local\recently-used.xbel
[2013.02.18 20:42:56 | 000,000,132 | ---- | C] () -- C:\Users\Mrkew\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013.02.16 18:44:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013.02.16 13:31:56 | 001,583,854 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.20 21:10:44 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.minecraft
[2013.02.16 18:34:28 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.mojam
[2013.04.21 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Audacity
[2013.03.06 19:42:14 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Beat Hazard
[2013.02.17 13:26:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.04.17 21:46:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\DAEMON Tools Lite
[2013.04.22 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Dropbox
[2013.04.22 20:02:06 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\FileZilla
[2013.04.15 22:55:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\gtk-2.0
[2013.03.16 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\inkscape
[2013.02.07 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\LibreOffice
[2013.02.15 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\OBS
[2013.02.15 00:20:23 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Opera
[2013.02.18 20:31:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PDAppFlex
[2013.02.19 22:36:15 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PlayCatanClient
[2013.02.07 18:23:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Publish Providers
[2013.02.16 19:11:02 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sony
[2013.04.13 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2
[2013.04.05 15:57:53 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TeamViewer
[2013.04.14 02:04:34 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TechSmith
[2013.02.16 16:07:20 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Trillian
[2013.04.14 02:01:38 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Tunngle
[2013.04.06 20:27:13 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Ubisoft
[2013.04.17 21:51:31 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\uTorrent
[2013.04.04 21:14:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.0
[2013.04.04 21:13:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.02
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mrkew\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 49,34% Memory free
7,99 Gb Paging File | 5,61 Gb Available in Paging File | 70,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 65,53 Gb Free Space | 14,07% Space Free | Partition Type: NTFS
Drive E: | 495,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MRKEW-NTB | User Name: Mrkew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.22 20:01:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mrkew\Desktop\OTL.exe
PRC - [2013.04.05 00:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.04.04 21:57:27 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.04 21:56:51 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.04.04 21:56:48 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.04 19:46:05 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2013.03.29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012.09.05 01:00:00 | 002,429,904 | ---- | M] (Cerulean Studios) -- C:\Program Files (x86)\Trillian\trillian.exe
PRC - [2012.04.04 07:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.04 19:46:07 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2013.04.04 19:46:07 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013.04.04 19:46:07 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013.04.04 19:46:07 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013.04.04 19:46:07 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013.04.04 19:46:07 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013.04.04 19:46:07 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013.04.04 19:46:07 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013.04.04 19:46:07 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013.04.04 19:46:07 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013.04.04 19:46:07 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013.04.04 19:46:07 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2013.03.29 21:53:56 | 001,114,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.03.26 00:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.02.15 00:22:05 | 014,717,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.09.05 01:00:00 | 000,187,392 | ---- | M] () -- C:\Program Files (x86)\Trillian\libpng15.dll
MOD - [2012.09.05 01:00:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Trillian\libungif.dll
MOD - [2012.09.05 01:00:00 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Trillian\zlib1.dll
MOD - [2012.09.05 01:00:00 | 000,011,264 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\buddy.dll
MOD - [2012.09.05 01:00:00 | 000,007,168 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\talk.dll
MOD - [2012.09.05 01:00:00 | 000,006,656 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\trillian.dll
MOD - [2012.09.05 01:00:00 | 000,006,656 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\events.dll
MOD - [2012.09.05 01:00:00 | 000,003,584 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\toolkit.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.13 18:57:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 21:57:27 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.04 21:56:51 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.26 19:35:10 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.09.23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.17 21:42:27 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.04.06 19:51:33 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013.04.06 19:51:32 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013.04.04 21:57:44 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.04.04 21:57:44 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.04.04 21:57:44 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.03.15 19:14:04 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013.03.02 18:38:50 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2013.02.16 16:27:43 | 000,030,112 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2012.08.23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.05.13 04:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.06.29 03:01:38 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:14 | 001,227,776 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SmSerl64.sys -- (smserial)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.11.13 22:53:00 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1871362649-4237718759-919936708-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1871362649-4237718759-919936708-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-1871362649-4237718759-919936708-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 18:57:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.02.27 23:40:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mrkew\AppData\Roaming\Mozilla\Extensions
[2013.04.13 18:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.04.13 18:57:38 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 10:25:21 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.16 10:25:21 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.16 10:25:21 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.16 10:25:21 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.16 10:25:21 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1002..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1002..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1871362649-4237718759-919936708-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk = C:\Program Files\ShareX\ShareX.exe (ShareX Developers)
O4 - Startup: C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.13.2)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_13)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E862E885-1D86-4CA1-A50B-E32C0B3AD77B}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA0B12AE-018C-4DD0-9FB4-2C7EE7AFC46A}: DhcpNameServer = 8.8.8.8 8.8.8.4
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.01 08:22:48 | 000,000,000 | ---D | M] - E:\AutoRunSource -- [ CDFS ]
O32 - AutoRun File - [2007.06.28 20:06:56 | 000,011,478 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2007.06.28 20:06:56 | 002,256,896 | R--- | M] (Longtion) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.07.01 08:20:09 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.07.01 08:20:10 | 000,462,809 | R--- | M] () - E:\autorun.tgt -- [ CDFS ]
O33 - MountPoints2\{831d33e0-a766-11e2-b0cd-406186172faa}\Shell - "" = AutoRun
O33 - MountPoints2\{831d33e0-a766-11e2-b0cd-406186172faa}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2007.06.28 20:06:56 | 002,256,896 | R--- | M] (Longtion)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.RTV1 - rtvcvfw64.dll ()
Drivers32:64bit: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
Drivers32: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.22 20:01:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mrkew\Desktop\OTL.exe
[2013.04.22 17:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.22 17:56:33 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.22 17:25:14 | 000,000,000 | ---D | C] -- C:\war2
[2013.04.22 17:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft II
[2013.04.22 17:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft
[2013.04.22 16:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z (Bitmap Brothers)
[2013.04.20 22:37:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATnotes
[2013.04.17 22:10:10 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dungeon Keeper 2 CZ ver.1.0
[2013.04.17 21:48:22 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2013.04.17 21:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog
[2013.04.17 21:42:27 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.17 21:42:22 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\DAEMON Tools Lite
[2013.04.17 21:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013.04.17 21:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013.04.16 21:45:28 | 000,314,880 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2013.04.15 22:16:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OldGames.sk
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\Documents\StarCraft II
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.04.14 20:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.04.14 20:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013.04.14 12:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\id Software
[2013.04.14 12:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\id Software
[2013.04.14 02:04:34 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\TechSmith
[2013.04.14 02:04:26 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Local\TechSmith
[2013.04.14 02:03:46 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\Documents\Camtasia Studio
[2013.04.14 02:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2013.04.14 02:02:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.04.14 02:01:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2013.04.14 02:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2013.04.14 02:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2013.04.13 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.12 18:30:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.04.11 18:56:12 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\VirtualBox VMs
[2013.04.11 18:53:43 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\.VirtualBox
[2013.04.11 18:52:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.04.11 18:51:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.04.11 18:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013.04.11 16:44:48 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Local\DOSBox
[2013.04.11 16:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2013.04.11 16:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2013.04.10 23:44:03 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 23:44:02 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 23:44:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 23:44:01 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 23:44:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 23:44:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 23:44:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 23:44:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 23:44:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 23:44:00 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 23:44:00 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 23:44:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 23:43:57 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 23:43:57 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 23:43:56 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 21:00:07 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Local\Iteral_Group_Ltd
[2013.04.10 20:43:55 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IDroo
[2013.04.10 20:43:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDroo
[2013.04.10 20:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.10 16:58:12 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 16:58:11 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 16:58:11 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 16:58:11 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 16:58:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 16:58:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.09 22:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrCAD 10.5 Demo
[2013.04.09 22:17:58 | 001,046,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll
[2013.04.09 22:17:58 | 000,901,120 | ---- | C] (Three |D| Graphics, Inc.) -- C:\Windows\SysWow64\sscsdk32.dll
[2013.04.09 22:17:58 | 000,736,768 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\mapx30.ocx
[2013.04.09 22:17:58 | 000,346,112 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crflt13.dll
[2013.04.09 22:17:58 | 000,303,616 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crutl13.dll
[2013.04.09 22:17:58 | 000,274,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntwdblib.dll
[2013.04.09 22:17:58 | 000,178,176 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\mxintl30.dll
[2013.04.09 22:17:58 | 000,159,232 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crsyb13.dll
[2013.04.09 22:17:58 | 000,157,696 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\cror813.dll
[2013.04.09 22:17:58 | 000,139,264 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\midlg30.dll
[2013.04.09 22:17:58 | 000,138,752 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\cror713.dll
[2013.04.09 22:17:58 | 000,112,640 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crgup13.dll
[2013.04.09 22:17:58 | 000,111,616 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crdb213.dll
[2013.04.09 22:17:58 | 000,065,536 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\mitmin30.dll
[2013.04.09 22:17:58 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DBNM5556.rra
[2013.04.09 22:17:58 | 000,026,624 | ---- | C] (MapInfo) -- C:\Windows\SysWow64\midlin30.dll
[2013.04.09 22:17:57 | 000,320,000 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\SysWow64\crbas13.dll
[2013.04.09 22:17:57 | 000,147,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ASYCFILT.DL
[2013.04.09 22:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Crystal Decisions
