VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Problém s trojským koněm - Bitcoinminer

https://forum.viry.cz:443/viewtopic.php?t=131268

Stránka 1 z 1

Problém s trojským koněm - Bitcoinminer

Napsal: 03 črc 2013 22:09
od K.a.p.r
Dobrý den, mohu požádat o radu jak se ho zbavit. Předem děkuji za Váš čas a pomoc.

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kapr at 2013-07-03 23:07:08
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 9 GB (8%) free of 114 GB
Total RAM: 2047 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:07:14, on 3.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kapr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: NuSphere Debugger ToolBar - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Kapr\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [tsiVideo] C:\Windows\SysWOW64\rundll32.exe C:\Users\Kapr\AppData\Local\Temp\\tsiVi132.dll,start
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: netuse.bat
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O4 - Global Startup: Dell Display Manager.lnk = C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8967 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\SysWOW64\rundll32.exe" C:\Users\Kapr\AppData\Local\Temp\\tsiVi132.dll,start
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"
"C:\Program Files (x86)\Trillian\trillian.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4044.0.726070033\2009109411" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x0402 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup9 channel:stable mods:100/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="4044.2.120570802\1115467117" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4044.3.1830425749\586616350" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Kapr\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kapr\AppData\Roaming\Mozilla\Firefox\Profiles\mtsf3u78.default

prefs.js - "keyword.URL" - ""
prefs.js - "browser.startup.homepage" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\plugins\
npatgpc.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-08 553376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-08 211360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-22 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2012-11-04 366904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-22 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - NuSphere Debugger ToolBar - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar64.dll [2012-03-20 672528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - NuSphere Debugger ToolBar - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll [2012-03-20 505616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-09-25 13196432]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2012-11-04 2419512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30 499608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Kapr\AppData\Local\Akamai\netsession_win.exe []
"tsiVideo"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dell Display Manager.lnk - C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe

C:\Users\Kapr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
netuse.bat
Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2012-10-01 68408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2013-07-03 23:07:08 ----D---- C:\rsit
2013-07-03 23:07:08 ----D---- C:\Program Files\trend micro
2013-07-03 22:43:13 ----A---- C:\Windows\SYSWOW64\ssleay32.dll
2013-07-03 22:43:13 ----A---- C:\Windows\SYSWOW64\libeay32.dll
2013-07-03 22:43:13 ----A---- C:\Windows\eSellerateEngine.dll
2013-07-03 22:43:13 ----A---- C:\Windows\eSellerateControl350.dll
2013-07-03 22:43:12 ----D---- C:\Program Files (x86)\Bit Coin Miner Removal Tool
2013-07-03 20:47:37 ----D---- C:\Program Files (x86)\FreeUndelete
2013-07-03 20:45:23 ----D---- C:\PST
2013-07-03 20:40:57 ----AD---- C:\ProgramData\TEMP
2013-07-03 19:59:24 ----D---- C:\Windows\Minidump
2013-07-03 16:05:04 ----D---- C:\Users\Kapr\AppData\Roaming\SmartPCFix
2013-07-03 15:05:08 ----D---- C:\Program Files (x86)\PowerDataRecovery
2013-06-22 17:42:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-22 17:42:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-22 17:42:52 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-22 17:42:52 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-22 17:42:46 ----D---- C:\Program Files (x86)\Java
2013-06-16 21:22:10 ----D---- C:\Program Files\A-FF Find and Mount
2013-06-15 20:20:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-15 20:20:40 ----A---- C:\Windows\system32\urlmon.dll
2013-06-15 20:20:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-15 20:20:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-15 20:20:38 ----A---- C:\Windows\system32\ieui.dll
2013-06-15 20:20:38 ----A---- C:\Windows\system32\iertutil.dll
2013-06-15 20:20:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-15 20:20:35 ----A---- C:\Windows\system32\ieframe.dll
2013-06-15 20:20:32 ----A---- C:\Windows\system32\mshtml.dll
2013-06-15 20:20:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-14 23:51:51 ----D---- C:\ProgramData\Virtual RC Pro
2013-06-14 21:32:16 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-06-14 21:32:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-06-14 21:32:16 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-06-14 21:32:16 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-06-14 21:32:15 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-06-14 21:32:15 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-06-14 21:31:00 ----D---- C:\Program Files (x86)\Virtual RC Pro
2013-06-14 16:59:00 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-06-14 16:59:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-06-14 16:59:00 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-06-14 16:59:00 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-06-14 16:58:59 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-06-14 16:58:59 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-06-14 16:54:32 ----D---- C:\Program Files (x86)\PhoenixRC
2013-06-14 11:45:53 ----D---- C:\Windows\system32\appmgmt
2013-06-13 23:30:19 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-06-13 23:30:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-06-13 23:30:19 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-06-13 23:30:19 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-06-13 23:30:18 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-06-13 23:30:18 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-06-13 23:30:17 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-06-13 23:30:17 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-06-13 23:30:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-06-13 23:30:17 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-06-13 23:30:17 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-06-13 23:30:17 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-06-13 23:30:16 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-06-13 23:30:16 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-06-13 23:30:16 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-06-13 23:30:16 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-06-13 23:30:15 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-06-13 23:30:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-06-13 23:30:15 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-06-13 23:30:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-06-13 23:30:15 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-06-13 23:30:15 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-06-13 23:30:15 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-06-13 23:30:15 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-06-13 23:30:14 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-06-13 23:30:14 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-06-13 23:30:14 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-06-13 23:30:14 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-06-13 23:30:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-06-13 23:30:13 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-06-13 23:30:12 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-06-13 23:30:12 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-06-13 23:30:12 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-06-13 23:30:12 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-06-13 23:30:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-06-13 23:30:12 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-06-13 23:30:11 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-06-13 23:30:11 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-06-13 23:30:10 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-06-13 23:30:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-06-13 23:30:10 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-06-13 23:30:10 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-06-13 23:30:09 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-06-13 23:30:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-06-13 23:30:09 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-06-13 23:30:09 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-06-13 23:30:09 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-06-13 23:30:09 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-06-13 23:30:08 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-06-13 23:30:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-06-13 23:30:08 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-06-13 23:30:08 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-06-13 23:30:06 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-06-13 23:30:06 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-06-13 23:30:06 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-06-13 23:30:06 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-06-13 23:30:06 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-06-13 23:30:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-06-13 23:30:05 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-06-13 23:30:05 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-06-13 23:30:05 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-06-13 23:30:05 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-06-13 23:30:05 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-06-13 23:30:05 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-06-13 23:30:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-06-13 23:30:05 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-06-13 23:30:03 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-06-13 23:30:03 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-06-13 23:30:03 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-06-13 23:30:03 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-06-13 23:30:02 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-06-13 23:30:02 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-06-13 23:30:02 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-06-13 23:30:02 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-06-13 23:30:01 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-06-13 23:30:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-06-13 23:30:01 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-06-13 23:30:01 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-06-13 23:30:00 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-06-13 23:30:00 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-06-13 23:30:00 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-06-13 23:30:00 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-06-13 23:30:00 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-06-13 23:30:00 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-06-13 23:29:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-06-13 23:29:59 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-06-13 23:29:59 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-06-13 23:29:59 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-06-13 23:29:59 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-06-13 23:29:59 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-06-13 23:29:58 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-06-13 23:29:58 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-06-13 23:29:57 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-06-13 23:29:57 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-06-13 23:29:57 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-06-13 23:29:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-06-13 23:29:56 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-06-13 23:29:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-06-13 23:29:56 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-06-13 23:29:56 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-06-13 23:29:55 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-06-13 23:29:55 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-06-13 23:29:54 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-06-13 23:29:54 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-06-13 23:29:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-06-13 23:29:54 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-06-13 23:29:54 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-06-13 23:29:54 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-06-13 23:29:53 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-06-13 23:29:53 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-06-13 23:29:53 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-06-13 23:29:53 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-06-13 23:29:52 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-06-13 23:29:52 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-06-13 23:29:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-06-13 23:29:52 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-06-13 23:29:52 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-06-13 23:29:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-06-13 23:29:51 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-06-13 23:29:51 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-06-13 23:29:51 ----A---- C:\Windows\system32\xinput1_3.dll
2013-06-13 23:29:51 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-06-13 23:29:50 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-06-13 23:29:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-06-13 23:29:50 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-06-13 23:29:50 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-06-13 23:29:49 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-06-13 23:29:49 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-06-13 23:29:49 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-06-13 23:29:49 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-06-13 23:29:48 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-06-13 23:29:48 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-06-13 23:29:48 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-06-13 23:29:48 ----A---- C:\Windows\system32\d3dx10.dll
2013-06-13 23:29:47 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-06-13 23:29:47 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-06-13 23:29:47 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-06-13 23:29:47 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-06-13 23:29:47 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-06-13 23:29:47 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-06-13 23:29:46 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-06-13 23:29:46 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-06-13 23:29:46 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-06-13 23:29:46 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-06-13 23:29:45 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-06-13 23:29:45 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-06-13 23:29:45 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-06-13 23:29:45 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-06-13 23:29:45 ----A---- C:\Windows\system32\xinput1_2.dll
2013-06-13 23:29:45 ----A---- C:\Windows\system32\xinput1_1.dll
2013-06-13 23:29:45 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-06-13 23:29:45 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-06-13 23:29:43 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-06-13 23:29:43 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-06-13 23:29:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-06-13 23:29:43 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-06-13 23:29:42 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-06-13 23:29:42 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-06-13 23:29:42 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-06-13 23:29:42 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-06-13 23:29:41 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-06-13 23:29:41 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-06-13 23:29:40 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-06-13 23:29:40 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-06-13 23:29:40 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-06-13 23:29:40 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-06-13 23:29:39 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-06-13 23:29:39 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-06-13 23:29:38 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-06-13 23:29:38 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-06-13 23:28:05 ----D---- C:\Windows\SYSWOW64\directx
2013-06-13 03:01:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-13 03:01:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-13 03:01:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-13 03:01:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-13 03:01:16 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-13 03:01:16 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-13 03:01:16 ----A---- C:\Windows\system32\iesetup.dll
2013-06-13 03:01:16 ----A---- C:\Windows\system32\iernonce.dll
2013-06-13 03:01:16 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-13 03:01:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-13 03:01:13 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-13 03:01:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-13 03:01:12 ----A---- C:\Windows\system32\jscript.dll
2013-06-13 03:01:11 ----A---- C:\Windows\system32\jscript9.dll
2013-06-13 03:01:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-13 03:01:07 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-13 03:01:07 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-13 03:01:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-13 03:01:05 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 12:26:02 ----N---- C:\Windows\system32\pwdspio.sys
2013-06-12 12:26:02 ----N---- C:\Windows\system32\pwdrvio.sys
2013-06-12 12:26:02 ----A---- C:\Windows\system32\pwNative.exe
2013-06-12 10:19:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 10:19:37 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 10:19:37 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 10:19:34 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 10:19:34 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 10:19:31 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 10:19:31 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 10:19:28 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 10:19:27 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 10:19:27 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 10:19:27 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 10:19:27 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 10:19:27 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 10:19:27 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 10:19:27 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 10:19:26 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 10:19:26 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 10:19:22 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 10:19:22 ----A---- C:\Windows\system32\d3d11.dll
2013-06-08 15:56:27 ----D---- C:\Windows\Sun
2013-06-08 15:56:21 ----D---- C:\ProgramData\Sun
2013-06-08 15:56:15 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-08 15:56:15 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-08 15:55:02 ----A---- C:\Windows\system32\javaws.exe
2013-06-08 15:54:58 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-06-08 15:54:58 ----A---- C:\Windows\system32\javaw.exe
2013-06-08 15:54:58 ----A---- C:\Windows\system32\java.exe
2013-06-08 15:54:51 ----D---- C:\Program Files\Java
2013-06-04 11:37:55 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-06-04 11:37:55 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-06-04 11:37:35 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2013-06-04 11:35:57 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-06-04 11:24:19 ----D---- C:\Salon

======List of files/folders modified in the last 1 month======

2013-07-03 23:07:10 ----D---- C:\Windows\Temp
2013-07-03 23:07:08 ----RD---- C:\Program Files
2013-07-03 22:57:05 ----D---- C:\Windows\SysWOW64
2013-07-03 22:57:05 ----D---- C:\Windows\System32
2013-07-03 22:56:52 ----RD---- C:\Program Files (x86)
2013-07-03 22:43:13 ----D---- C:\Windows
2013-07-03 22:33:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-03 22:33:48 ----D---- C:\Windows\inf
2013-07-03 22:29:34 ----D---- C:\Program Files (x86)\Trillian
2013-07-03 22:29:28 ----D---- C:\ProgramData\NVIDIA
2013-07-03 22:28:25 ----D---- C:\Windows\system32\config
2013-07-03 22:14:49 ----D---- C:\Windows\system32\FxsTmp
2013-07-03 20:40:57 ----HD---- C:\ProgramData
2013-07-03 20:40:46 ----SHD---- C:\Windows\Installer
2013-07-03 20:40:45 ----D---- C:\Windows\winsxs
2013-07-03 19:47:31 ----D---- C:\Program Files (x86)\BrowseToSave
2013-07-03 16:35:05 ----D---- C:\Users\Kapr\AppData\Roaming\NVIDIA
2013-07-03 16:08:28 ----D---- C:\Windows\Tasks
2013-07-03 16:08:28 ----D---- C:\Windows\system32\Tasks
2013-07-02 23:42:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:15:01 ----SHD---- C:\System Volume Information
2013-06-27 22:17:10 ----D---- C:\Windows\system32\drivers
2013-06-25 21:36:51 ----D---- C:\Windows\system32\catroot2
2013-06-18 15:28:58 ----D---- C:\Windows\Microsoft.NET
2013-06-18 15:28:39 ----RSD---- C:\Windows\assembly
2013-06-17 23:51:02 ----D---- C:\Windows\system32\catroot
2013-06-16 00:26:42 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-16 00:26:41 ----D---- C:\Program Files\Internet Explorer
2013-06-14 21:54:27 ----D---- C:\Program Files (x86)\ShareRapid
2013-06-14 16:57:46 ----D---- C:\Windows\Logs
2013-06-14 11:46:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-14 11:46:53 ----D---- C:\Users\Kapr\AppData\Roaming\Samsung
2013-06-14 11:46:53 ----D---- C:\Program Files (x86)\Samsung
2013-06-13 03:56:50 ----D---- C:\Windows\rescache
2013-06-13 03:18:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-13 03:18:42 ----D---- C:\Windows\system32\cs-CZ
2013-06-13 03:01:52 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 23:51:22 ----D---- C:\Users\Kapr\AppData\Roaming\Adobe
2013-06-12 10:20:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-08 15:56:20 ----D---- C:\Program Files (x86)\Common Files
2013-06-08 15:54:53 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-06-08 15:54:53 ----A---- C:\Windows\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-09-25 4155536]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2012-09-18 75064]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2012-09-18 61240]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\ []
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SliceDisk5;SliceDisk5; \??\C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [2011-02-25 31824]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-06-13 4150112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-25 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-06-03 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-25 136176]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2012-10-01 359224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-21 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-25 1255736]

-----------------EOF-----------------

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 03 črc 2013 22:16
od Márty84
Zdravim :)


:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 03 črc 2013 23:46
od K.a.p.r
Dobrý den, OTL zkončí přibližně po půl hodině chybou Cannot create file C:\users\Kapr\Desktop\cmd.bat , zkoušel jsem to 2x a vždy spustil jako správce.

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 08:23
od Márty84
Obcas se to stane, ze OTL tuhle chybku vyhodi :roll:

:arrow: Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 10:49
od K.a.p.r
Log OTL.txt

OTL logfile created on: 4.7.2013 11:01:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kapr\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 43,21% Memory free
4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 9,63 Gb Free Space | 8,62% Space Free | Partition Type: NTFS
Drive E: | 49,81 Gb Total Space | 3,55 Gb Free Space | 7,14% Space Free | Partition Type: NTFS
Drive F: | 248,28 Gb Total Space | 22,93 Gb Free Space | 9,24% Space Free | Partition Type: NTFS

Computer Name: KAPR-PC | User Name: Kapr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.03 23:18:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kapr\Desktop\OTL.exe
PRC - [2013.06.13 11:17:51 | 004,150,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.06.13 11:17:50 | 011,077,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.06.13 11:08:28 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.05.04 02:13:45 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.03.25 06:43:48 | 000,569,488 | ---- | M] (EnTech Taiwan) -- C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.05 01:00:00 | 002,429,904 | ---- | M] (Cerulean Studios) -- C:\Program Files (x86)\Trillian\trillian.exe


========== Modules (No Company Name) ==========

MOD - [2013.07.03 16:13:44 | 001,504,256 | ---- | M] () -- C:\Users\Kapr\AppData\Local\Temp\tsiVi132.dll
MOD - [2012.09.05 01:00:00 | 000,187,392 | ---- | M] () -- C:\Program Files (x86)\Trillian\libpng15.dll
MOD - [2012.09.05 01:00:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Trillian\libungif.dll
MOD - [2012.09.05 01:00:00 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Trillian\zlib1.dll
MOD - [2012.05.02 11:40:48 | 000,009,728 | ---- | M] () -- c:\Users\Kapr\AppData\Roaming\Trillian\languages\cs\buddy.dll
MOD - [2012.05.02 11:40:48 | 000,007,168 | ---- | M] () -- c:\Users\Kapr\AppData\Roaming\Trillian\languages\cs\events.dll
MOD - [2012.05.02 11:40:48 | 000,006,144 | ---- | M] () -- c:\Users\Kapr\AppData\Roaming\Trillian\languages\cs\talk.dll
MOD - [2012.05.02 11:40:48 | 000,004,608 | ---- | M] () -- c:\Users\Kapr\AppData\Roaming\Trillian\languages\cs\trillian.dll
MOD - [2012.05.02 11:40:48 | 000,002,048 | ---- | M] () -- c:\Users\Kapr\AppData\Roaming\Trillian\languages\cs\toolkit.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.10.01 09:22:52 | 000,359,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.06.13 11:17:51 | 004,150,112 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.06.12 10:20:17 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.03 21:24:15 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.05.21 20:20:19 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.03 17:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Windows\SysNative\ -- (MLPTDR_N)
DRV:64bit: - [2013.06.27 22:17:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.06.27 22:17:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.06.27 22:17:10 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.09.18 11:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2012.09.18 11:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.06.18 13:34:44 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012.06.18 13:34:42 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.25 22:17:06 | 000,031,824 | ---- | M] (Atola) [Kernel | On_Demand | Stopped] -- C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys -- (SliceDisk5)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-547005843-1775508806-2719200146-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-547005843-1775508806-2719200146-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-547005843-1775508806-2719200146-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-547005843-1775508806-2719200146-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..keyword.URL: ""
FF - prefs.js..browser.startup.homepage: ""
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012.12.26 22:49:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.01 18:03:21 | 000,000,000 | ---D | M]