[2013.04.09 22:16:05 | 000,000,000 | ---D | C] -- C:\OrCAD
[2013.04.06 20:02:54 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\Documents\ANNO 1404 Benátky
[2013.04.06 19:58:07 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Ubisoft
[2013.04.06 19:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2013.04.04 22:02:49 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Avira
[2013.04.04 21:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stonekeep Demo
[2013.04.04 21:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oldgames
[2013.04.04 21:58:28 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.04.04 21:58:28 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.04.04 21:58:28 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.04.04 21:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.04.04 21:58:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.04.04 21:14:50 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.0
[2013.04.04 21:13:07 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.02
[2013.04.03 16:52:53 | 000,000,000 | ---D | C] -- C:\Users\Mrkew\AppData\Roaming\TeamViewer
[2013.04.02 22:13:02 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.04.02 21:59:43 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.04.02 21:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.02 21:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.03.26 07:12:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.22 20:18:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.22 20:01:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mrkew\Desktop\OTL.exe
[2013.04.22 17:56:23 | 000,935,175 | ---- | M] () -- C:\Users\Mrkew\Desktop\RSITx64.exe
[2013.04.22 14:31:16 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 14:31:16 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 14:23:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.22 14:23:18 | 3218,153,472 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.21 20:58:10 | 000,000,132 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013.04.21 11:45:11 | 000,826,569 | ---- | M] () -- C:\Users\Mrkew\Desktop\curseoff.png
[2013.04.21 09:00:00 | 004,971,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.20 15:27:53 | 001,604,632 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.20 15:27:53 | 000,675,350 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.20 15:27:53 | 000,145,272 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.20 15:27:53 | 000,125,318 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.20 15:27:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.20 14:17:08 | 000,071,874 | ---- | M] () -- C:\Users\Mrkew\Desktop\p_29150576273712_20130406_123727.jpg
[2013.04.17 21:42:27 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.15 22:55:17 | 000,021,564 | ---- | M] () -- C:\Users\Mrkew\.recently-used.xbel
[2013.04.15 22:16:33 | 000,002,323 | ---- | M] () -- C:\Users\Mrkew\Desktop\OldGames.sk.lnk
[2013.04.14 20:52:26 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.04.14 09:51:55 | 000,004,608 | ---- | M] () -- C:\Users\Mrkew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.14 02:02:02 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2013.04.13 12:21:03 | 000,024,653 | ---- | M] () -- C:\Users\Mrkew\Desktop\config.yml
[2013.04.12 18:30:48 | 451,738,516 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.04.11 16:44:34 | 000,001,918 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2013.04.10 20:43:55 | 000,000,963 | ---- | M] () -- C:\Users\Mrkew\Desktop\IDroo.lnk
[2013.04.09 22:19:36 | 000,000,258 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.04.08 19:53:16 | 007,106,990 | ---- | M] () -- C:\Users\Mrkew\Desktop\YouTubeLayout2013.psd
[2013.04.08 19:53:15 | 000,671,546 | ---- | M] () -- C:\Users\Mrkew\Desktop\temnednybanner.png
[2013.04.07 11:41:47 | 000,000,836 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk
[2013.04.06 19:51:33 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.04.06 19:51:32 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.04.06 17:29:11 | 000,001,011 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.06 13:21:09 | 012,920,218 | ---- | M] () -- C:\Users\Mrkew\Desktop\mc_server_27065.jar
[2013.04.04 22:00:48 | 000,002,198 | ---- | M] () -- C:\Users\Mrkew\Desktop\Stonekeep (Demo).lnk
[2013.04.04 21:57:44 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.04.04 21:57:44 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.04.04 21:57:44 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.04.04 21:14:36 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\Warsow.lnk
[2013.04.02 22:06:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.22 20:18:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.22 17:56:23 | 000,935,175 | ---- | C] () -- C:\Users\Mrkew\Desktop\RSITx64.exe
[2013.04.21 11:45:02 | 000,826,569 | ---- | C] () -- C:\Users\Mrkew\Desktop\curseoff.png
[2013.04.20 14:17:08 | 000,071,874 | ---- | C] () -- C:\Users\Mrkew\Desktop\p_29150576273712_20130406_123727.jpg
[2013.04.15 22:55:17 | 000,021,564 | ---- | C] () -- C:\Users\Mrkew\.recently-used.xbel
[2013.04.15 22:16:33 | 000,002,323 | ---- | C] () -- C:\Users\Mrkew\Desktop\OldGames.sk.lnk
[2013.04.14 20:52:19 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.04.14 02:07:05 | 000,004,608 | ---- | C] () -- C:\Users\Mrkew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.14 02:02:02 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2013.04.13 12:09:43 | 000,024,653 | ---- | C] () -- C:\Users\Mrkew\Desktop\config.yml
[2013.04.12 18:30:48 | 451,738,516 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.04.11 16:44:34 | 000,001,918 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2013.04.10 20:43:55 | 000,000,963 | ---- | C] () -- C:\Users\Mrkew\Desktop\IDroo.lnk
[2013.04.09 22:19:36 | 000,000,258 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.04.09 22:17:58 | 000,903,168 | ---- | C] () -- C:\Windows\SysWow64\mitmdl30.dll
[2013.04.09 22:17:58 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\lffax60n.dll
[2013.04.09 22:17:58 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\lfcmp60n.dll
[2013.04.09 22:17:58 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\lfpng60n.dll
[2013.04.09 22:17:58 | 000,085,184 | ---- | C] () -- C:\Windows\SysWow64\mapInfow.prj
[2013.04.09 22:17:58 | 000,047,759 | ---- | C] () -- C:\Windows\SysWow64\foxpro.int
[2013.04.09 22:17:58 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\lftif60n.dll
[2013.04.09 22:17:58 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\lfpcx60n.dll
[2013.04.09 22:17:58 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfpct60n.dll
[2013.04.09 22:17:58 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\lfeps60n.dll
[2013.04.09 22:17:58 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\lfbmp60n.dll
[2013.04.09 22:17:58 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\lfpsd60n.dll
[2013.04.09 22:17:58 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\lftga60n.dll
[2013.04.09 22:17:58 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwpg60n.dll
[2013.04.09 22:17:58 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\lfwmf60n.dll
[2013.04.09 22:17:58 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\lfmsp60n.dll
[2013.04.09 22:17:58 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\lfmac60n.dll
[2013.04.09 22:17:58 | 000,014,316 | ---- | C] () -- C:\Windows\SysWow64\rule1.llr
[2013.04.09 22:17:58 | 000,006,664 | ---- | C] () -- C:\Windows\SysWow64\rule1.dfa
[2013.04.09 22:17:58 | 000,000,796 | ---- | C] () -- C:\Windows\SysWow64\qecr.lic
[2013.04.09 22:17:58 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\mapx30.lic
[2013.04.08 19:53:06 | 000,671,546 | ---- | C] () -- C:\Users\Mrkew\Desktop\temnednybanner.png
[2013.04.08 19:49:16 | 007,106,990 | ---- | C] () -- C:\Users\Mrkew\Desktop\YouTubeLayout2013.psd
[2013.04.06 19:51:33 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.04.06 19:51:32 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.04.06 13:20:17 | 012,920,218 | ---- | C] () -- C:\Users\Mrkew\Desktop\mc_server_27065.jar
[2013.04.04 22:00:48 | 000,002,198 | ---- | C] () -- C:\Users\Mrkew\Desktop\Stonekeep (Demo).lnk
[2013.04.04 21:14:36 | 000,000,867 | ---- | C] () -- C:\Users\Public\Desktop\Warsow.lnk
[2013.04.02 21:59:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.03.16 23:44:27 | 000,006,623 | ---- | C] () -- C:\Users\Mrkew\AppData\Local\recently-used.xbel
[2013.02.18 20:42:56 | 000,000,132 | ---- | C] () -- C:\Users\Mrkew\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013.02.16 18:44:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013.02.16 13:31:56 | 001,583,854 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.20 21:10:44 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.minecraft
[2013.02.16 18:34:28 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.mojam
[2013.04.21 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Audacity
[2013.03.06 19:42:14 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Beat Hazard
[2013.02.17 13:26:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.04.17 21:46:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\DAEMON Tools Lite
[2013.04.22 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Dropbox
[2013.04.22 20:02:06 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\FileZilla
[2013.04.15 22:55:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\gtk-2.0
[2013.03.16 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\inkscape
[2013.02.07 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\LibreOffice
[2013.02.15 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\OBS
[2013.02.15 00:20:23 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Opera
[2013.02.18 20:31:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PDAppFlex
[2013.02.19 22:36:15 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PlayCatanClient
[2013.02.07 18:23:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Publish Providers
[2013.02.16 19:11:02 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sony
[2013.04.13 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2
[2013.04.05 15:57:53 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TeamViewer
[2013.04.14 02:04:34 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TechSmith
[2013.02.16 16:07:20 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Trillian
[2013.04.14 02:01:38 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Tunngle
[2013.04.06 20:27:13 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Ubisoft
[2013.04.17 21:51:31 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\uTorrent
[2013.04.04 21:14:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.0
[2013.04.04 21:13:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.02
Re: Prosím o zkontrolování logu
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,026,186 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[33 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\avast_ash\Adobe AIR\*.tmp files -> C:\Windows\Temp\avast_ash\Adobe AIR\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.20 21:10:44 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.minecraft
[2013.02.16 18:34:28 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.mojam
[2013.04.21 09:55:08 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Adobe
[2013.04.21 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Audacity
[2013.04.04 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Avira
[2013.03.06 19:42:14 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Beat Hazard
[2013.02.17 13:26:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.04.17 21:46:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\DAEMON Tools Lite
[2013.04.22 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Dropbox
[2013.04.22 20:02:06 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\FileZilla
[2013.04.15 22:55:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\gtk-2.0
[2013.02.05 22:47:59 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Identities
[2013.03.16 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\inkscape
[2013.02.07 19:28:53 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\InstallShield
[2013.02.07 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\LibreOffice
[2013.02.05 22:56:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Macromedia
[2010.11.21 11:38:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Media Center Programs
[2013.04.20 22:33:50 | 000,000,000 | --SD | M] -- C:\Users\Mrkew\AppData\Roaming\Microsoft
[2013.02.27 23:40:24 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Mozilla
[2013.02.16 19:14:45 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\NVIDIA
[2013.02.15 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\OBS
[2013.02.15 00:20:23 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Opera
[2013.02.18 20:31:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PDAppFlex
[2013.02.19 22:36:15 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PlayCatanClient
[2013.02.07 18:23:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Publish Providers
[2013.04.22 20:53:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Skype
[2013.02.16 19:11:02 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sony
[2013.04.13 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2
[2013.04.05 15:57:53 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TeamViewer
[2013.04.14 02:04:34 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TechSmith
[2013.02.16 16:07:20 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Trillian
[2013.04.14 02:01:38 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Tunngle
[2013.04.06 20:27:13 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Ubisoft
[2013.04.17 21:51:31 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\uTorrent
[2013.04.21 11:50:46 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\vlc
[2013.04.04 21:14:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.0
[2013.04.04 21:13:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.02
< %APPDATA%\*.exe /s >
[2013.04.05 00:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.04.05 00:42:48 | 000,207,000 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2013.01.05 00:29:10 | 000,906,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.02.17 13:26:08 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Mrkew\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.02.23 13:40:00 | 000,118,784 | ---- | M] (obsproject.com) -- C:\Users\Mrkew\AppData\Roaming\OBS\updates\updater.exe
[2013.03.10 18:59:52 | 000,992,028 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Backup\20130413121016\CSSTidy\win\csstidy.exe
[2013.04.13 12:10:19 | 000,992,028 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Packages\CSSTidy\win\csstidy.exe
[2013.03.09 18:01:01 | 000,395,776 | ---- | M] (Simon Tatham) -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\psftp.exe
[2013.03.09 18:01:01 | 000,184,390 | ---- | M] (http://subversion.apache.org/) -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\svn.exe
[2013.02.16 13:40:20 | 000,108,192 | ---- | M] (Conduit Ltd.) -- C:\Users\Mrkew\AppData\Roaming\uTorrent\ism.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 18:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"AdobeBridge" =
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2013.03.29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.03.14 10:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.22 20:18:37 | 000,000,512 | ---- | M] () MD5=1D832E77DA9F9639A7BC993F25E33910 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[1994.11.17 09:13:44 | 000,007,632 | ---- | M] () -- \Games\Stare hry\Warcraft\C\WARCRAFT\CRACK.EXE
[2012.02.03 16:07:10 | 001,099,940 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\BG\Extension_01\Original\EX01_BlackCrack_OBJ.gpk