[2012.12.25 22:09:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kapr\AppData\Roaming\Mozilla\Extensions
[2013.05.21 20:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.21 20:20:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.04.24 08:31:20 | 000,218,640 | ---- | M] (Cisco WebEx LLC) -- C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.89\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Disk Google = C:\Users\Kapr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Kapr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Kapr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Logitech SetPoint = C:\Users\Kapr\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.51.8_0\
CHR - Extension: Gmail = C:\Users\Kapr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.12.31 17:45:44 | 000,000,922 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (NuSphere Debugger ToolBar) - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar64.dll ()
O3 - HKLM\..\Toolbar: (NuSphere Debugger ToolBar) - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-547005843-1775508806-2719200146-1001..\Run: [Akamai NetSession Interface] "C:\Users\Kapr\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-547005843-1775508806-2719200146-1001..\Run: [tsiVideo] C:\Users\Kapr\AppData\Local\Temp\tsiVi132.dll ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Kapr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\netuse.bat ()
O4 - Startup: C:\Users\Kapr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-547005843-1775508806-2719200146-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 8.8.8.8 100.100.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72E2A95B-1468-4D82-BC95-F40C662D5087}: DhcpNameServer = 192.168.1.1 8.8.8.8 100.100.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C01258BB-C3A1-4501-9D93-F5C235877B73}: DhcpNameServer = 192.168.1.1 79.98.153.153
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.08 21:20:36 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.07.03 23:18:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kapr\Desktop\OTL.exe
[2013.07.03 23:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.03 23:07:08 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.03 22:43:13 | 001,122,304 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll
[2013.07.03 22:43:13 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateEngine.dll
[2013.07.03 22:43:13 | 000,274,432 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\SysWow64\ssleay32.dll
[2013.07.03 22:43:13 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateControl350.dll
[2013.07.03 22:43:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bit Coin Miner Removal Tool
[2013.07.03 21:11:53 | 000,000,000 | ---D | C] -- C:\Users\Kapr\licman
[2013.07.03 21:11:51 | 000,000,000 | ---D | C] -- C:\Users\Kapr\EREnt64
[2013.07.03 20:47:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeUndelete
[2013.07.03 20:45:23 | 000,000,000 | ---D | C] -- C:\PST
[2013.07.03 20:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.07.03 19:59:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.07.03 16:05:04 | 000,000,000 | ---D | C] -- C:\Users\Kapr\AppData\Roaming\SmartPCFix
[2013.07.03 15:37:29 | 000,000,000 | ---D | C] -- C:\Users\Kapr\AppData\Local\Cimaware
[2013.07.03 15:05:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerDataRecovery
[2013.06.22 17:42:56 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.22 17:42:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.22 17:42:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.22 17:42:52 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.22 17:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.06.16 21:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Find and Mount
[2013.06.16 21:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\A-FF Find and Mount
[2013.06.15 20:20:38 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.15 20:20:38 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.14 23:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Virtual RC Pro
[2013.06.14 21:34:43 | 000,000,000 | ---D | C] -- C:\Users\Kapr\AppData\Local\Virtual RC Pro
[2013.06.14 21:32:16 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.06.14 21:32:16 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.06.14 21:32:16 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.06.14 21:32:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.06.14 21:32:15 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.06.14 21:32:15 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.06.14 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual RC Pro
[2013.06.14 21:31:00 | 000,000,000 | ---D | C] -- C:\Users\Kapr\Documents\Virtual RC Pro
[2013.06.14 21:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual RC Pro
[2013.06.14 16:59:00 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.06.14 16:59:00 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.06.14 16:59:00 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.06.14 16:59:00 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.06.14 16:58:59 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.06.14 16:58:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.06.14 16:56:42 | 000,000,000 | ---D | C] -- C:\Users\Kapr\Documents\PhoenixRC
[2013.06.14 16:54:42 | 000,000,000 | ---D | C] -- C:\Users\Kapr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhoenixRC
[2013.06.14 16:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhoenixRC
[2013.06.14 11:45:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.06.13 23:30:19 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.06.13 23:30:19 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.06.13 23:30:19 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.06.13 23:30:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.06.13 23:30:18 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.06.13 23:30:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.06.13 23:30:17 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.06.13 23:30:17 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.06.13 23:30:17 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.06.13 23:30:17 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.06.13 23:30:17 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.06.13 23:30:17 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.06.13 23:30:16 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.06.13 23:30:16 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.06.13 23:30:16 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.06.13 23:30:16 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.06.13 23:30:15 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.06.13 23:30:15 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.06.13 23:30:15 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.06.13 23:30:15 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.06.13 23:30:15 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.06.13 23:30:15 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.06.13 23:30:15 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.06.13 23:30:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.06.13 23:30:14 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.06.13 23:30:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.06.13 23:30:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.06.13 23:30:14 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.06.13 23:30:13 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.06.13 23:30:13 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.06.13 23:30:12 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.06.13 23:30:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.06.13 23:30:12 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.06.13 23:30:12 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013.06.13 23:30:12 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.06.13 23:30:12 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.06.13 23:30:11 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.06.13 23:30:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013.06.13 23:30:10 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.06.13 23:30:10 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.06.13 23:30:10 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.06.13 23:30:10 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.06.13 23:30:09 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.06.13 23:30:09 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.06.13 23:30:09 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.06.13 23:30:09 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.06.13 23:30:09 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.06.13 23:30:09 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.06.13 23:30:08 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.06.13 23:30:08 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.06.13 23:30:08 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.06.13 23:30:08 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.06.13 23:30:06 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.06.13 23:30:06 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.06.13 23:30:06 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.06.13 23:30:06 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.06.13 23:30:06 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.06.13 23:30:06 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.06.13 23:30:05 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.06.13 23:30:05 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.06.13 23:30:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.06.13 23:30:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.06.13 23:30:05 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.06.13 23:30:05 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.06.13 23:30:05 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.06.13 23:30:05 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.06.13 23:30:03 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.06.13 23:30:03 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.06.13 23:30:03 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.06.13 23:30:03 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.06.13 23:30:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.06.13 23:30:02 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.06.13 23:30:02 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.06.13 23:30:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.06.13 23:30:01 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.06.13 23:30:01 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.06.13 23:30:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.06.13 23:30:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.06.13 23:30:00 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.06.13 23:30:00 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.06.13 23:30:00 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.06.13 23:30:00 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.06.13 23:30:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.06.13 23:30:00 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.06.13 23:29:59 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.06.13 23:29:59 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.06.13 23:29:59 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.06.13 23:29:59 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.06.13 23:29:59 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.06.13 23:29:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.06.13 23:29:58 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.06.13 23:29:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.06.13 23:29:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.06.13 23:29:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.06.13 23:29:57 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.06.13 23:29:57 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.06.13 23:29:56 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.06.13 23:29:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.06.13 23:29:56 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.06.13 23:29:56 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.06.13 23:29:55 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.06.13 23:29:55 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.06.13 23:29:54 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.06.13 23:29:54 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.06.13 23:29:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.06.13 23:29:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.06.13 23:29:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.06.13 23:29:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.06.13 23:29:53 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.06.13 23:29:53 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.06.13 23:29:53 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.06.13 23:29:53 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.06.13 23:29:52 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.06.13 23:29:52 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.06.13 23:29:52 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.06.13 23:29:52 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.06.13 23:29:52 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.06.13 23:29:52 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.06.13 23:29:51 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.06.13 23:29:51 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.06.13 23:29:51 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.06.13 23:29:51 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.06.13 23:29:50 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.06.13 23:29:50 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.06.13 23:29:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.06.13 23:29:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.06.13 23:29:49 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.06.13 23:29:49 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.06.13 23:29:49 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.06.13 23:29:49 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.06.13 23:29:48 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.06.13 23:29:48 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.06.13 23:29:48 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.06.13 23:29:48 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.06.13 23:29:47 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.06.13 23:29:47 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.06.13 23:29:47 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.06.13 23:29:47 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.06.13 23:29:47 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.06.13 23:29:47 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.06.13 23:29:46 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.06.13 23:29:46 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.06.13 23:29:46 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.06.13 23:29:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.06.13 23:29:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.06.13 23:29:45 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.06.13 23:29:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.06.13 23:29:45 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.06.13 23:29:45 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.06.13 23:29:45 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.06.13 23:29:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.06.13 23:29:45 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.06.13 23:29:43 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.06.13 23:29:43 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.06.13 23:29:43 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.06.13 23:29:43 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.06.13 23:29:42 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.06.13 23:29:42 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.06.13 23:29:42 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.06.13 23:29:42 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.06.13 23:29:41 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.06.13 23:29:41 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.06.13 23:29:40 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.06.13 23:29:40 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.06.13 23:29:40 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.06.13 23:29:40 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.06.13 23:29:39 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.06.13 23:29:39 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.06.13 23:29:38 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.06.13 23:29:38 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.06.13 23:28:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.06.13 23:21:50 | 000,000,000 | ---D | C] -- C:\Users\Kapr\Documents\PhoenixRC Demo
[2013.06.13 03:01:16 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.13 03:01:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.13 03:01:16 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.13 03:01:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.13 03:01:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.13 03:01:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.13 03:01:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.13 03:01:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.13 03:01:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.13 03:01:13 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.13 03:01:12 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.13 03:01:12 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.13 03:01:11 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.12 10:19:37 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.12 10:19:37 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.12 10:19:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.12 10:19:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.12 10:19:31 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.12 10:19:28 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.12 10:19:27 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.12 10:19:27 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.12 10:19:27 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.12 10:19:26 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.12 10:19:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.12 10:19:22 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.12 10:19:22 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.06.08 15:56:27 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.06.08 15:56:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.06.08 15:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.08 15:56:15 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.06.08 15:56:15 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.06.08 15:55:02 | 000,311,200 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.06.08 15:54:58 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.06.08 15:54:58 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.06.08 15:54:58 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.06.08 15:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.06.04 11:38:35 | 000,000,000 | ---D | C] -- C:\Users\Kapr\AppData\Local\Trzby
[2013.06.04 11:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2013.06.04 11:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013.06.04 11:37:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013.06.04 11:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013.06.04 11:24:19 | 000,000,000 | ---D | C] -- C:\Salon