[2012.02.03 16:29:52 | 008,695,706 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone.gpk
[2012.02.03 16:29:54 | 006,332,931 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone_ANI.gpk
[2012.07.25 14:45:18 | 003,335,217 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_NPC_OBJ.gpk
[2012.07.25 14:45:20 | 000,036,564 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_NPC_OBJ_ANI.gpk
[2011.12.14 08:41:08 | 000,685,163 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\Black_Crack_Wall.gpk
[2012.05.09 15:03:38 | 000,021,443 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\resources\evil-mod\evmc\sounds\crack.ogg
[2010.01.30 10:46:58 | 000,667,270 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\heroes V\Heroes of Might And Magic V - Hammers of Fate + CZ_ Rapidshare free download,3gp,dvd,mp3,crack,warez • www.warpower.sk.mht
[2010.01.30 10:47:02 | 000,605,712 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\heroes V\Heroes of Might And Magic V - Sběratelská edice _CZ__ Rapidshare free download,3gp,dvd,mp3,crack,warez • www.warpower.sk.mht
[2010.01.30 10:46:50 | 000,660,395 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\heroes V\Heroes of Might and Magic V - Tribes of the East _CZ__ Rapidshare free download,3gp,dvd,mp3,crack,warez • www.warpower.sk.mht
[2003.09.26 11:57:18 | 000,033,744 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack1.wav
[2006.04.22 18:53:52 | 000,034,566 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack2.wav
[2006.04.22 18:54:36 | 000,034,698 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack3.wav
[2006.04.22 18:55:24 | 000,012,446 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack4.wav
[2001.07.18 12:44:58 | 000,005,938 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER1.WAV
[2001.07.18 12:44:58 | 000,007,985 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER2.WAV
[2001.07.18 12:44:58 | 000,021,036 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER3.WAV
[2001.07.18 12:44:58 | 000,034,667 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER4.WAV
[1995.07.09 14:41:16 | 000,000,403 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\Micro Machines 2\IL-CRACK.COM
[2011.05.20 14:21:36 | 001,752,934 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\Hot_CPU_Tester_Pro_4.41___Crack_IROCKSTAR_.rar
[2011.06.17 15:03:58 | 009,367,459 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\Red_Alert_3_1.12_Crack.rar
[2011.06.25 15:48:56 | 006,973,477 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\Terraria.v1.0.5.cracked-THETA.rar
[2011.02.18 16:13:50 | 000,093,440 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing Pack vol.3\Fonty\crackin.ttf
[2008.09.14 13:38:00 | 000,333,976 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing Pack vol.3\SoundFX\Electric Crackle.wav
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2010.05.29 22:41:56 | 000,114,899 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
[2013.03.04 21:26:02 | 000,076,652 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_0.xnb
[2013.03.04 21:26:02 | 000,034,846 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_NRM_0.xnb
[2013.03.04 21:27:53 | 000,063,448 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_0.xnb
[2013.03.04 21:27:49 | 000,037,594 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_nrm_0.xnb
[2013.03.04 21:26:57 | 000,004,354 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_0.xnb
[2013.03.04 21:26:04 | 000,004,058 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_NRM02_0.xnb
[2013.03.04 21:26:57 | 000,008,140 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked00_0.xnb
[2013.03.04 21:27:54 | 000,018,032 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked01_0.xnb
[2013.03.04 21:27:49 | 000,008,364 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked_NRM_0.xnb
[2013.02.18 22:03:04 | 000,015,502 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Shank 2\data-pc\canims\fire_crack.zip
[2010.07.04 20:46:05 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vmt
[2010.07.04 20:46:06 | 000,174,944 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vtf
[2010.07.04 20:46:06 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vmt
[2010.07.04 20:46:05 | 000,699,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vmt
[2010.07.04 20:46:05 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vtf
[2010.07.04 20:46:06 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vtf
[2010.07.04 20:46:05 | 000,000,143 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vmt
[2010.07.04 20:43:24 | 000,087,588 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vmt
[2010.07.04 20:43:24 | 001,398,308 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vtf
[2010.07.04 20:43:24 | 000,000,150 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vmt
[2010.07.04 20:43:24 | 000,087,532 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vmt
[2010.07.04 20:43:24 | 000,174,908 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vtf
[2010.07.04 21:50:42 | 000,150,012 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx80.vtx
[2010.07.04 21:50:42 | 000,149,958 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx90.vtx
[2010.07.04 21:50:42 | 000,109,264 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.mdl
[2010.07.04 21:50:42 | 000,149,443 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.sw.vtx
[2010.07.04 21:50:42 | 000,658,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.vvd
[2010.07.04 23:09:58 | 001,129,094 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\sound\BMS_scripted\app\wood_crack.wav
[2013.03.01 21:12:57 | 000,000,697 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimg812.imageshack.us%2Fimg812%2F3830%2Fcrackede.png
[2013.03.23 12:44:19 | 000,137,709 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\uTorrent\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu].torrent
[1996.10.11 02:20:00 | 000,010,873 | ---- | M] () -- \war2\WC2CRACK.EXE
< *keygen* /s >
[2010.04.22 15:12:22 | 000,073,216 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing-pack-vol.-7---Part-3-A\Fonty\Fonts 7\fonts\KLF\KLF\keygen.exe
[2010.04.22 14:12:22 | 000,073,216 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Fonty\Fonts 7\fonts\KLF\KLF\keygen.exe
< *loader* /s >
[1996.06.14 13:20:16 | 000,064,824 | ---- | M] () -- \Games\Stare hry\Z\C\Z\LOADER.LBM
[2012.11.19 12:06:52 | 000,068,688 | ---- | M] () -- \Games\TERA\Client\Binaries\PhysXLoader.dll
[2012.12.29 15:01:16 | 000,053,038 | ---- | M] () -- \Mrkew\mcserver\ForgeModLoader-server-0.log
[2012.12.29 14:54:26 | 000,000,000 | ---- | M] () -- \Mrkew\mcserver\ForgeModLoader-server-0.log.lck
[2012.12.29 14:53:22 | 000,043,380 | ---- | M] () -- \Mrkew\mcserver\ForgeModLoader-server-1.log
[2012.07.21 20:07:22 | 000,005,809 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ForgeModLoader-0.log
[2012.07.21 20:06:10 | 000,005,809 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ForgeModLoader-1.log
[2012.07.21 19:16:40 | 000,005,715 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ForgeModLoader-2.log
[2012.07.21 20:15:52 | 000,002,224 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ModLoader.txt
[2012.07.21 20:15:50 | 000,000,189 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\config\ModLoader.cfg
[2012.12.29 18:27:38 | 000,143,758 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ForgeModLoader-client-0.log
[2012.12.29 18:20:22 | 000,169,553 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ForgeModLoader-client-1.log
[2012.12.29 17:44:50 | 000,238,042 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ForgeModLoader-client-2.log
[2012.11.10 15:39:00 | 000,002,450 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ModLoader.txt
[2012.11.10 15:27:48 | 000,000,282 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\config\ModLoader.cfg
[2012.04.08 17:30:54 | 000,088,347 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoader 1.0.0.zip
[2012.04.08 17:04:30 | 000,024,636 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0.zip
[2011.12.31 11:38:12 | 000,040,731 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\ModLoader.class
[2011.12.31 11:38:12 | 000,008,630 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\ModLoaderMp.class
[2011.12.31 11:38:12 | 000,000,448 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\mod_ModLoaderMp.class
[2011.12.31 11:38:10 | 000,003,331 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\Packet230ModLoader.class
[2011.11.21 02:10:08 | 000,043,669 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoader 1.0.0\ModLoader.class
[2011.11.27 10:00:42 | 000,008,630 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0\ModLoaderMp.class
[2011.11.27 10:00:42 | 000,000,448 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0\mod_ModLoaderMp.class
[2011.11.27 10:00:42 | 000,003,253 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0\Packet230ModLoader.class
[2010.08.07 22:14:06 | 000,001,080 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\ikony\YouTube Downloader.lnk
[1996.06.14 13:20:16 | 000,064,824 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\173\z\LOADER.LBM
[2011.03.14 17:18:56 | 000,048,992 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\SecuROM_Loader_v7.26.rar
[2012.09.30 19:47:22 | 000,060,885 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\ForgeModLoader-0.log
[2012.08.24 01:30:54 | 000,102,869 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\ForgeModLoader-1.log
[2012.08.23 14:55:10 | 000,057,459 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\ForgeModLoader-2.log
[2012.07.31 03:47:52 | 000,001,980 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2012.11.28 22:47:50 | 000,011,314 | ---- | M] () -- \Mrkew2\mrkewpc\webptosek\cistka\eshop\admin\themes\default\img\ajax-loader.gif
[2012.11.28 22:47:52 | 000,000,109 | ---- | M] () -- \Mrkew2\mrkewpc\webptosek\cistka\eshop\admin\themes\default\img\bg_loaderSpace.png
[2012.03.13 13:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 11:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 11:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.04.04 21:56:58 | 000,052,960 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2013.04.04 21:56:58 | 000,232,672 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2013.04.04 21:56:58 | 001,714,400 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2012.02.23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.03.06 10:24:56 | 000,003,614 | ---- | M] () -- \Program Files (x86)\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.06 10:24:56 | 000,030,804 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.03.06 10:24:56 | 000,027,898 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.03.06 10:24:56 | 000,042,058 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.03.06 10:24:56 | 000,023,145 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.03.06 10:24:56 | 000,028,692 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.03.06 10:24:56 | 000,034,496 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.03.06 10:24:56 | 000,022,435 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.03.06 10:24:56 | 000,036,528 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.06 10:24:56 | 000,026,252 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.03.06 10:24:56 | 000,020,063 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.03.06 10:24:56 | 000,024,412 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.03.06 10:24:56 | 000,029,401 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.03.06 10:24:56 | 000,019,399 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.03.06 10:24:56 | 000,025,270 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.03.06 10:24:56 | 000,042,114 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.03.06 10:24:56 | 000,018,909 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.08.16 11:41:40 | 000,032,958 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.08.16 11:41:40 | 000,001,847 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.08.16 11:41:40 | 000,057,685 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.08.16 11:41:40 | 000,029,336 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.08.16 11:41:40 | 000,001,341 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.08.16 11:41:40 | 000,028,643 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.08.16 11:41:40 | 000,055,918 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.08.16 11:41:40 | 000,038,308 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.08.16 11:41:40 | 000,001,949 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.08.16 11:41:40 | 000,007,779 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.08.16 11:41:40 | 000,017,301 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.08.16 11:41:40 | 000,015,416 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.08.16 11:41:40 | 000,015,832 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.08.16 11:41:40 | 000,038,937 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.08.16 11:41:40 | 000,014,300 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.08.16 11:41:40 | 000,017,550 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2012.11.28 22:32:28 | 000,007,024 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.py
[2012.11.28 22:26:50 | 000,027,136 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.uno.dll
[2012.11.28 22:36:06 | 000,000,171 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.uno.ini
[2012.11.28 10:46:20 | 000,124,234 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\share\extensions\report-builder\libloader-1.1.6.jar
[2012.11.28 22:27:12 | 000,059,392 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\URE\bin\javaloader.uno.dll
[2012.11.28 04:49:02 | 000,004,488 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\URE\java\unoloader.jar
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.10 16:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.02.18 22:07:37 | 000,001,997 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Shank 2\data\attributes\dummyloader.lua
[2012.02.06 18:45:23 | 000,000,726 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body_normal.vtf
[2012.02.06 18:45:23 | 000,000,724 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg_normal.vtf
[2010.07.04 21:51:41 | 000,178,888 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx80.vtx
[2010.07.04 21:51:41 | 000,178,861 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx90.vtx
[2010.07.04 21:51:41 | 000,012,873 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.jpg
[2010.07.04 21:51:41 | 000,349,716 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.mdl
[2010.07.04 21:51:41 | 000,269,969 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.phy
[2010.07.04 21:51:41 | 000,178,517 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.sw.vtx
[2010.07.04 21:51:41 | 000,797,056 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.vvd
[2012.12.09 23:27:18 | 000,002,223 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_azul_preloader.swf
[2012.12.09 23:27:18 | 000,001,841 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_outline_preloader.swf
[2012.12.09 23:27:18 | 000,001,810 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_preloader.swf
[2012.12.09 23:27:18 | 000,002,173 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_blue_preloader.swf
[2012.12.09 23:27:18 | 000,028,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_large_preloader.swf
[2012.12.09 23:27:18 | 000,017,183 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_small_preloader.swf
[2012.12.09 23:27:18 | 000,002,140 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_gray_grad_preloader.swf