========== Files - Modified Within 30 Days ==========

[2013.07.04 11:04:54 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.04 11:04:54 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.04 11:04:12 | 001,478,822 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.04 11:04:12 | 000,634,530 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.04 11:04:12 | 000,618,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.04 11:04:12 | 000,123,120 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.04 11:04:12 | 000,107,256 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.04 11:02:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.04 10:57:51 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.04 10:57:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.04 10:57:37 | 1610,162,176 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.04 01:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.04 01:18:01 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.03 23:18:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kapr\Desktop\OTL.exe
[2013.07.03 23:05:01 | 000,935,175 | ---- | M] () -- C:\Users\Kapr\Desktop\RSITx64.exe
[2013.06.27 22:17:10 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.06.27 22:17:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.06.27 22:17:10 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.06.27 22:17:10 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.06.27 22:17:10 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.27 22:17:10 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.22 17:42:49 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.22 17:42:48 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.22 17:42:48 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.22 17:42:47 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.06.22 17:42:47 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.06.22 17:42:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.20 14:23:37 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.20 09:28:14 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.17 00:28:27 | 000,000,953 | ---- | M] () -- C:\Users\Kapr\Desktop\Find and Mount.lnk
[2013.06.14 21:31:27 | 000,001,037 | ---- | M] () -- C:\Users\Kapr\Desktop\Virtual RC Pro.lnk
[2013.06.14 17:21:40 | 000,001,104 | ---- | M] () -- C:\Users\Kapr\AppData\Local\SRDownloader.nast
[2013.06.14 16:54:42 | 000,002,939 | ---- | M] () -- C:\Users\Kapr\Desktop\PhoenixRC.lnk
[2013.06.14 11:53:55 | 000,007,761 | ---- | M] () -- C:\Users\Kapr\AppData\Local\SRDownloader.err
[2013.06.12 10:20:17 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 10:20:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.08 20:46:13 | 000,005,196 | ---- | M] () -- C:\Users\Kapr\Documents\Moje místa.kmz
[2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.08 15:54:54 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.06.08 15:54:53 | 001,092,512 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.06.08 15:54:53 | 000,971,680 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.06.08 15:54:53 | 000,311,200 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.06.08 15:54:53 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.06.08 15:54:53 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

========== Files Created - No Company Name ==========

[2013.07.03 23:22:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.03 23:04:56 | 000,935,175 | ---- | C] () -- C:\Users\Kapr\Desktop\RSITx64.exe
[2013.06.27 22:17:10 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.06.27 22:17:10 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.27 22:17:10 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.16 21:22:11 | 000,000,953 | ---- | C] () -- C:\Users\Kapr\Desktop\Find and Mount.lnk
[2013.06.14 21:31:27 | 000,001,037 | ---- | C] () -- C:\Users\Kapr\Desktop\Virtual RC Pro.lnk
[2013.06.14 16:54:42 | 000,002,939 | ---- | C] () -- C:\Users\Kapr\Desktop\PhoenixRC.lnk
[2013.06.12 12:26:02 | 002,966,720 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe
[2013.06.12 12:26:02 | 000,019,032 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2013.06.12 12:26:02 | 000,012,384 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys
[2013.06.03 21:29:24 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2013.01.25 19:04:46 | 000,007,761 | ---- | C] () -- C:\Users\Kapr\AppData\Local\SRDownloader.err
[2013.01.25 18:59:13 | 000,001,104 | ---- | C] () -- C:\Users\Kapr\AppData\Local\SRDownloader.nast
[2013.01.02 18:04:47 | 000,001,480 | ---- | C] () -- C:\Users\Kapr\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2012.12.25 23:22:50 | 001,495,094 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.25 17:03:49 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.12.25 17:03:49 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.12.25 17:03:49 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012.12.25 17:03:48 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.12.25 17:03:44 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.01.26 13:20:49 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Canneverbe Limited
[2013.01.03 12:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\GHISLER
[2012.12.26 22:39:27 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Leadertech
[2013.01.06 16:16:24 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Mikrotik
[2012.12.26 01:32:33 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\NuSphere
[2013.06.14 11:46:53 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Samsung
[2013.07.03 16:05:14 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\SmartPCFix
[2013.01.22 12:22:15 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\TeamViewer
[2012.12.26 22:00:01 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Trillian

========== Purity Check ==========

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 10:50
od K.a.p.r
========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,522 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.12.25 16:56:22 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.25 16:57:57 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.25 16:57:57 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[19 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.06.12 23:51:22 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Adobe
[2013.01.26 13:20:49 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Canneverbe Limited
[2013.01.03 12:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\GHISLER
[2012.12.25 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Identities
[2012.12.26 22:39:27 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Leadertech
[2012.12.26 22:49:22 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Logishrd
[2012.12.26 22:50:15 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Logitech
[2012.12.25 16:56:25 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Media Center Programs
[2013.02.25 21:49:19 | 000,000,000 | --SD | M] -- C:\Users\Kapr\AppData\Roaming\Microsoft
[2013.01.06 16:16:24 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Mikrotik
[2012.12.25 22:09:36 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Mozilla
[2012.12.26 01:32:33 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\NuSphere
[2013.07.03 16:35:05 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\NVIDIA
[2013.06.14 11:46:53 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Samsung
[2013.07.03 16:05:14 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\SmartPCFix
[2013.01.22 12:22:15 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\TeamViewer
[2012.12.26 22:00:01 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\Trillian
[2013.04.29 18:29:18 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\VMware
[2012.12.25 17:21:03 | 000,000,000 | ---D | M] -- C:\Users\Kapr\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.04.14 17:39:21 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Kapr\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.06.14 16:57:45 | 000,045,056 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{10BE5714-B174-4ADC-BD94-66AD524B2D85}\ARPPRODUCTICON.exe
[2012.12.26 22:50:08 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_13661cd0.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_15a15422.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_366b66c4.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_3ef6822.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_42307eb7.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_49442e40.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_4cad314f.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_5991409d.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_5e144df2.exe
[2013.06.14 16:54:42 | 000,005,694 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{B8F4FC41-5CAF-475D-83DE-456723992201}\_60322c3b.exe
[2013.04.28 21:50:03 | 000,025,214 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{D93B70D2-4DA4-4F6F-9DC8-72D08F74A386}\ARPPRODUCTICON.exe
[2013.04.28 21:50:03 | 000,025,214 | R--- | M] () -- C:\Users\Kapr\AppData\Roaming\Microsoft\Installer\{D93B70D2-4DA4-4F6F-9DC8-72D08F74A386}\NewShortcut1_D93B70D24DA44F6F9DC872D08F74A386.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.07.04 11:20:02 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.04 10:57:51 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.04 11:18:30 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.03 22:57:03 | 000,001,131 | ---- | M] () -- C:\Windows\system32\rsrorx32.LOG

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2011.03.22 19:00:32 | 000,003,556 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\configuration\Content\Reference\PHP\CrackF.html
[2012.03.15 14:49:10 | 000,002,510 | ---- | M] () -- \Program Files (x86)\NuSphere\PhpED\config\CodeCompletion\php4\crack.php
[2012.03.15 14:49:12 | 000,003,406 | ---- | M] () -- \Program Files (x86)\NuSphere\PhpED\config\CodeCompletion\php5\crack.php
[2012.03.15 14:49:14 | 000,001,361 | ---- | M] () -- \Program Files (x86)\NuSphere\PhpED\config\CodeCompletion\php53\crack.php
[2008.08.07 17:07:12 | 000,036,864 | ---- | M] () -- \Program Files (x86)\NuSphere\PhpED\php\extensions\php_crack.dll
[2008.05.02 20:07:02 | 000,041,024 | ---- | M] () -- \Program Files (x86)\NuSphere\PhpED\php5\extensions\php_crack.dll
[2003.12.05 15:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2011.03.03 19:42:04 | 001,159,409 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS5.5\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2012.03.15 14:49:10 | 000,002,510 | ---- | M] () -- \Users\Kapr\AppData\Roaming\NuSphere\PhpED\config\CodeCompletion\php4\crack.php
[2012.03.15 14:49:12 | 000,003,406 | ---- | M] () -- \Users\Kapr\AppData\Roaming\NuSphere\PhpED\config\CodeCompletion\php5\crack.php
[2012.03.15 14:49:14 | 000,001,361 | ---- | M] () -- \Users\Kapr\AppData\Roaming\NuSphere\PhpED\config\CodeCompletion\php53\crack.php
[2008.08.15 16:45:53 | 000,039,547 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_chromatophore\images\bg\overlay-cracked.png