[2012.12.09 23:27:18 | 000,001,845 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_white_preloader.swf
[2012.12.09 23:27:18 | 000,002,278 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_azul_preloader.swf
[2012.12.09 23:27:18 | 000,001,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_outline_preloader.swf
[2012.12.09 23:27:18 | 000,001,863 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_preloader.swf
[2012.12.09 23:27:18 | 000,002,227 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_blue_preloader.swf
[2012.12.09 23:27:18 | 000,028,967 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_large_preloader.swf
[2012.12.09 23:27:18 | 000,017,248 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_small_preloader.swf
[2012.12.09 23:27:18 | 000,002,204 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_gray_grad_preloader.swf
[2012.12.09 23:27:18 | 000,001,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_white_preloader.swf
[2012.12.09 23:27:18 | 000,236,529 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\preloaders_src.zip
[2012.03.13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.04.06 14:56:26 | 000,623,104 | ---- | M] () -- \Program Files\ShareX\UploadersLib.dll
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 13:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012.07.10 00:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 13:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012.07.10 00:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2013.02.16 23:15:06 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZL4VTJG\1033661291-uploaderapi[1].swf
[2013.02.15 00:21:34 | 000,001,174 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZL4VTJG\downloader[1].js
[2013.02.14 20:41:23 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZL4VTJG\loader-vflff1Mjj[1].gif
[2013.03.15 23:18:14 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1RR6HPF3\loader-vflff1Mjj[1].gif
[2013.03.15 23:15:08 | 000,005,441 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1RR6HPF3\loader_large-vflin3vnt[1].gif
[2013.03.18 16:57:41 | 000,002,895 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XFVY9NK\rmsloaderdelayed[1].js
[2013.02.23 13:31:17 | 000,000,334 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KUGBU74\nr_loader.min[1].htm
[2013.02.26 14:28:35 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KUGBU74\uploaderapi2[2].swf
[2013.03.27 00:08:12 | 000,000,349 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7YZSDZNK\https_ajax_loader[1].htm
[2013.02.26 10:42:52 | 000,105,903 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.26 10:42:52 | 000,000,753 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\AdLoader[1].htm
[2013.02.23 13:31:25 | 000,000,334 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\nr_loader.min[1].htm
[2013.02.23 13:31:25 | 000,045,210 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\nr_loader.min[1].js
[2013.02.27 23:06:30 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\uploaderapi-vflEJW-MI[2].swf
[2013.03.26 22:54:38 | 000,001,775 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K95PIT1D\ajax-loader-grey_round[1].gif
[2013.03.01 14:40:29 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWVEQ6EH\2837998392-uploaderapi[1].swf
[2013.02.26 21:10:55 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWVEQ6EH\loader-vflff1Mjj[1].gif
[2013.03.26 22:54:42 | 000,001,786 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY7HK9F0\ad-loader[1].gif
[2013.03.10 13:18:34 | 000,105,903 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWD31MOX\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.03.18 18:27:46 | 000,004,178 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWD31MOX\ajax-loader[1].gif
[2013.03.25 22:23:11 | 000,004,178 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWD31MOX\ajax-loader[2].gif
[2013.02.27 23:05:32 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNYMVGR7\loader-vflff1Mjj[1].gif
[2013.02.23 13:31:18 | 000,045,210 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNYMVGR7\nr_loader.min[1].js
[2013.02.27 23:05:34 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNYMVGR7\uploaderapi-vflHmljoq[3].swf
[2013.04.17 21:41:33 | 000,141,216 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4PURC7Q\bi_downloader[1].exe
[2013.03.25 23:56:29 | 000,002,971 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4PURC7Q\loader[1].gif
[2013.03.25 23:50:02 | 000,002,516 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4PURC7Q\youtubeuploader[1].js
[2013.03.10 13:18:33 | 000,000,753 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYRIWFVQ\AdLoader[1].htm
[2013.03.18 18:27:39 | 000,004,178 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYRIWFVQ\ajax-loader[1].gif
[2013.03.25 22:47:53 | 000,002,895 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYRIWFVQ\rmsloaderdelayed[1].js
[2013.04.11 18:48:23 | 000,000,695 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\http%3A%2F%2Funlockbootloader.sonymobile.com%2Fprofiles%2Funlockbootloader%2Fthemes%2Funlockbootloader%2Ffavicon.png
[2013.04.11 18:48:23 | 000,000,169 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\unlockbootloader.sonymobile.com.idx
[2013.04.04 22:02:31 | 000,106,194 | ---- | M] () -- \Users\Mrkew\AppData\Local\Temp\avnwldrtemp\networkloader.log
[2013.04.20 21:10:45 | 000,025,317 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log
[2013.04.20 21:04:22 | 000,000,000 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.lck
[2013.04.20 15:39:01 | 000,022,555 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-1.log
[2013.04.20 15:26:03 | 000,022,197 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-2.log
[2009.10.12 16:55:00 | 000,004,967 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\base\AppLoader.class
[2009.10.12 17:02:18 | 000,020,263 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\base\StarterClassLoader.class
[2009.10.12 16:55:00 | 000,002,523 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\tool\COWClassLoader.class
[2013.04.17 17:01:12 | 000,003,542 | ---- | M] () -- \Users\Mrkew\Documents\ShareX\UploadersConfig.json
[2013.04.16 16:54:42 | 000,003,542 | ---- | M] () -- \Users\Mrkew\Documents\ShareX\UploadersConfig.json.bak
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.02.05 19:58:28 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.02.05 19:58:28 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.02.05 19:58:28 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.02.05 19:58:28 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.02.05 19:58:28 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,026,186 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[33 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\avast_ash\Adobe AIR\*.tmp files -> C:\Windows\Temp\avast_ash\Adobe AIR\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.20 21:10:44 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.minecraft
[2013.02.16 18:34:28 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\.mojam
[2013.04.21 09:55:08 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Adobe
[2013.04.21 12:02:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Audacity
[2013.04.04 22:02:49 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Avira
[2013.03.06 19:42:14 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Beat Hazard
[2013.02.17 13:26:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.04.17 21:46:18 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\DAEMON Tools Lite
[2013.04.22 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Dropbox
[2013.04.22 20:02:06 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\FileZilla
[2013.04.15 22:55:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\gtk-2.0
[2013.02.05 22:47:59 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Identities
[2013.03.16 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\inkscape
[2013.02.07 19:28:53 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\InstallShield
[2013.02.07 21:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\LibreOffice
[2013.02.05 22:56:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Macromedia
[2010.11.21 11:38:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Media Center Programs
[2013.04.20 22:33:50 | 000,000,000 | --SD | M] -- C:\Users\Mrkew\AppData\Roaming\Microsoft
[2013.02.27 23:40:24 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Mozilla
[2013.02.16 19:14:45 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\NVIDIA
[2013.02.15 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\OBS
[2013.02.15 00:20:23 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Opera
[2013.02.18 20:31:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PDAppFlex
[2013.02.19 22:36:15 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\PlayCatanClient
[2013.02.07 18:23:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Publish Providers
[2013.04.22 20:53:17 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Skype
[2013.02.16 19:11:02 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sony
[2013.04.13 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2
[2013.04.05 15:57:53 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TeamViewer
[2013.04.14 02:04:34 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\TechSmith
[2013.02.16 16:07:20 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Trillian
[2013.04.14 02:01:38 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Tunngle
[2013.04.06 20:27:13 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Ubisoft
[2013.04.17 21:51:31 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\uTorrent
[2013.04.21 11:50:46 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\vlc
[2013.04.04 21:14:50 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.0
[2013.04.04 21:13:07 | 000,000,000 | ---D | M] -- C:\Users\Mrkew\AppData\Roaming\Warsow 1.02
< %APPDATA%\*.exe /s >
[2013.04.05 00:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.04.05 00:42:48 | 000,207,000 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2013.01.05 00:29:10 | 000,906,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mrkew\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.02.17 13:26:08 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Mrkew\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.02.23 13:40:00 | 000,118,784 | ---- | M] (obsproject.com) -- C:\Users\Mrkew\AppData\Roaming\OBS\updates\updater.exe
[2013.03.10 18:59:52 | 000,992,028 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Backup\20130413121016\CSSTidy\win\csstidy.exe
[2013.04.13 12:10:19 | 000,992,028 | ---- | M] () -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Packages\CSSTidy\win\csstidy.exe
[2013.03.09 18:01:01 | 000,395,776 | ---- | M] (Simon Tatham) -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\psftp.exe
[2013.03.09 18:01:01 | 000,184,390 | ---- | M] (http://subversion.apache.org/) -- C:\Users\Mrkew\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\svn.exe
[2013.02.16 13:40:20 | 000,108,192 | ---- | M] (Conduit Ltd.) -- C:\Users\Mrkew\AppData\Roaming\uTorrent\ism.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 18:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"AdobeBridge" =
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2013.03.29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.03.14 10:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.22 20:18:37 | 000,000,512 | ---- | M] () MD5=1D832E77DA9F9639A7BC993F25E33910 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[1994.11.17 09:13:44 | 000,007,632 | ---- | M] () -- \Games\Stare hry\Warcraft\C\WARCRAFT\CRACK.EXE
[2012.02.03 16:07:10 | 001,099,940 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\BG\Extension_01\Original\EX01_BlackCrack_OBJ.gpk
[2012.02.03 16:29:52 | 008,695,706 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone.gpk
[2012.02.03 16:29:54 | 006,332,931 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone_ANI.gpk
[2012.07.25 14:45:18 | 003,335,217 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_NPC_OBJ.gpk
[2012.07.25 14:45:20 | 000,036,564 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_NPC_OBJ_ANI.gpk
[2011.12.14 08:41:08 | 000,685,163 | ---- | M] () -- \Games\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\Black_Crack_Wall.gpk
[2012.05.09 15:03:38 | 000,021,443 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\resources\evil-mod\evmc\sounds\crack.ogg
[2010.01.30 10:46:58 | 000,667,270 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\heroes V\Heroes of Might And Magic V - Hammers of Fate + CZ_ Rapidshare free download,3gp,dvd,mp3,crack,warez • www.warpower.sk.mht
[2010.01.30 10:47:02 | 000,605,712 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\heroes V\Heroes of Might And Magic V - Sběratelská edice _CZ__ Rapidshare free download,3gp,dvd,mp3,crack,warez • www.warpower.sk.mht
[2010.01.30 10:46:50 | 000,660,395 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\heroes V\Heroes of Might and Magic V - Tribes of the East _CZ__ Rapidshare free download,3gp,dvd,mp3,crack,warez • www.warpower.sk.mht
[2003.09.26 11:57:18 | 000,033,744 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack1.wav
[2006.04.22 18:53:52 | 000,034,566 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack2.wav
[2006.04.22 18:54:36 | 000,034,698 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack3.wav
[2006.04.22 18:55:24 | 000,012,446 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\stranded\stranded2_en\mods\Stranded II\sfx\crack4.wav
[2001.07.18 12:44:58 | 000,005,938 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER1.WAV
[2001.07.18 12:44:58 | 000,007,985 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER2.WAV
[2001.07.18 12:44:58 | 000,021,036 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER3.WAV
[2001.07.18 12:44:58 | 000,034,667 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\colonizationforwin\Colonization for Windows\CRACKER4.WAV
[1995.07.09 14:41:16 | 000,000,403 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\Micro Machines 2\IL-CRACK.COM
[2011.05.20 14:21:36 | 001,752,934 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\Hot_CPU_Tester_Pro_4.41___Crack_IROCKSTAR_.rar
[2011.06.17 15:03:58 | 009,367,459 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\Red_Alert_3_1.12_Crack.rar
[2011.06.25 15:48:56 | 006,973,477 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\Terraria.v1.0.5.cracked-THETA.rar
[2011.02.18 16:13:50 | 000,093,440 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing Pack vol.3\Fonty\crackin.ttf
[2008.09.14 13:38:00 | 000,333,976 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing Pack vol.3\SoundFX\Electric Crackle.wav
[2010.10.04 23:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2010.05.29 22:41:56 | 000,114,899 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
[2013.03.04 21:26:02 | 000,076,652 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_0.xnb
[2013.03.04 21:26:02 | 000,034,846 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_NRM_0.xnb
[2013.03.04 21:27:53 | 000,063,448 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_0.xnb
[2013.03.04 21:27:49 | 000,037,594 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_nrm_0.xnb
[2013.03.04 21:26:57 | 000,004,354 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_0.xnb
[2013.03.04 21:26:04 | 000,004,058 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_NRM02_0.xnb
[2013.03.04 21:26:57 | 000,008,140 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked00_0.xnb
[2013.03.04 21:27:54 | 000,018,032 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked01_0.xnb
[2013.03.04 21:27:49 | 000,008,364 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked_NRM_0.xnb
[2013.02.18 22:03:04 | 000,015,502 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Shank 2\data-pc\canims\fire_crack.zip
[2010.07.04 20:46:05 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vmt
[2010.07.04 20:46:06 | 000,174,944 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vtf
[2010.07.04 20:46:06 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vmt
[2010.07.04 20:46:05 | 000,699,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vmt
[2010.07.04 20:46:05 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vtf
[2010.07.04 20:46:06 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vtf
[2010.07.04 20:46:05 | 000,000,143 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vmt
[2010.07.04 20:43:24 | 000,087,588 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vmt
[2010.07.04 20:43:24 | 001,398,308 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vtf
[2010.07.04 20:43:24 | 000,000,150 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vmt
[2010.07.04 20:43:24 | 000,087,532 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vmt
[2010.07.04 20:43:24 | 000,174,908 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vtf
[2010.07.04 21:50:42 | 000,150,012 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx80.vtx
[2010.07.04 21:50:42 | 000,149,958 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx90.vtx
[2010.07.04 21:50:42 | 000,109,264 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.mdl
[2010.07.04 21:50:42 | 000,149,443 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.sw.vtx
[2010.07.04 21:50:42 | 000,658,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.vvd
[2010.07.04 23:09:58 | 001,129,094 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\sound\BMS_scripted\app\wood_crack.wav
[2013.03.01 21:12:57 | 000,000,697 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fimg812.imageshack.us%2Fimg812%2F3830%2Fcrackede.png
[2013.03.23 12:44:19 | 000,137,709 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\uTorrent\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu].torrent
[1996.10.11 02:20:00 | 000,010,873 | ---- | M] () -- \war2\WC2CRACK.EXE
< *keygen* /s >
[2010.04.22 15:12:22 | 000,073,216 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing-pack-vol.-7---Part-3-A\Fonty\Fonts 7\fonts\KLF\KLF\keygen.exe
[2010.04.22 14:12:22 | 000,073,216 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Fonty\Fonts 7\fonts\KLF\KLF\keygen.exe
< *loader* /s >
[1996.06.14 13:20:16 | 000,064,824 | ---- | M] () -- \Games\Stare hry\Z\C\Z\LOADER.LBM
[2012.11.19 12:06:52 | 000,068,688 | ---- | M] () -- \Games\TERA\Client\Binaries\PhysXLoader.dll
[2012.12.29 15:01:16 | 000,053,038 | ---- | M] () -- \Mrkew\mcserver\ForgeModLoader-server-0.log
[2012.12.29 14:54:26 | 000,000,000 | ---- | M] () -- \Mrkew\mcserver\ForgeModLoader-server-0.log.lck
[2012.12.29 14:53:22 | 000,043,380 | ---- | M] () -- \Mrkew\mcserver\ForgeModLoader-server-1.log
[2012.07.21 20:07:22 | 000,005,809 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ForgeModLoader-0.log
[2012.07.21 20:06:10 | 000,005,809 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ForgeModLoader-1.log
[2012.07.21 19:16:40 | 000,005,715 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ForgeModLoader-2.log
[2012.07.21 20:15:52 | 000,002,224 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\ModLoader.txt
[2012.07.21 20:15:50 | 000,000,189 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha\config\ModLoader.cfg
[2012.12.29 18:27:38 | 000,143,758 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ForgeModLoader-client-0.log
[2012.12.29 18:20:22 | 000,169,553 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ForgeModLoader-client-1.log
[2012.12.29 17:44:50 | 000,238,042 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ForgeModLoader-client-2.log
[2012.11.10 15:39:00 | 000,002,450 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\ModLoader.txt
[2012.11.10 15:27:48 | 000,000,282 | ---- | M] () -- \Mrkew2\mrkewpc\.minecraft\zaloha030113\config\ModLoader.cfg
[2012.04.08 17:30:54 | 000,088,347 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoader 1.0.0.zip
[2012.04.08 17:04:30 | 000,024,636 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0.zip
[2011.12.31 11:38:12 | 000,040,731 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\ModLoader.class
[2011.12.31 11:38:12 | 000,008,630 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\ModLoaderMp.class
[2011.12.31 11:38:12 | 000,000,448 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\mod_ModLoaderMp.class
[2011.12.31 11:38:10 | 000,003,331 | ---- | M] () -- \Mrkew2\mrkewpc\aether\Aether_1.04_1_Final\Aether_1.04_1_Final\Jar\Packet230ModLoader.class
[2011.11.21 02:10:08 | 000,043,669 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoader 1.0.0\ModLoader.class
[2011.11.27 10:00:42 | 000,008,630 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0\ModLoaderMp.class
[2011.11.27 10:00:42 | 000,000,448 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0\mod_ModLoaderMp.class
[2011.11.27 10:00:42 | 000,003,253 | ---- | M] () -- \Mrkew2\mrkewpc\aether\ModLoaderMp 1.0.0\Packet230ModLoader.class
[2010.08.07 22:14:06 | 000,001,080 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\ikony\YouTube Downloader.lnk
[1996.06.14 13:20:16 | 000,064,824 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\dc internet\hry instalovane\stareveci\173\z\LOADER.LBM
[2011.03.14 17:18:56 | 000,048,992 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\SecuROM_Loader_v7.26.rar
[2012.09.30 19:47:22 | 000,060,885 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\ForgeModLoader-0.log
[2012.08.24 01:30:54 | 000,102,869 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\ForgeModLoader-1.log
[2012.08.23 14:55:10 | 000,057,459 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\ForgeModLoader-2.log
[2012.07.31 03:47:52 | 000,001,980 | ---- | M] () -- \Mrkew2\mrkewpc\Tekkit_Server_3.1.2\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2012.11.28 22:47:50 | 000,011,314 | ---- | M] () -- \Mrkew2\mrkewpc\webptosek\cistka\eshop\admin\themes\default\img\ajax-loader.gif
[2012.11.28 22:47:52 | 000,000,109 | ---- | M] () -- \Mrkew2\mrkewpc\webptosek\cistka\eshop\admin\themes\default\img\bg_loaderSpace.png
[2012.03.13 13:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 11:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 11:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.04.04 21:56:58 | 000,052,960 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2013.04.04 21:56:58 | 000,232,672 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2013.04.04 21:56:58 | 001,714,400 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2012.02.23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2010.02.07 23:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 19:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 19:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 19:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 19:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 19:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 19:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 19:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 19:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 19:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 19:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 19:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 19:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 19:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 19:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 19:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 21:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.03.06 10:24:56 | 000,003,614 | ---- | M] () -- \Program Files (x86)\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.06 10:24:56 | 000,030,804 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.03.06 10:24:56 | 000,027,898 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.03.06 10:24:56 | 000,042,058 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.03.06 10:24:56 | 000,023,145 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.03.06 10:24:56 | 000,028,692 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.03.06 10:24:56 | 000,034,496 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.03.06 10:24:56 | 000,022,435 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.03.06 10:24:56 | 000,036,528 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.06 10:24:56 | 000,026,252 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.03.06 10:24:56 | 000,020,063 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.03.06 10:24:56 | 000,024,412 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.03.06 10:24:56 | 000,029,401 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.03.06 10:24:56 | 000,019,399 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.03.06 10:24:56 | 000,025,270 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.03.06 10:24:56 | 000,042,114 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.03.06 10:24:56 | 000,018,909 | ---- | M] () -- \Program Files (x86)\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.08.16 11:41:40 | 000,032,958 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.08.16 11:41:40 | 000,001,847 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.08.16 11:41:40 | 000,057,685 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.08.16 11:41:40 | 000,029,336 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.08.16 11:41:40 | 000,001,341 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.08.16 11:41:40 | 000,028,643 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.08.16 11:41:40 | 000,055,918 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.08.16 11:41:40 | 000,038,308 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.08.16 11:41:40 | 000,001,949 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.08.16 11:41:40 | 000,007,779 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.08.16 11:41:40 | 000,017,301 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.08.16 11:41:40 | 000,015,416 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.08.16 11:41:40 | 000,015,832 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.08.16 11:41:40 | 000,038,937 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.08.16 11:41:40 | 000,014,300 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.08.16 11:41:40 | 000,017,550 | ---- | M] () -- \Program Files (x86)\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2012.11.28 22:32:28 | 000,007,024 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.py
[2012.11.28 22:26:50 | 000,027,136 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.uno.dll
[2012.11.28 22:36:06 | 000,000,171 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\program\pythonloader.uno.ini
[2012.11.28 10:46:20 | 000,124,234 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\share\extensions\report-builder\libloader-1.1.6.jar
[2012.11.28 22:27:12 | 000,059,392 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\URE\bin\javaloader.uno.dll
[2012.11.28 04:49:02 | 000,004,488 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\URE\java\unoloader.jar
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.10 16:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.02.18 22:07:37 | 000,001,997 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Shank 2\data\attributes\dummyloader.lua
[2012.02.06 18:45:23 | 000,000,726 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body_normal.vtf
[2012.02.06 18:45:23 | 000,000,724 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg_normal.vtf
[2010.07.04 21:51:41 | 000,178,888 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx80.vtx
[2010.07.04 21:51:41 | 000,178,861 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx90.vtx
[2010.07.04 21:51:41 | 000,012,873 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.jpg
[2010.07.04 21:51:41 | 000,349,716 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.mdl
[2010.07.04 21:51:41 | 000,269,969 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.phy
[2010.07.04 21:51:41 | 000,178,517 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.sw.vtx
[2010.07.04 21:51:41 | 000,797,056 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.vvd
[2012.12.09 23:27:18 | 000,002,223 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_azul_preloader.swf
[2012.12.09 23:27:18 | 000,001,841 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_outline_preloader.swf
[2012.12.09 23:27:18 | 000,001,810 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_preloader.swf
[2012.12.09 23:27:18 | 000,002,173 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_blue_preloader.swf
[2012.12.09 23:27:18 | 000,028,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_large_preloader.swf
[2012.12.09 23:27:18 | 000,017,183 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_small_preloader.swf
[2012.12.09 23:27:18 | 000,002,140 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_gray_grad_preloader.swf
[2012.12.09 23:27:18 | 000,001,845 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_white_preloader.swf
[2012.12.09 23:27:18 | 000,002,278 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_azul_preloader.swf
[2012.12.09 23:27:18 | 000,001,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_outline_preloader.swf
[2012.12.09 23:27:18 | 000,001,863 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_preloader.swf
[2012.12.09 23:27:18 | 000,002,227 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_blue_preloader.swf
[2012.12.09 23:27:18 | 000,028,967 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_large_preloader.swf
[2012.12.09 23:27:18 | 000,017,248 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_small_preloader.swf
[2012.12.09 23:27:18 | 000,002,204 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_gray_grad_preloader.swf
[2012.12.09 23:27:18 | 000,001,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_white_preloader.swf
[2012.12.09 23:27:18 | 000,236,529 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\preloaders_src.zip
[2012.03.13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.04.06 14:56:26 | 000,623,104 | ---- | M] () -- \Program Files\ShareX\UploadersLib.dll
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 13:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012.07.10 00:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.01 13:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012.07.10 00:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2013.02.16 23:15:06 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZL4VTJG\1033661291-uploaderapi[1].swf
[2013.02.15 00:21:34 | 000,001,174 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZL4VTJG\downloader[1].js
[2013.02.14 20:41:23 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZL4VTJG\loader-vflff1Mjj[1].gif
[2013.03.15 23:18:14 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1RR6HPF3\loader-vflff1Mjj[1].gif
[2013.03.15 23:15:08 | 000,005,441 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1RR6HPF3\loader_large-vflin3vnt[1].gif
[2013.03.18 16:57:41 | 000,002,895 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XFVY9NK\rmsloaderdelayed[1].js
[2013.02.23 13:31:17 | 000,000,334 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KUGBU74\nr_loader.min[1].htm
[2013.02.26 14:28:35 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2KUGBU74\uploaderapi2[2].swf
[2013.03.27 00:08:12 | 000,000,349 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7YZSDZNK\https_ajax_loader[1].htm
[2013.02.26 10:42:52 | 000,105,903 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.26 10:42:52 | 000,000,753 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\AdLoader[1].htm
[2013.02.23 13:31:25 | 000,000,334 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\nr_loader.min[1].htm