< *keygen* /s >
[2011.03.22 19:00:30 | 000,013,367 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\configuration\Content\Reference\HTML\KEYGEN.html
[2011.03.22 19:01:00 | 000,009,702 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\configuration\TagLibraries\HTML\keygen.vtm
[2013.07.03 20:34:23 | 000,000,758 | ---- | M] () -- \Users\Kapr\AppData\Roaming\Microsoft\Windows\Recent\Remo.Repair.Outlook.PST.v3.0.0.6.Incl.Keygen-Lz0.lnk
[2013.07.03 20:35:57 | 020,576,780 | ---- | M] () -- \Users\Kapr\Downloads\Remo.Repair.Outlook.PST.v3.0.0.6.Incl.Keygen-Lz0.rar
[2011.04.26 16:44:03 | 000,078,848 | ---- | M] () -- \Users\Kapr\Downloads\new.a.cr.su.P.P\ADOBE.CREATIVE.SUITE.5.5.MASTER.COLLECTION.RU.CZ.PL.TR.WIN.ESD.KEYGEN-XFORCE\ADOBE.CS5.5.MC_KEYGEN_WIN_OSX-XFORCE\adobemasterkeygen55.exe
[2013.06.26 23:00:03 | 001,697,792 | ---- | M] () -- \Users\Kapr\Downloads\Outlookfix.Outlook.Pst.Repair.key.generator.by.F4CG\Outlookfix.Outlook.Pst.Repair.key.generator.by.F4CG\keygen.exe
[2011.08.02 23:45:14 | 000,015,360 | ---- | M] () -- \Users\Kapr\Downloads\Remo.Repair.Outlook.PST.v3.0.0.6.Incl.Keygen-Lz0\Linezer0\keygen.exe