[2013.02.23 13:31:25 | 000,045,210 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\nr_loader.min[1].js
[2013.02.27 23:06:30 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXWWR75J\uploaderapi-vflEJW-MI[2].swf
[2013.03.26 22:54:38 | 000,001,775 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K95PIT1D\ajax-loader-grey_round[1].gif
[2013.03.01 14:40:29 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWVEQ6EH\2837998392-uploaderapi[1].swf
[2013.02.26 21:10:55 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWVEQ6EH\loader-vflff1Mjj[1].gif
[2013.03.26 22:54:42 | 000,001,786 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY7HK9F0\ad-loader[1].gif
[2013.03.10 13:18:34 | 000,105,903 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWD31MOX\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.03.18 18:27:46 | 000,004,178 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWD31MOX\ajax-loader[1].gif
[2013.03.25 22:23:11 | 000,004,178 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWD31MOX\ajax-loader[2].gif
[2013.02.27 23:05:32 | 000,000,433 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNYMVGR7\loader-vflff1Mjj[1].gif
[2013.02.23 13:31:18 | 000,045,210 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNYMVGR7\nr_loader.min[1].js
[2013.02.27 23:05:34 | 000,004,276 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UNYMVGR7\uploaderapi-vflHmljoq[3].swf
[2013.04.17 21:41:33 | 000,141,216 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4PURC7Q\bi_downloader[1].exe
[2013.03.25 23:56:29 | 000,002,971 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4PURC7Q\loader[1].gif
[2013.03.25 23:50:02 | 000,002,516 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W4PURC7Q\youtubeuploader[1].js
[2013.03.10 13:18:33 | 000,000,753 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYRIWFVQ\AdLoader[1].htm
[2013.03.18 18:27:39 | 000,004,178 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYRIWFVQ\ajax-loader[1].gif
[2013.03.25 22:47:53 | 000,002,895 | ---- | M] () -- \Users\Mrkew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYRIWFVQ\rmsloaderdelayed[1].js
[2013.04.11 18:48:23 | 000,000,695 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\http%3A%2F%2Funlockbootloader.sonymobile.com%2Fprofiles%2Funlockbootloader%2Fthemes%2Funlockbootloader%2Ffavicon.png
[2013.04.11 18:48:23 | 000,000,169 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\unlockbootloader.sonymobile.com.idx
[2013.04.04 22:02:31 | 000,106,194 | ---- | M] () -- \Users\Mrkew\AppData\Local\Temp\avnwldrtemp\networkloader.log
[2013.04.20 21:10:45 | 000,025,317 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log
[2013.04.20 21:04:22 | 000,000,000 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.lck
[2013.04.20 15:39:01 | 000,022,555 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-1.log
[2013.04.20 15:26:03 | 000,022,197 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\.minecraft\ForgeModLoader-client-2.log
[2009.10.12 16:55:00 | 000,004,967 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\base\AppLoader.class
[2009.10.12 17:02:18 | 000,020,263 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\base\StarterClassLoader.class
[2009.10.12 16:55:00 | 000,002,523 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\tool\COWClassLoader.class
[2013.04.17 17:01:12 | 000,003,542 | ---- | M] () -- \Users\Mrkew\Documents\ShareX\UploadersConfig.json
[2013.04.16 16:54:42 | 000,003,542 | ---- | M] () -- \Users\Mrkew\Documents\ShareX\UploadersConfig.json.bak
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.02.05 19:58:28 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.02.05 19:58:28 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.02.05 19:58:28 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.02.05 19:58:28 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.02.05 19:58:28 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
Re: Prosím o zkontrolování logu
< *minodlogin* /s >
< *tnod* /s >
[1997.12.06 02:07:30 | 000,000,142 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\fallout\fallout_pnp_2_01_cz\fallout_pnp_2_01_cz\images\pg_blastnode.gif
[1998.01.14 00:57:20 | 000,000,125 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\fallout\fallout_pnp_2_01_cz\fallout_pnp_2_01_cz\images\pg_bmlastnode.gif
[1998.01.14 00:59:04 | 000,000,130 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\fallout\fallout_pnp_2_01_cz\fallout_pnp_2_01_cz\images\pg_bplastnode.gif
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013.01.27 16:08:30 | 000,487,662 | ---- | M] () -- \Bordel\serialslide01.pdf
[2013.01.27 13:49:23 | 001,111,346 | ---- | M] () -- \Bordel\serial_slide2.pdf
[2013.01.27 15:36:52 | 001,112,196 | ---- | M] () -- \Bordel\serial_slide22.pdf
[2013.01.27 16:04:23 | 001,116,239 | ---- | M] () -- \Mrkew\Skola\serialslide01.png
[2010.07.17 05:14:38 | 000,067,529 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\odkazy\www.heroes-serial.estranky.cz - Série 3 - Série 3.mht
[2011.12.30 17:30:42 | 000,000,593 | ---- | M] () -- \Mrkew2\mrkewpc\Downloads\serial.txt
[2003.07.19 20:01:00 | 000,013,916 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing Pack vol.1\Písma\USAAF_Serial_Stencil.ttf
[2006.04.16 18:06:44 | 000,057,836 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\ep\Fonty\LimerickCdSerial-LightItalic.ttf
[2004.02.04 22:39:28 | 000,130,134 | ---- | M] () -- \Program Files (x86)\Common Files\Crystal Decisions\2.5\bin\saxmlserialize.dll
[2004.02.04 22:29:52 | 000,055,903 | ---- | M] () -- \Program Files (x86)\Common Files\Crystal Decisions\2.5\bin\saxmlserialize_res_en.dll
[2012.11.28 10:46:20 | 000,021,761 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\share\extensions\report-builder\libserializer-1.1.6.jar
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.04.14 13:34:55 | 000,000,648 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\the binding of isaac\serial.txt
[2013.03.03 17:53:27 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\mrkew21\source sdk base 2007\bin\dmserializers.dll
[2013.03.23 18:32:33 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\mrkew21\team fortress 2\bin\dmserializers.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.01.23 11:28:06 | 000,321,848 | ---- | M] () -- \Program Files\Sony\Vegas Pro 12.0\CoreUI.XmlSerializers.dll
[2013.01.23 11:28:10 | 000,461,112 | ---- | M] () -- \Program Files\Sony\Vegas Pro 12.0\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2013.02.21 17:51:50 | 000,000,332 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\http%3A%2F%2Ftrickazeserialu.cz%2Ffavicon.png
[2013.02.21 17:51:50 | 000,000,073 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\trickazeserialu.cz.idx
[2013.04.21 01:38:02 | 000,001,266 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\Microsoft\Windows\Recent\USAAF_Serial_Stencil.lnk
[2011.07.20 10:37:44 | 000,007,972 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\base\SerialFrame.class
[2013.02.16 13:31:01 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.17 14:29:28 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.02.17 14:28:49 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 20:47:33 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.02.17 20:46:23 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 21:12:15 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 21:12:37 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.02.17 21:16:12 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.02.17 21:01:20 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.02.17 21:03:29 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 21:09:27 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.02.05 21:33:24 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.17 03:42:22 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.02.05 21:33:24 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.17 03:42:21 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.17 03:42:27 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2003.02.21 08:26:56 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 11:27:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.21 11:27:07 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.02.05 19:58:28 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.02.05 19:58:28 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010.11.21 11:26:35 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
OTL Extras logfile created on: 22.4.2013 20:14:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mrkew\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 49,34% Memory free
7,99 Gb Paging File | 5,61 Gb Available in Paging File | 70,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 65,53 Gb Free Space | 14,07% Space Free | Partition Type: NTFS
Drive E: | 495,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MRKEW-NTB | User Name: Mrkew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1871362649-4237718759-919936708-1002\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A034F4-D9BE-4DC7-98D3-AF58B8D2EFAE}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{03BD8C6F-A82B-4551-A5FF-A21C198437E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{128C1712-FD91-4E58-A0A1-83083AFF309B}" = protocol=17 | dir=in | app=c:\games\anno 1404\tools\benchmark.exe |
"{1381FEF1-A4F7-4527-8061-AADF60007B69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{28323A3D-D4BD-4C1E-83EC-50BF6D63C3D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{35404F6F-FF73-4B24-8626-D99B32831F40}" = protocol=6 | dir=in | app=c:\games\anno 1404\tools\benchmark.exe |
"{38170158-13AB-4C62-89C5-54CADCA8425D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{3B9BABEC-A34C-415A-A8FA-7BB5DCE6CB73}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{45EFA5B9-7E1C-4B21-ADD3-60090EFD08BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{5693AB7B-1C4D-4AC1-B948-81EA82E5C018}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{6495B7BC-537F-405A-BEDD-11E195AC0BA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{67085DD0-77BE-46FD-A810-19C7271B75BC}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{6BEFC1DD-FBCA-4D06-ABF9-6FBEC688CB1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{706908C3-B87F-420C-8094-672E38C14EA4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{72185367-934F-43BF-A586-605589DEFBE7}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7999341B-AB7B-41E0-BA4A-29923B542A74}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shank 2\bin\shank2.exe |
"{7BF4836E-60D0-4767-A4E5-10AD7E021B80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{85C78CAA-A300-43BE-88C9-63BEF9FE8A73}" = protocol=17 | dir=in | app=c:\users\mrkew\appdata\roaming\dropbox\bin\dropbox.exe |
"{8FD82535-B58C-41CA-93AF-08CA976F25D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shatter.exe |
"{91EF5B9A-003C-4465-9479-AE827F5C5F55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{96177935-9E4A-4F38-B920-FDAB4599B9A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A378F8D4-7088-4DD9-A1CC-5E868AAA7907}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{A927E99A-E032-4F27-ABBA-D17A26516327}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shattersettingseditor.exe |
"{ADF60A5D-CFC8-4C61-BE22-2F31A6DF4626}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{B106A5A0-FE89-449B-8658-9837051E5DE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B8561811-A97B-47AF-962C-E9064E67F862}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{BB0F5B9D-2522-43A2-A4EB-9C01FC978073}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shatter.exe |
"{BD870ED7-FDD9-4888-A9F0-D789AA209B92}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{BFF3AE2E-ADB9-4AE8-8BC5-25E3CB2E1F7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{C41356B6-D8EB-45D5-943F-07D3F17CE64D}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CD0C1769-C528-4B22-9FD5-6DD0A7AD3F1F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{D0EF0EC2-DB26-467D-93E9-414AD0EEF2A2}" = protocol=17 | dir=in | app=c:\games\anno 1404\anno4.exe |
"{DB145735-EFDE-4479-BC23-E172DFC5623C}" = protocol=6 | dir=in | app=c:\users\mrkew\appdata\roaming\dropbox\bin\dropbox.exe |
"{DF2FF2CD-B707-4925-919D-8CA7ED8242CA}" = protocol=6 | dir=in | app=c:\games\anno 1404\anno4.exe |
"{E48B9FC2-84E8-434B-96F0-4858C89322C3}" = protocol=17 | dir=in | app=c:\games\anno 1404\tools\anno4web.exe |
"{E5E99759-9DCE-4CC1-839C-D16112FBBAE4}" = protocol=6 | dir=in | app=c:\games\anno 1404\tools\anno4web.exe |
"{E60D2478-A272-41D6-B8F2-E8B2230F0A1F}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{EB71DC81-1861-472E-8878-0A09E9187C0E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shattersettingseditor.exe |
"{ED3542E1-247B-4AEE-8AEB-BEA1E6CFF41E}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{EEC0DC63-AC33-4762-BD9F-20253A1C76B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shank 2\bin\shank2.exe |
"{EF147518-2A1F-4CCB-9F6F-6AA08017D2C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{F4185DA5-3261-4D09-A5A9-63B588F47031}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{F5F8FEA2-7979-45AE-9B55-9CA46A0950D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F787BD9A-8CB5-4345-9686-10BA2B7A8EEA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{FF711A52-B9C6-4E6C-BC69-560BF7D2EB32}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{96DF1557-042C-41B6-9445-C3B3DFBB3AFF}C:\games\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\games\tera\tera-launcher.exe |
"TCP Query User{9E106B26-69C7-484E-AE02-FD9115DB3F01}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{D4997314-C287-4032-8B6F-586A4CE15D66}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1B91894E-48BE-4B1D-BA47-E1AE74D4E903}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D0272467-4918-49B0-BD74-77D35A0E1F72}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{E1B33D87-99DE-42B7-906D-78BC3E9C08A4}C:\games\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\games\tera\tera-launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb" = Dungeon Keeper 2
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7963F870-6575-11E2-A4D9-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{7E708ADE-6575-11E2-8713-F04DA23A5C58}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{E28F112D-4784-4466-AE4B-07B3630C857F}" = Oracle VM VirtualBox 4.2.10
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1" = ShareX 7.0.1.351
"DDAB5FC44964BD27F18121236A6EB5719FB86ECC" = Balíček ovladače systému Windows - Ralink Technology, Corp. (netr28x) Net (07/06/2010 3.01.08.0001)
"EPSON SX420W Series" = EPSON SX420W Series Printer Uninstall
"HWiNFO64_is1" = HWiNFO64 Version 4.12
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Sublime Text 2_is1" = Sublime Text 2.0.1
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"VLC media player" = VLC media player 2.0.5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 1.02
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{518A54AE-002F-406F-BB48-620676AB9960}" = Anno 1404
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}" = LibreOffice 3.6
"{6C250969-BFBA-469D-896F-7A02450BB98C}" = OrCAD 10.5 Demo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{91FD3E1D-FE00-4ECB-8379-204704812A9D}" = Crystal10
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 GOLD
"{DB93E2C2-851F-44B2-B09C-351D2C624AE1}" = Camtasia Studio 8
"{DE43AA92-E8C0-4620-AFE2-FBD623C71643}" = Sizer 3.34
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.3.1
"Audacity_is1" = Audacity 2.0.3
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battle for Wesnoth 1.11.1" = Battle for Wesnoth 1.11.1
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dungeon Keeper 2" = Dungeon Keeper 2
"Dungeon Keeper 2 CZ ver.1.0." = Dungeon Keeper 2 CZ ver.1.0.