< *AntiWPA* /s >

< *loader* /s >
[2007.03.14 19:21:36 | 004,937,904 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 17:07:28 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 17:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 17:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.03.02 22:35:42 | 005,299,048 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\Photodownloader.exe
[2011.03.02 19:57:10 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2011.03.02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2011.03.02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\de_de\Photodownloader.ini
[2011.03.02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\en_us\Photodownloader.ini
[2011.03.02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\es_es\Photodownloader.ini
[2011.03.02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\it_it\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\no_no\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2011.03.02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2011.03.02 19:57:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2011.03.02 19:57:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.03.22 19:01:00 | 000,037,112 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\configuration\Shared\MM\Media\FLVLoader.swf
[2011.03.22 19:01:02 | 000,000,503 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\configuration\Third Party Source Code\jquery-mobile\images\ajax-loader.png
[2011.03.22 18:57:00 | 000,000,503 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\cs_CZ\Configuration\Third Party Source Code\jquery-mobile\images\ajax-loader.png
[2011.03.22 19:01:12 | 000,007,931 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\demo\jvmti\hprof\src\hprof_loader.c
[2011.03.22 19:01:12 | 000,002,188 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\demo\jvmti\hprof\src\hprof_loader.h
[2011.03.22 19:01:36 | 000,003,005 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2011.03.22 19:01:36 | 000,000,420 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2011.03.22 19:01:36 | 001,138,236 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\lib\visualvm\platform\modules\org-openide-loaders.jar
[2011.03.22 19:01:36 | 000,007,002 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2011.03.22 19:01:36 | 000,006,658 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2011.03.22 19:01:36 | 000,000,464 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2011.03.14 19:50:30 | 000,061,190 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Fireworks CS5.1\Configuration\Common Library\Animations\Loader01.animation.png
[2011.03.14 19:50:30 | 000,312,906 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Fireworks CS5.1\Configuration\Common Library\Animations\Loader02.animation.png
[2011.03.14 19:50:30 | 000,119,812 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Fireworks CS5.1\Configuration\Common Library\Animations\Loader03.animation.png
[2011.03.14 19:50:30 | 000,237,114 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Fireworks CS5.1\Configuration\Common Library\Animations\Loader04.animation.png
[2011.03.10 23:49:30 | 000,003,754 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe InDesign CS5.5\Scripts\converturltohyperlink\startup scripts\ConvertURLToHyperlinkMenuItemLoader.jsx
[2007.02.19 17:59:40 | 000,011,309 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\WorkflowScriptLoader.jsx
[2007.02.19 17:59:40 | 000,001,240 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_da_DK.dat
[2007.02.19 17:59:40 | 000,001,268 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_de_DE.dat
[2007.02.19 17:59:40 | 000,001,172 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_en_US.dat
[2007.02.19 17:59:40 | 000,001,342 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_es_ES.dat
[2007.02.19 17:59:40 | 000,001,310 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_fr_FR.dat
[2007.02.19 17:59:40 | 000,001,282 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_it_IT.dat
[2007.02.19 17:59:40 | 000,001,016 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_ja_JP.dat
[2007.02.19 17:59:40 | 000,000,966 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_ko_KR.dat
[2007.02.19 17:59:40 | 000,001,198 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_nl_NL.dat
[2007.02.19 17:59:40 | 000,001,174 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_sv_SE.dat
[2007.02.19 17:59:40 | 000,000,882 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_zh_CN.dat
[2007.02.19 17:59:40 | 000,000,890 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Bridge CS3 Extensions\Adobe Workflow Automation\Resources\WorkflowScriptLoader\WorkflowScriptLoader_zh_TW.dat
[2007.03.14 17:10:18 | 000,088,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:20 | 000,025,188 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:26 | 000,032,022 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:28 | 000,032,216 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:30 | 000,027,655 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:36 | 000,030,891 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:38 | 000,032,399 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:42 | 000,032,393 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:46 | 000,022,871 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:48 | 000,025,272 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,109 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:50 | 000,032,441 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:52 | 000,032,499 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:54 | 000,032,074 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:56 | 000,032,110 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:10:58 | 000,024,996 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:00 | 000,031,772 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:02 | 000,024,463 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:04 | 000,025,054 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,032,171 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:06 | 000,024,411 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:08 | 000,025,525 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,741 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 17:11:10 | 000,032,833 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 16:35:32 | 000,004,239 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.02.23 20:01:50 | 000,002,624 | ---- | M] () -- \Program Files (x86)\NuSphere\PhpED\Mozilla Browser\components\uriloader.xpt
[2012.02.23 20:46:08 | 000,002,057 | ---- | M] () -- \Program Files (x86)\NuSphere\PhpED\Mozilla Browser\chrome\browser\content\browser\safebrowsing\sb-loader.js
[2012.11.01 10:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.01 10:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.09.05 00:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.09.05 00:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011.03.23 06:36:20 | 000,105,984 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS5.5\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_4.3.4.dll
[2011.03.23 06:36:20 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS5.5\Support Files\MXF_SDK_MetaMetadata_XSDLoader2_4.3.4.dll
[2011.03.23 06:36:20 | 000,144,896 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CS5.5\Support Files\MXF_SDK_MetaMetadata_XSDLoader_4.3.4.dll
[2011.03.15 12:23:50 | 000,105,984 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS5.5\MXF_SDK_MetaMetadata_BinaryLoader_4.3.4.dll
[2011.03.15 12:23:50 | 000,196,608 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS5.5\MXF_SDK_MetaMetadata_XSDLoader2_4.3.4.dll
[2011.03.15 12:23:50 | 000,144,896 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS5.5\MXF_SDK_MetaMetadata_XSDLoader_4.3.4.dll
[2012.06.09 20:19:37 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.06.14 11:53:55 | 000,007,761 | ---- | M] () -- \Users\Kapr\AppData\Local\SRDownloader.err
[2013.06.14 17:21:40 | 000,001,104 | ---- | M] () -- \Users\Kapr\AppData\Local\SRDownloader.nast
[2013.02.15 18:03:33 | 000,000,723 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MQQQC6U\downloaderror[1].js
[2013.02.15 18:03:33 | 000,001,174 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MQQQC6U\downloader[1].js
[2013.03.13 17:44:41 | 000,001,849 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVQJ0JFL\zoomloader[1].gif
[2013.02.15 18:03:30 | 000,003,784 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FRDNC1BC\bundleloader[1].js
[2013.01.02 18:13:29 | 000,003,885 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ1TY5A9\loader[1].js
[2013.04.15 14:41:46 | 000,003,784 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2Q6O5V7\bundleloader[1].js
[2013.04.15 14:41:48 | 000,001,174 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2Q6O5V7\downloader[1].js
[2013.07.03 16:02:06 | 000,003,032 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2Q6O5V7\loader[1].gif
[2013.04.15 14:41:48 | 000,000,723 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YN1NVJCX\downloaderror[1].js
[2013.05.23 19:10:08 | 000,003,061 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YN1NVJCX\rmsloaderdelayeddiv[1].js
[2011.09.19 12:00:00 | 000,058,854 | ---- | M] () -- \Users\Kapr\Desktop\Novicorp WinToFlash 0.7.0020 beta\Skins\Default\images\Main window - Windows XP emergency bootloader - Loader logo.bmp
[2011.09.19 12:00:00 | 000,058,854 | ---- | M] () -- \Users\Kapr\Desktop\Novicorp WinToFlash 0.7.0020 beta\Skins\Default\images\Main window - Windows XP recovery console - Loader logo.bmp
[2013.01.25 18:56:54 | 000,905,728 | ---- | M] () -- \Users\Kapr\Downloads\SRDownloader.exe
[2012.04.25 12:00:00 | 000,058,854 | ---- | M] () -- \Users\Kapr\Downloads\WinToFlash_0.7.0048-Beta\Skins\Default\images\Main window - Windows XP emergency bootloader - Loader logo.bmp
[2012.04.25 12:00:00 | 000,058,854 | ---- | M] () -- \Users\Kapr\Downloads\WinToFlash_0.7.0048-Beta\Skins\Default\images\Main window - Windows XP recovery console - Loader logo.bmp
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.12.25 21:19:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.12.25 21:19:44 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.12.25 21:19:44 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.12.25 21:19:44 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.12.25 21:19:44 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.07.17 23:01:48 | 000,004,050 | ---- | M] () -- \xampp\htdocs\coass\libraries\loader.php
[2010.07.17 23:01:58 | 000,000,584 | ---- | M] () -- \xampp\htdocs\coass\media\system\images\mootree_loader.gif
[2010.07.17 23:01:58 | 000,008,747 | ---- | M] () -- \xampp\htdocs\coass\media\system\js\uploader.js
[2010.07.17 23:01:58 | 000,001,615 | ---- | M] () -- \xampp\htdocs\coass\media\system\swf\uploader.swf
[2011.04.09 18:04:03 | 000,002,608 | ---- | M] () -- \xampp\htdocs\coass\modules\mod_djimageslider\assets\loader.gif
[2011.04.09 18:04:03 | 000,002,608 | ---- | M] () -- \xampp\htdocs\coass\modules\mod_djimagetabber\tmpl\loader.gif
[2010.08.19 05:41:22 | 000,000,529 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_corporate2\images\loader.gif
[2010.08.19 05:41:24 | 000,010,026 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_corporate2\images\k2\system\k2CalendarLoader.gif
[2010.08.19 05:41:30 | 000,001,849 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_corporate2\options\loader.gif
[2010.07.07 17:46:24 | 000,001,737 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_elvesocial\images\loader.gif
[2010.07.07 17:46:26 | 000,010,026 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_elvesocial\images\k2\system\k2CalendarLoader.gif
[2010.07.07 17:46:16 | 000,001,849 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_elvesocial\options\loader.gif
[2010.12.24 15:44:06 | 000,010,819 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_hitmusic\images\style1\gk_stuff\loader.gif
[2010.12.24 15:44:06 | 000,010,819 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_hitmusic\images\style2\gk_stuff\loader.gif
[2010.12.24 15:44:06 | 000,010,819 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_hitmusic\images\style3\gk_stuff\loader.gif
[2010.12.24 15:44:06 | 000,010,026 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_hitmusic\images\system\k2calendarloader.gif
[2010.12.24 15:44:06 | 000,001,849 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_hitmusic\options\loader.gif
[2010.08.19 05:42:42 | 000,001,737 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_memovie\images\loader.gif
[2010.08.19 05:42:48 | 000,010,026 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_memovie\images\k2\system\k2CalendarLoader.gif
[2010.08.19 05:42:54 | 000,001,849 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_memovie\options\loader.gif
[2010.08.30 19:37:14 | 000,002,545 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_party_freak\images\loader.gif
[2010.08.30 19:37:20 | 000,010,026 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_party_freak\images\k2\system\k2CalendarLoader.gif
[2010.08.30 19:37:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_party_freak\options\loader.gif
[2010.05.30 16:57:22 | 000,011,689 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_party_freak_lite\images\loader.gif
[2010.05.30 16:57:26 | 000,010,026 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_party_freak_lite\images\k2\system\k2CalendarLoader.gif
[2010.05.30 16:57:18 | 000,001,849 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_party_freak_lite\options\loader.gif
[2010.08.19 05:42:10 | 000,010,026 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_postnote\images\system\k2calendarloader.gif
[2010.08.19 05:42:10 | 000,001,849 | ---- | M] () -- \xampp\htdocs\coass\templates\gk_postnote\options\loader.gif
[2012.04.30 08:58:22 | 000,010,026 | ---- | M] () -- \xampp\htdocs\colorpark\components\com_k2\images\system\k2CalendarLoader.gif
[2012.04.30 08:58:22 | 000,000,723 | ---- | M] () -- \xampp\htdocs\colorpark\components\com_k2\images\system\searchLoader.gif
[2012.04.30 08:58:22 | 000,002,608 | ---- | M] () -- \xampp\htdocs\colorpark\components\com_k2store\images\ajax-loader.gif
[2012.09.13 08:09:02 | 000,009,621 | ---- | M] () -- \xampp\htdocs\colorpark\libraries\loader.php
[2012.04.30 08:58:24 | 000,001,737 | ---- | M] () -- \xampp\htdocs\colorpark\media\k2\assets\images\system\loader.gif
[2012.04.30 08:58:24 | 000,000,584 | ---- | M] () -- \xampp\htdocs\colorpark\media\system\images\mootree_loader.gif
[2012.09.13 08:09:02 | 000,006,278 | ---- | M] () -- \xampp\htdocs\colorpark\media\system\js\uploader-uncompressed.js
[2012.09.13 08:09:02 | 000,005,024 | ---- | M] () -- \xampp\htdocs\colorpark\media\system\js\uploader.js
[2012.04.30 08:58:24 | 000,010,222 | ---- | M] () -- \xampp\htdocs\colorpark\media\system\swf\uploader.swf
[2012.04.30 08:58:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\colorpark\modules\mod_news_pro_gk4\admin\loader.gif
[2012.04.30 08:58:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\colorpark\modules\mod_tabs_gk4\admin\loader.gif
[2013.03.26 19:17:36 | 000,011,314 | ---- | M] () -- \xampp\htdocs\fame\admin2335\themes\default\img\ajax-loader.gif
[2013.03.26 19:17:36 | 000,000,109 | ---- | M] () -- \xampp\htdocs\fame\admin2335\themes\default\img\bg_loaderSpace.png
[2013.03.26 19:17:36 | 000,008,344 | ---- | M] () -- \xampp\htdocs\fame\classes\FileUploader.php
[2013.03.26 19:17:38 | 000,001,371 | ---- | M] () -- \xampp\htdocs\fame\docs\licences\fileuploader.txt
[2013.03.26 19:17:38 | 000,000,109 | ---- | M] () -- \xampp\htdocs\fame\img\bg_loader.png
[2013.03.26 19:17:38 | 000,003,719 | ---- | M] () -- \xampp\htdocs\fame\img\loader.gif
[2013.03.26 19:17:38 | 000,011,314 | ---- | M] () -- \xampp\htdocs\fame\img\admin\ajax-loader-big.gif
[2013.03.26 19:17:38 | 000,009,427 | ---- | M] () -- \xampp\htdocs\fame\img\admin\ajax-loader-yellow.gif
[2013.03.26 19:17:38 | 000,000,673 | ---- | M] () -- \xampp\htdocs\fame\img\admin\ajax-loader.gif
[2013.03.26 19:17:38 | 000,000,723 | ---- | M] () -- \xampp\htdocs\fame\img\admin\field-loader.gif
[2013.03.26 19:17:38 | 000,035,435 | ---- | M] () -- \xampp\htdocs\fame\js\fileuploader.js
[2013.03.26 19:17:38 | 000,001,720 | ---- | M] () -- \xampp\htdocs\fame\js\cropper\loader.js
[2013.03.26 19:17:38 | 000,000,847 | ---- | M] () -- \xampp\htdocs\fame\js\jquery\plugins\treeview-categories\images\ajax-loader.gif
[2013.03.26 19:17:38 | 000,003,719 | ---- | M] () -- \xampp\htdocs\fame\modules\carriercompare\loader.gif
[2013.03.26 19:17:38 | 000,001,849 | ---- | M] () -- \xampp\htdocs\fame\modules\shopimporter\img\ajax-loader.gif
[2013.03.26 19:17:38 | 000,003,208 | ---- | M] () -- \xampp\htdocs\fame\themes\default\img\ajax-loader.gif
[2013.03.26 19:17:38 | 000,007,825 | ---- | M] () -- \xampp\htdocs\fame\themes\default\mobile\img\ajax-loader.gif
[2013.03.26 19:17:38 | 000,000,340 | ---- | M] () -- \xampp\htdocs\fame\themes\default\mobile\img\ajax-loader.png
[2013.03.26 19:17:38 | 000,000,910 | ---- | M] () -- \xampp\htdocs\fame\tools\swift\Swift\ClassLoader.php
[2013.02.03 23:23:50 | 000,009,621 | ---- | M] () -- \xampp\htdocs\famecz\libraries\loader.php
[2013.01.23 09:26:44 | 000,000,584 | ---- | M] () -- \xampp\htdocs\famecz\media\system\images\mootree_loader.gif
[2013.02.03 23:23:50 | 000,006,278 | ---- | M] () -- \xampp\htdocs\famecz\media\system\js\uploader-uncompressed.js
[2013.02.03 23:23:50 | 000,005,024 | ---- | M] () -- \xampp\htdocs\famecz\media\system\js\uploader.js
[2013.01.23 09:26:44 | 000,010,222 | ---- | M] () -- \xampp\htdocs\famecz\media\system\swf\uploader.swf
[2013.02.22 09:33:04 | 000,001,760 | ---- | M] () -- \xampp\htdocs\famecz\modules\~mod_sj_virtuemart\core\vmloader.php
[2013.02.21 16:26:20 | 000,001,760 | ---- | M] () -- \xampp\htdocs\famecz\modules\mod_sj_virtuemart\core\vmloader.php
[2013.03.12 11:06:32 | 000,001,757 | ---- | M] () -- \xampp\htdocs\famecz\modules\mod_sj_vm_slideshow_res\core\vmloader.php
[2013.03.29 17:53:54 | 000,006,331 | ---- | M] () -- \xampp\htdocs\famecz\plugins\system\ytshortcodes\assets\images\prettyPhoto\default\loader.gif
[2013.02.22 10:45:54 | 000,001,737 | ---- | M] () -- \xampp\htdocs\famecz\plugins\vmpayment\klarna\klarna\assets\images\share\loader1.gif
[2012.11.27 12:24:30 | 000,000,398 | ---- | M] () -- \xampp\htdocs\famecz\templates\sj_jare25\menusys\ytloader.php
[2012.11.07 02:22:08 | 000,008,955 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_roksprocket\assets\images\loader-128.gif
[2012.11.07 02:22:08 | 000,002,362 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_roksprocket\assets\images\loader-16-transparent.gif
[2012.11.07 02:22:08 | 000,002,191 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_roksprocket\assets\images\loader-16.gif
[2012.11.07 02:22:08 | 000,003,945 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_roksprocket\assets\images\loader-32-transparent.gif
[2012.11.07 02:22:08 | 000,002,828 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_roksprocket\assets\images\loader-32.gif
[2012.11.07 02:22:08 | 000,005,353 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_roksprocket\assets\images\loader-64.gif
[2012.10.16 14:44:36 | 000,002,193 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_widgetkit\images\loader.gif
[2012.10.16 14:44:36 | 000,003,208 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_widgetkit\images\loader_big.gif
[2012.11.10 03:04:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_zoo\assets\images\loader.gif
[2012.11.10 03:04:24 | 000,000,999 | ---- | M] () -- \xampp\htdocs\fdi\administrator\components\com_zoo\framework\helpers\loader.php
[2012.09.13 18:09:00 | 000,009,621 | ---- | M] () -- \xampp\htdocs\fdi\libraries\loader.php
[2012.11.07 02:22:06 | 000,010,333 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\ClassLoader.php
[2012.11.07 02:22:06 | 000,002,313 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\ClassLoader\AbstractLoader.php
[2012.11.07 02:22:06 | 000,001,171 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\ClassLoader\ApcLoader.php
[2012.11.07 02:22:06 | 000,000,767 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\ClassLoader\BasicLoader.php
[2012.11.07 02:22:06 | 000,000,956 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\ClassLoader\LoaderFactory.php
[2012.11.07 02:22:06 | 000,004,164 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\ClassLoader\PrefixedLoader.php
[2012.11.07 02:22:06 | 000,001,214 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\ClassLoader\XcacheLoader.php
[2012.11.07 02:22:06 | 000,001,269 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\Form\ItemLoader.php
[2012.11.07 02:22:06 | 000,002,627 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\Form\Loader.php
[2012.11.07 02:22:06 | 000,003,403 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\Service\Container\AbstractLoader.php
[2012.11.07 02:22:06 | 000,001,207 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\Service\Container\Autoloader.php
[2012.11.07 02:22:06 | 000,000,638 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\RokCommon\Service\Container\Loader.php
[2012.09.13 18:09:00 | 000,000,584 | ---- | M] () -- \xampp\htdocs\fdi\media\system\images\mootree_loader.gif
[2012.09.13 18:09:00 | 000,006,278 | ---- | M] () -- \xampp\htdocs\fdi\media\system\js\uploader-uncompressed.js
[2012.09.13 18:09:00 | 000,005,024 | ---- | M] () -- \xampp\htdocs\fdi\media\system\js\uploader.js
[2012.09.13 18:09:00 | 000,010,222 | ---- | M] () -- \xampp\htdocs\fdi\media\system\swf\uploader.swf
[2012.10.16 14:44:36 | 000,002,157 | ---- | M] () -- \xampp\htdocs\fdi\media\widgetkit\widgets\slideshow\js\lazyloader.js
[2012.11.10 03:04:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\fdi\media\zoo\assets\images\loader.gif
[2012.07.03 10:59:10 | 000,001,497 | ---- | M] () -- \xampp\htdocs\fdi\templates\wt_churchy\images\searchbox_loader.gif
[2012.10.15 17:05:50 | 000,001,786 | ---- | M] () -- \xampp\htdocs\fdi\templates\wt_churchy\warp\config\images\loader.gif
[2011.05.07 20:56:42 | 000,004,509 | ---- | M] () -- \xampp\htdocs\fdi2\components\com_foxcontact\helpers\fajaxuploader.php
[2011.05.07 20:56:42 | 000,004,823 | ---- | M] () -- \xampp\htdocs\fdi2\components\com_foxcontact\helpers\fuploader.php
[2011.05.07 20:56:42 | 000,006,144 | ---- | M] () -- \xampp\htdocs\fdi2\components\com_foxcontact\helpers\qqfileuploader.php