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.6.0.2
"FormatFactory" = FormatFactory 3.00
"Fraps" = Fraps (remove only)
"IDroo" = IDroo 1.0.0.186
"Inkscape" = Inkscape 0.48.4
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Open Broadcaster Software" = Open Broadcaster Software
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"PlayCatan Client" = PlayCatan Access Software
"Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood
"StarCraft II" = StarCraft II
"Steam App 102840" = Shank 2
"Steam App 113200" = The Binding of Isaac
"Steam App 1520" = DEFCON
"Steam App 20820" = Shatter
"Steam App 218" = Source SDK Base 2007
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 4570" = Warhammer 40,000: Dawn of War - Game of the Year Edition
"Steam App 48000" = LIMBO
"Steam App 49600" = Beat Hazard
"Steam App 550" = Left 4 Dead 2
"Steam App 620" = Portal 2
"StonekeepDEMO79" = DJ OldGames Package: Stonekeep (DEMO)
"Trillian" = Trillian
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"WarcraftIITidesofDarknes98" = DJ OldGames Package: Warcraft II: Tides of Darknes
"WarcraftOrcsHumans12" = DJ OldGames Package: Warcraft: Orcs & Humans
"WinGimp-2.0_is1" = GIMP 2.6.11
"ZedBitmapBrothers10" = DJ OldGames Package: Z
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1871362649-4237718759-919936708-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Opera 12.15.1748" = Opera 12.15
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.4.2013 4:19:09 | Computer Name = Mrkew-NTB | Source = NVIDIA OpenGL Driver | ID = 1
Description = The NVIDIA OpenGL driver detected a problem with the display driver
and is unable to continue. The application must close. Error code: 3 Visit http://www.nvidia.com/page/support.html
for more information.
Error - 21.4.2013 4:19:09 | Computer Name = Mrkew-NTB | Source = NVIDIA OpenGL Driver | ID = 1
Description = The NVIDIA OpenGL driver detected a problem with the display driver
and is unable to continue. The application must close. Error code: 3 Visit http://www.nvidia.com/page/support.html
for more information.
Error - 21.4.2013 4:20:22 | Computer Name = Mrkew-NTB | Source = Application Hang | ID = 1002
Description = Program Photoshop.exe verze 13.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
f30 Čas spuštění: 01ce3e6413c89fd0 Čas ukončení: 60 Cesta k aplikaci: C:\Program Files\Adobe\Adobe
Photoshop CS6 (64 Bit)\Photoshop.exe ID hlášení:
Error - 21.4.2013 17:29:48 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 18:22:08 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 18:37:40 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 18:47:19 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 19:10:01 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 22.4.2013 8:25:02 | Computer Name = Mrkew-NTB | Source = WinMgmt | ID = 10
Description =
Error - 22.4.2013 8:29:11 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
[ System Events ]
Error - 20.4.2013 9:29:33 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 20.4.2013 9:42:49 | Computer Name = Mrkew-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:40:49, ?20.?4.?2013) bylo neočekávané.
Error - 20.4.2013 9:43:18 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 20.4.2013 10:25:20 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).
Error - 20.4.2013 10:25:20 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 21.4.2013 3:00:58 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 21.4.2013 8:20:52 | Computer Name = Mrkew-NTB | Source = bowser | ID = 8003
Description =
Error - 21.4.2013 8:38:33 | Computer Name = Mrkew-NTB | Source = BROWSER | ID = 8032
Description =
Error - 22.4.2013 8:24:09 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 22.4.2013 9:29:53 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
< End of report >
< *tnod* /s >
[1997.12.06 02:07:30 | 000,000,142 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\fallout\fallout_pnp_2_01_cz\fallout_pnp_2_01_cz\images\pg_blastnode.gif
[1998.01.14 00:57:20 | 000,000,125 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\fallout\fallout_pnp_2_01_cz\fallout_pnp_2_01_cz\images\pg_bmlastnode.gif
[1998.01.14 00:59:04 | 000,000,130 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\fallout\fallout_pnp_2_01_cz\fallout_pnp_2_01_cz\images\pg_bplastnode.gif
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013.01.27 16:08:30 | 000,487,662 | ---- | M] () -- \Bordel\serialslide01.pdf
[2013.01.27 13:49:23 | 001,111,346 | ---- | M] () -- \Bordel\serial_slide2.pdf
[2013.01.27 15:36:52 | 001,112,196 | ---- | M] () -- \Bordel\serial_slide22.pdf
[2013.01.27 16:04:23 | 001,116,239 | ---- | M] () -- \Mrkew\Skola\serialslide01.png
[2010.07.17 05:14:38 | 000,067,529 | ---- | M] () -- \Mrkew2\mrkewpc\byvaly pc - uklid\datanapokra\data na pokracovani\odkazy\www.heroes-serial.estranky.cz - Série 3 - Série 3.mht
[2011.12.30 17:30:42 | 000,000,593 | ---- | M] () -- \Mrkew2\mrkewpc\Downloads\serial.txt
[2003.07.19 20:01:00 | 000,013,916 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\Editing Pack vol.1\Písma\USAAF_Serial_Stencil.ttf
[2006.04.16 18:06:44 | 000,057,836 | ---- | M] () -- \Mrkew2\mrkewpc\editing pack\ep\Fonty\LimerickCdSerial-LightItalic.ttf
[2004.02.04 22:39:28 | 000,130,134 | ---- | M] () -- \Program Files (x86)\Common Files\Crystal Decisions\2.5\bin\saxmlserialize.dll
[2004.02.04 22:29:52 | 000,055,903 | ---- | M] () -- \Program Files (x86)\Common Files\Crystal Decisions\2.5\bin\saxmlserialize_res_en.dll
[2012.11.28 10:46:20 | 000,021,761 | ---- | M] () -- \Program Files (x86)\LibreOffice 3.6\share\extensions\report-builder\libserializer-1.1.6.jar
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.04.14 13:34:55 | 000,000,648 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\the binding of isaac\serial.txt
[2013.03.03 17:53:27 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\mrkew21\source sdk base 2007\bin\dmserializers.dll
[2013.03.23 18:32:33 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\mrkew21\team fortress 2\bin\dmserializers.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.01.23 11:28:06 | 000,321,848 | ---- | M] () -- \Program Files\Sony\Vegas Pro 12.0\CoreUI.XmlSerializers.dll
[2013.01.23 11:28:10 | 000,461,112 | ---- | M] () -- \Program Files\Sony\Vegas Pro 12.0\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2013.02.21 17:51:50 | 000,000,332 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\http%3A%2F%2Ftrickazeserialu.cz%2Ffavicon.png
[2013.02.21 17:51:50 | 000,000,073 | ---- | M] () -- \Users\Mrkew\AppData\Local\Opera\Opera\icons\trickazeserialu.cz.idx
[2013.04.21 01:38:02 | 000,001,266 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\Microsoft\Windows\Recent\USAAF_Serial_Stencil.lnk
[2011.07.20 10:37:44 | 000,007,972 | ---- | M] () -- \Users\Mrkew\AppData\Roaming\PlayCatanClient\de\brettspielwelt\client\base\SerialFrame.class
[2013.02.16 13:31:01 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.17 14:29:28 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.02.17 14:28:49 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 20:47:33 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.02.17 20:46:23 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 21:12:15 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 21:12:37 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.02.17 21:16:12 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.02.17 21:01:20 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.02.17 21:03:29 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.02.17 21:09:27 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.02.05 21:33:24 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.17 03:42:22 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.02.05 21:33:24 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.17 03:42:21 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.17 03:42:27 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2003.02.21 08:26:56 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 11:27:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.21 11:27:07 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.02.05 19:58:28 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.02.05 19:58:28 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010.11.21 11:26:35 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
< End of report >
OTL Extras logfile created on: 22.4.2013 20:14:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mrkew\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 49,34% Memory free
7,99 Gb Paging File | 5,61 Gb Available in Paging File | 70,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 65,53 Gb Free Space | 14,07% Space Free | Partition Type: NTFS
Drive E: | 495,48 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MRKEW-NTB | User Name: Mrkew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1871362649-4237718759-919936708-1002\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A034F4-D9BE-4DC7-98D3-AF58B8D2EFAE}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{03BD8C6F-A82B-4551-A5FF-A21C198437E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{128C1712-FD91-4E58-A0A1-83083AFF309B}" = protocol=17 | dir=in | app=c:\games\anno 1404\tools\benchmark.exe |
"{1381FEF1-A4F7-4527-8061-AADF60007B69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{28323A3D-D4BD-4C1E-83EC-50BF6D63C3D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{35404F6F-FF73-4B24-8626-D99B32831F40}" = protocol=6 | dir=in | app=c:\games\anno 1404\tools\benchmark.exe |
"{38170158-13AB-4C62-89C5-54CADCA8425D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{3B9BABEC-A34C-415A-A8FA-7BB5DCE6CB73}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{45EFA5B9-7E1C-4B21-ADD3-60090EFD08BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{5693AB7B-1C4D-4AC1-B948-81EA82E5C018}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{6495B7BC-537F-405A-BEDD-11E195AC0BA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{67085DD0-77BE-46FD-A810-19C7271B75BC}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{6BEFC1DD-FBCA-4D06-ABF9-6FBEC688CB1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{706908C3-B87F-420C-8094-672E38C14EA4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{72185367-934F-43BF-A586-605589DEFBE7}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7999341B-AB7B-41E0-BA4A-29923B542A74}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shank 2\bin\shank2.exe |
"{7BF4836E-60D0-4767-A4E5-10AD7E021B80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{85C78CAA-A300-43BE-88C9-63BEF9FE8A73}" = protocol=17 | dir=in | app=c:\users\mrkew\appdata\roaming\dropbox\bin\dropbox.exe |
"{8FD82535-B58C-41CA-93AF-08CA976F25D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shatter.exe |
"{91EF5B9A-003C-4465-9479-AE827F5C5F55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{96177935-9E4A-4F38-B920-FDAB4599B9A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A378F8D4-7088-4DD9-A1CC-5E868AAA7907}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{A927E99A-E032-4F27-ABBA-D17A26516327}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shattersettingseditor.exe |
"{ADF60A5D-CFC8-4C61-BE22-2F31A6DF4626}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{B106A5A0-FE89-449B-8658-9837051E5DE8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B8561811-A97B-47AF-962C-E9064E67F862}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{BB0F5B9D-2522-43A2-A4EB-9C01FC978073}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shatter.exe |
"{BD870ED7-FDD9-4888-A9F0-D789AA209B92}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{BFF3AE2E-ADB9-4AE8-8BC5-25E3CB2E1F7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war gold\w40k.exe |
"{C41356B6-D8EB-45D5-943F-07D3F17CE64D}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CD0C1769-C528-4B22-9FD5-6DD0A7AD3F1F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{D0EF0EC2-DB26-467D-93E9-414AD0EEF2A2}" = protocol=17 | dir=in | app=c:\games\anno 1404\anno4.exe |
"{DB145735-EFDE-4479-BC23-E172DFC5623C}" = protocol=6 | dir=in | app=c:\users\mrkew\appdata\roaming\dropbox\bin\dropbox.exe |
"{DF2FF2CD-B707-4925-919D-8CA7ED8242CA}" = protocol=6 | dir=in | app=c:\games\anno 1404\anno4.exe |
"{E48B9FC2-84E8-434B-96F0-4858C89322C3}" = protocol=17 | dir=in | app=c:\games\anno 1404\tools\anno4web.exe |
"{E5E99759-9DCE-4CC1-839C-D16112FBBAE4}" = protocol=6 | dir=in | app=c:\games\anno 1404\tools\anno4web.exe |
"{E60D2478-A272-41D6-B8F2-E8B2230F0A1F}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{EB71DC81-1861-472E-8878-0A09E9187C0E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shattersettingseditor.exe |
"{ED3542E1-247B-4AEE-8AEB-BEA1E6CFF41E}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{EEC0DC63-AC33-4762-BD9F-20253A1C76B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shank 2\bin\shank2.exe |
"{EF147518-2A1F-4CCB-9F6F-6AA08017D2C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{F4185DA5-3261-4D09-A5A9-63B588F47031}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{F5F8FEA2-7979-45AE-9B55-9CA46A0950D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F787BD9A-8CB5-4345-9686-10BA2B7A8EEA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{FF711A52-B9C6-4E6C-BC69-560BF7D2EB32}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{96DF1557-042C-41B6-9445-C3B3DFBB3AFF}C:\games\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\games\tera\tera-launcher.exe |
"TCP Query User{9E106B26-69C7-484E-AE02-FD9115DB3F01}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{D4997314-C287-4032-8B6F-586A4CE15D66}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1B91894E-48BE-4B1D-BA47-E1AE74D4E903}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D0272467-4918-49B0-BD74-77D35A0E1F72}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{E1B33D87-99DE-42B7-906D-78BC3E9C08A4}C:\games\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\games\tera\tera-launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb" = Dungeon Keeper 2
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7963F870-6575-11E2-A4D9-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{7E708ADE-6575-11E2-8713-F04DA23A5C58}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{E28F112D-4784-4466-AE4B-07B3630C857F}" = Oracle VM VirtualBox 4.2.10
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1" = ShareX 7.0.1.351
"DDAB5FC44964BD27F18121236A6EB5719FB86ECC" = Balíček ovladače systému Windows - Ralink Technology, Corp. (netr28x) Net (07/06/2010 3.01.08.0001)
"EPSON SX420W Series" = EPSON SX420W Series Printer Uninstall
"HWiNFO64_is1" = HWiNFO64 Version 4.12
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Sublime Text 2_is1" = Sublime Text 2.0.1
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"VLC media player" = VLC media player 2.0.5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 1.02
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{518A54AE-002F-406F-BB48-620676AB9960}" = Anno 1404
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}" = LibreOffice 3.6
"{6C250969-BFBA-469D-896F-7A02450BB98C}" = OrCAD 10.5 Demo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{91FD3E1D-FE00-4ECB-8379-204704812A9D}" = Crystal10
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 GOLD
"{DB93E2C2-851F-44B2-B09C-351D2C624AE1}" = Camtasia Studio 8
"{DE43AA92-E8C0-4620-AFE2-FBD623C71643}" = Sizer 3.34
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.3.1
"Audacity_is1" = Audacity 2.0.3
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battle for Wesnoth 1.11.1" = Battle for Wesnoth 1.11.1
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dungeon Keeper 2" = Dungeon Keeper 2
"Dungeon Keeper 2 CZ ver.1.0." = Dungeon Keeper 2 CZ ver.1.0.
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.6.0.2
"FormatFactory" = FormatFactory 3.00
"Fraps" = Fraps (remove only)
"IDroo" = IDroo 1.0.0.186
"Inkscape" = Inkscape 0.48.4
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Open Broadcaster Software" = Open Broadcaster Software
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"PlayCatan Client" = PlayCatan Access Software
"Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood
"StarCraft II" = StarCraft II
"Steam App 102840" = Shank 2
"Steam App 113200" = The Binding of Isaac
"Steam App 1520" = DEFCON
"Steam App 20820" = Shatter
"Steam App 218" = Source SDK Base 2007
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 4570" = Warhammer 40,000: Dawn of War - Game of the Year Edition
"Steam App 48000" = LIMBO
"Steam App 49600" = Beat Hazard
"Steam App 550" = Left 4 Dead 2
"Steam App 620" = Portal 2
"StonekeepDEMO79" = DJ OldGames Package: Stonekeep (DEMO)
"Trillian" = Trillian
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"WarcraftIITidesofDarknes98" = DJ OldGames Package: Warcraft II: Tides of Darknes
"WarcraftOrcsHumans12" = DJ OldGames Package: Warcraft: Orcs & Humans
"WinGimp-2.0_is1" = GIMP 2.6.11
"ZedBitmapBrothers10" = DJ OldGames Package: Z
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1871362649-4237718759-919936708-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Opera 12.15.1748" = Opera 12.15
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.4.2013 4:19:09 | Computer Name = Mrkew-NTB | Source = NVIDIA OpenGL Driver | ID = 1
Description = The NVIDIA OpenGL driver detected a problem with the display driver
and is unable to continue. The application must close. Error code: 3 Visit http://www.nvidia.com/page/support.html
for more information.
Error - 21.4.2013 4:19:09 | Computer Name = Mrkew-NTB | Source = NVIDIA OpenGL Driver | ID = 1
Description = The NVIDIA OpenGL driver detected a problem with the display driver
and is unable to continue. The application must close. Error code: 3 Visit http://www.nvidia.com/page/support.html
for more information.
Error - 21.4.2013 4:20:22 | Computer Name = Mrkew-NTB | Source = Application Hang | ID = 1002
Description = Program Photoshop.exe verze 13.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
f30 Čas spuštění: 01ce3e6413c89fd0 Čas ukončení: 60 Cesta k aplikaci: C:\Program Files\Adobe\Adobe
Photoshop CS6 (64 Bit)\Photoshop.exe ID hlášení:
Error - 21.4.2013 17:29:48 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 18:22:08 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 18:37:40 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 18:47:19 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 21.4.2013 19:10:01 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
Error - 22.4.2013 8:25:02 | Computer Name = Mrkew-NTB | Source = WinMgmt | ID = 10
Description =
Error - 22.4.2013 8:29:11 | Computer Name = Mrkew-NTB | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Hodnota řetězce vysvětlujícího textu čítače výkonu v registru je nesprávně
naformátovaná. Chybně vytvořený řetězec je . První hodnota DWORD v datové oblasti
obsahuje hodnotu indexu chybně vytvořeného řetězce, zatímco druhá a třetí hodnota
DWORD v datové oblasti obsahují poslední platné hodnoty indexu.
[ System Events ]
Error - 20.4.2013 9:29:33 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 20.4.2013 9:42:49 | Computer Name = Mrkew-NTB | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:40:49, ?20.?4.?2013) bylo neočekávané.
Error - 20.4.2013 9:43:18 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 20.4.2013 10:25:20 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).
Error - 20.4.2013 10:25:20 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 21.4.2013 3:00:58 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 21.4.2013 8:20:52 | Computer Name = Mrkew-NTB | Source = bowser | ID = 8003
Description =
Error - 21.4.2013 8:38:33 | Computer Name = Mrkew-NTB | Source = BROWSER | ID = 8032
Description =
Error - 22.4.2013 8:24:09 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
Error - 22.4.2013 9:29:53 | Computer Name = Mrkew-NTB | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058
< End of report >
Re: Prosím o zkontrolování logu
Takova mala technicka. Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o zkontrolování logu
Log hodím po doděláni testu a k tomu Windows, licence je z práce (počítačový servis).
Re: Prosím o zkontrolování logu
# AdwCleaner v2.201 - Log vytvooen 22/04/2013 v 21:54:01
# Aktualizováno 21/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Mrkew - MRKEW-NTB
# Spuštin systém : Normální
# Spuštino z : C:\Users\Mrkew\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Mrkew\AppData\Roaming\Mozilla\Firefox\Profiles\bvoep98d.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Mrkew\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [953 octets] - [22/04/2013 21:54:01]
########## EOF - C:\AdwCleaner[R1].txt - [1012 octets] ##########
# Aktualizováno 21/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Mrkew - MRKEW-NTB
# Spuštin systém : Normální
# Spuštino z : C:\Users\Mrkew\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Mrkew\AppData\Roaming\Mozilla\Firefox\Profiles\bvoep98d.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Mrkew\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [953 octets] - [22/04/2013 21:54:01]
########## EOF - C:\AdwCleaner[R1].txt - [1012 octets] ##########
Re: Prosím o zkontrolování logu
Pocitacovy servis a nechavate si log kontrolovat tady??? Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o zkontrolování logu
Já pracuji ve skladě (uklízení, rozebíraní, skládaní atd..), do takových věci se zatím nefušuji i když bych se je rád později naučil, ale není mnoho času no Tady je ten log.
# AdwCleaner v2.201 - Log vytvooen 22/04/2013 v 21:58:41
# Aktualizováno 21/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Mrkew - MRKEW-NTB
# Spuštin systém : Normální
# Spuštino z : C:\Users\Mrkew\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Mrkew\AppData\Roaming\Mozilla\Firefox\Profiles\bvoep98d.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Mrkew\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1081 octets] - [22/04/2013 21:54:01]
AdwCleaner[S1].txt - [1011 octets] - [22/04/2013 21:58:41]
########## EOF - C:\AdwCleaner[S1].txt - [1071 octets] ##########
Tady je ten log.# AdwCleaner v2.201 - Log vytvooen 22/04/2013 v 21:58:41
# Aktualizováno 21/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Mrkew - MRKEW-NTB
# Spuštin systém : Normální
# Spuštino z : C:\Users\Mrkew\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKLM\Software\PIP
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\Mrkew\AppData\Roaming\Mozilla\Firefox\Profiles\bvoep98d.default\prefs.js
[OK] Soubor je eistý.
-\\ Opera v12.15.1748.0
Soubor : C:\Users\Mrkew\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [1081 octets] - [22/04/2013 21:54:01]
AdwCleaner[S1].txt - [1011 octets] - [22/04/2013 21:58:41]
########## EOF - C:\AdwCleaner[S1].txt - [1071 octets] ##########
Re: Prosím o zkontrolování logu
Doufam, ze to je vas domaci pc a ne firemni.
Mrknem po haveti a pak docistime od zbytecnosti
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Mrknem po haveti a pak docistime od zbytecnosti
Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o zkontrolování logu
Nene, je to můj domácí notebook. Log dodám asi až zítra, záleží jak rychle se to udělá. Jinak pro dnešek už přeji dobrou noc.
Re: Prosím o zkontrolování logu
OK, ja uz to taky za chvili zalomim. Tak dobrou a zitra zase tady 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o zkontrolování logu
Tak test je u konce. Našlo to jen jeden soubor a vím co to je tak ho klidně můžu smazat.
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.04.23.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Mrkew :: MRKEW-NTB [administrátor]
Ochrana: Povolena
23.4.2013 14:40:25
MBAM-log-2013-04-23 (18-36-40).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 611573
Uplynulý čas: 3 hodin, 55 minut, 44 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\avc3.2.rar (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.04.23.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Mrkew :: MRKEW-NTB [administrátor]
Ochrana: Povolena
23.4.2013 14:40:25
MBAM-log-2013-04-23 (18-36-40).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 611573
Uplynulý čas: 3 hodin, 55 minut, 44 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Mrkew2\mrkewpc\byvaly pc - uklid\stazsoubory03\stazenesouborystarejak29.7\avc3.2.rar (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím o zkontrolování logu
Tak ho smazte a MBAM muzete odinstalovat. Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?