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 10:50
od K.a.p.r
[2011.05.07 20:56:42 | 000,021,485 | ---- | M] () -- \xampp\htdocs\fdi2\components\com_foxcontact\js\fileuploader-min.js
[2011.05.07 20:56:42 | 000,040,524 | ---- | M] () -- \xampp\htdocs\fdi2\components\com_foxcontact\js\fileuploader.js
[2012.05.21 11:31:16 | 000,007,773 | ---- | M] () -- \xampp\htdocs\fdi2\libraries\loader.php
[2012.03.15 17:25:04 | 000,001,786 | ---- | M] () -- \xampp\htdocs\fdi2\libraries\cms\cmsloader.php
[2012.05.21 11:31:44 | 000,001,180 | ---- | M] () -- \xampp\htdocs\fdi2\libraries\gantry\core\gantryloader.class.php
[2012.03.15 17:25:10 | 000,000,584 | ---- | M] () -- \xampp\htdocs\fdi2\media\system\images\mootree_loader.gif
[2012.05.21 11:31:16 | 000,006,278 | ---- | M] () -- \xampp\htdocs\fdi2\media\system\js\uploader-uncompressed.js
[2012.05.21 11:31:16 | 000,005,024 | ---- | M] () -- \xampp\htdocs\fdi2\media\system\js\uploader.js
[2012.03.15 17:25:10 | 000,010,222 | ---- | M] () -- \xampp\htdocs\fdi2\media\system\swf\uploader.swf
[2011.05.08 16:29:08 | 000,002,608 | ---- | M] () -- \xampp\htdocs\fdi2\modules\mod_djimageslider\assets\loader.gif
[2011.06.13 13:39:38 | 000,001,849 | ---- | M] () -- \xampp\htdocs\fdi2\modules\mod_highlighter_gk4\admin\loader.gif
[2011.05.27 12:35:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\fdi2\modules\mod_news_pro_gk4\admin\loader.gif
[2011.05.09 00:09:08 | 000,001,849 | ---- | M] () -- \xampp\htdocs\fdi2\modules\mod_tabs_gk4\admin\loader.gif
[2010.03.10 19:48:54 | 000,138,064 | ---- | M] () -- \xampp\htdocs\FPH\administrator\components\com_properties\includes\img\ajax-loader.gif
[2010.03.10 19:48:51 | 000,138,064 | ---- | M] () -- \xampp\htdocs\FPH\components\com_properties\includes\img\ajax-loader.gif
[2009.11.04 13:45:04 | 000,004,052 | ---- | M] () -- \xampp\htdocs\FPH\libraries\loader.php
[2009.11.04 13:45:20 | 000,000,584 | ---- | M] () -- \xampp\htdocs\FPH\media\system\images\mootree_loader.gif
[2009.11.04 13:45:20 | 000,008,747 | ---- | M] () -- \xampp\htdocs\FPH\media\system\js\uploader.js
[2009.11.04 13:45:18 | 000,001,615 | ---- | M] () -- \xampp\htdocs\FPH\media\system\swf\uploader.swf
[2010.01.26 08:10:00 | 000,004,050 | ---- | M] () -- \xampp\htdocs\htn\libraries\loader.php
[2007.08.30 20:19:40 | 000,000,584 | ---- | M] () -- \xampp\htdocs\htn\media\system\images\mootree_loader.gif
[2008.08.21 05:09:58 | 000,008,747 | ---- | M] () -- \xampp\htdocs\htn\media\system\js\uploader.js
[2007.07.16 13:15:44 | 000,001,615 | ---- | M] () -- \xampp\htdocs\htn\media\system\swf\uploader.swf
[2011.05.30 16:29:06 | 000,002,608 | ---- | M] () -- \xampp\htdocs\htn\modules\mod_djimageslider\assets\loader.gif
[2011.05.30 16:29:06 | 000,002,608 | ---- | M] () -- \xampp\htdocs\htn\modules\mod_djimagetabber\tmpl\loader.gif
[2010.07.17 23:41:14 | 000,004,050 | ---- | M] () -- \xampp\htdocs\Joomla\libraries\loader.php
[2008.07.27 01:25:06 | 000,000,584 | ---- | M] () -- \xampp\htdocs\Joomla\media\system\images\mootree_loader.gif
[2009.11.04 14:55:58 | 000,008,747 | ---- | M] () -- \xampp\htdocs\Joomla\media\system\js\uploader.js
[2008.07.27 01:25:04 | 000,001,615 | ---- | M] () -- \xampp\htdocs\Joomla\media\system\swf\uploader.swf
[2008.08.15 16:10:51 | 000,008,787 | ---- | M] () -- \xampp\htdocs\Joomla\templates\gamevision\images\loader.gif
[2008.08.10 17:29:14 | 000,000,668 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_teline_ii\highslide\graphics\loader.gif
[2008.08.10 17:29:14 | 000,000,673 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_teline_ii\highslide\graphics\loader.white.gif
[2008.08.15 16:26:20 | 000,004,204 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_zebrina\images\ajax-loader-brick.gif
[2008.08.15 16:26:20 | 000,004,204 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_zebrina\images\ajax-loader-cyan.gif
[2008.08.15 16:26:20 | 000,004,204 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_zebrina\images\ajax-loader-default.gif
[2008.08.15 16:26:20 | 000,004,204 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_zebrina\images\ajax-loader-green.gif
[2008.08.15 16:26:20 | 000,004,204 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_zebrina\images\ajax-loader-light.gif
[2008.08.15 16:26:20 | 000,005,874 | ---- | M] () -- \xampp\htdocs\Joomla\templates\ja_zebrina\scripts\ja.moduleloader.ajax.js
[2008.08.15 16:35:13 | 000,001,735 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_bentobox_j15\rt_styleloader.php
[2008.08.15 16:36:13 | 000,001,386 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_catalyst_j15\rt_styleloader.php
[2008.08.15 16:40:17 | 000,001,791 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_colormatic_j15\rt_styleloader.php
[2008.08.15 16:40:43 | 000,001,735 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_elemental_j15\rt_styleloader.php
[2008.08.15 16:41:08 | 000,000,414 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_elixer2.0_j15\rt_styleloader.php
[2008.08.15 16:42:19 | 000,001,433 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_hivemind_j15\rt_styleloader.php
[2008.08.15 16:44:46 | 000,001,339 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_hyperion_j15\rt_styleloader.php
[2008.08.15 16:45:53 | 000,001,385 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_chromatophore\rt_styleloader.php
[2008.08.15 16:46:45 | 000,002,149 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_mobius_j15\rt_styleloader.php
[2008.08.15 16:47:14 | 000,001,584 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_novus_j15\rt_styleloader.php
[2008.08.14 15:33:28 | 000,001,337 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_perihelion_j15\rt_styleloader.php
[2008.08.15 16:47:30 | 000,001,735 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_replicant_j15\rt_styleloader.php
[2008.08.15 16:47:31 | 000,001,878 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_replicant_j15\images\loader.gif
[2008.08.10 17:24:04 | 000,001,582 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_simplix_j15\rt_styleloader.php
[2008.08.10 17:23:24 | 000,001,337 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_terrantribune_dark_j15\rt_styleloader.php
[2008.08.15 16:49:40 | 000,001,735 | ---- | M] () -- \xampp\htdocs\Joomla\templates\rt_vortex_j15\rt_styleloader.php
[2013.03.12 00:55:07 | 000,002,545 | ---- | M] () -- \xampp\htdocs\kovarstvijencek\assets\img\prettyPhoto\dark_rounded\loader.gif
[2013.03.12 00:55:07 | 000,002,545 | ---- | M] () -- \xampp\htdocs\kovarstvijencek\assets\img\prettyPhoto\dark_square\loader.gif
[2013.03.12 00:55:06 | 000,006,331 | ---- | M] () -- \xampp\htdocs\kovarstvijencek\assets\img\prettyPhoto\default\loader.gif
[2013.03.12 00:55:07 | 000,002,545 | ---- | M] () -- \xampp\htdocs\kovarstvijencek\assets\img\prettyPhoto\facebook\loader.gif
[2013.03.12 00:55:08 | 000,002,545 | ---- | M] () -- \xampp\htdocs\kovarstvijencek\assets\img\prettyPhoto\light_rounded\loader.gif
[2012.10.22 20:26:41 | 000,001,714 | ---- | M] () -- \xampp\htdocs\laurakean\administrator\components\com_jce\includes\loader.php
[2012.10.22 17:07:35 | 000,009,621 | ---- | M] () -- \xampp\htdocs\laurakean\libraries\loader.php
[2012.10.22 20:25:59 | 000,001,101 | ---- | M] () -- \xampp\htdocs\laurakean\libraries\gantry\core\gantryloader.class.php
[2012.10.22 17:07:48 | 000,000,584 | ---- | M] () -- \xampp\htdocs\laurakean\media\system\images\mootree_loader.gif
[2012.10.22 17:07:48 | 000,006,278 | ---- | M] () -- \xampp\htdocs\laurakean\media\system\js\uploader-uncompressed.js
[2012.10.22 17:07:48 | 000,005,024 | ---- | M] () -- \xampp\htdocs\laurakean\media\system\js\uploader.js
[2012.10.22 17:07:49 | 000,010,222 | ---- | M] () -- \xampp\htdocs\laurakean\media\system\swf\uploader.swf
[2011.08.14 16:31:32 | 000,001,849 | ---- | M] () -- \xampp\htdocs\laurakean\modules\mod_jt_superfish_menu\admin\loader.gif
[2011.09.26 13:49:02 | 000,001,849 | ---- | M] () -- \xampp\htdocs\laurakean\modules\mod_tabs_gk4\admin\loader.gif
[2008.06.07 12:34:26 | 000,004,240 | ---- | M] () -- \xampp\htdocs\lolite\libraries\loader.php
[2008.06.07 12:34:26 | 000,000,584 | ---- | M] () -- \xampp\htdocs\lolite\media\system\images\mootree_loader.gif
[2008.06.07 12:34:26 | 000,009,009 | ---- | M] () -- \xampp\htdocs\lolite\media\system\js\uploader.js
[2008.06.07 12:34:26 | 000,001,615 | ---- | M] () -- \xampp\htdocs\lolite\media\system\swf\uploader.swf
[2008.06.07 12:34:26 | 000,000,419 | ---- | M] () -- \xampp\htdocs\lolite\modules\mod_janewsflash\ja_newsflash\ja-loader.js
[2008.06.07 12:34:26 | 000,009,994 | ---- | M] () -- \xampp\htdocs\lolite\modules\mod_janewsflash\ja_newsflash\ja-newsflashloader.php
[2011.08.16 20:31:12 | 000,001,570 | ---- | M] () -- \xampp\htdocs\obis\administrator\components\com_jce\includes\loader.php
[2011.10.01 13:19:46 | 000,002,545 | ---- | M] () -- \xampp\htdocs\obis\components\com_vportfolio\images\prettyPhoto\loader.gif
[2011.10.11 17:27:08 | 000,005,927 | ---- | M] () -- \xampp\htdocs\obis\libraries\loader.php
[2011.10.11 17:32:26 | 000,001,184 | ---- | M] () -- \xampp\htdocs\obis\libraries\gantry\core\gantryloader.class.php
[2011.10.11 17:27:16 | 000,000,584 | ---- | M] () -- \xampp\htdocs\obis\media\system\images\mootree_loader.gif
[2011.10.11 17:27:16 | 000,006,252 | ---- | M] () -- \xampp\htdocs\obis\media\system\js\uploader-uncompressed.js
[2011.10.11 17:27:16 | 000,004,967 | ---- | M] () -- \xampp\htdocs\obis\media\system\js\uploader.js
[2011.10.11 17:27:16 | 000,010,222 | ---- | M] () -- \xampp\htdocs\obis\media\system\swf\uploader.swf
[2011.08.14 16:31:32 | 000,001,849 | ---- | M] () -- \xampp\htdocs\obis\modules\mod_jt_superfish_menu\admin\loader.gif
[2011.09.26 13:49:02 | 000,001,849 | ---- | M] () -- \xampp\htdocs\obis\modules\mod_tabs_gk4\admin\loader.gif
[2008.03.13 11:41:20 | 000,000,668 | ---- | M] () -- \xampp\htdocs\portal\components\com_rsgallery2\js_highslide\graphics\loader.gif
[2008.03.13 11:41:20 | 000,000,584 | ---- | M] () -- \xampp\htdocs\portal\components\com_rsgallery2\lib\j15backport\includes\media\system\images\mootree_loader.gif
[2008.03.13 11:41:20 | 000,009,009 | ---- | M] () -- \xampp\htdocs\portal\components\com_rsgallery2\lib\j15backport\includes\media\system\js\uploader.js
[2008.03.13 11:41:20 | 000,001,615 | ---- | M] () -- \xampp\htdocs\portal\components\com_rsgallery2\lib\j15backport\includes\media\system\swf\uploader.swf
[2008.03.13 11:41:20 | 000,002,414 | ---- | M] () -- \xampp\htdocs\portal\components\com_rsgallery2\lib\j15backport\libraries\loader.php
[2008.04.01 11:34:48 | 000,004,240 | ---- | M] () -- \xampp\htdocs\portal\libraries\loader.php
[2008.03.13 11:41:20 | 000,000,584 | ---- | M] () -- \xampp\htdocs\portal\media\system\images\mootree_loader.gif
[2008.03.13 11:41:20 | 000,009,009 | ---- | M] () -- \xampp\htdocs\portal\media\system\js\uploader.js
[2008.03.13 11:41:20 | 000,001,615 | ---- | M] () -- \xampp\htdocs\portal\media\system\swf\uploader.swf
[2007.01.04 20:43:10 | 000,001,973 | ---- | M] () -- \xampp\htdocs\pradlo\components\com_virtuemart\js\greybox\loader_frame.html
[2010.07.17 23:01:48 | 000,004,050 | ---- | M] () -- \xampp\htdocs\pradlo\libraries\loader.php
[2010.07.17 23:01:58 | 000,000,584 | ---- | M] () -- \xampp\htdocs\pradlo\media\system\images\mootree_loader.gif
[2010.07.17 23:01:58 | 000,008,747 | ---- | M] () -- \xampp\htdocs\pradlo\media\system\js\uploader.js
[2010.07.17 23:01:58 | 000,001,615 | ---- | M] () -- \xampp\htdocs\pradlo\media\system\swf\uploader.swf
[2008.12.01 17:37:58 | 000,003,719 | ---- | M] () -- \xampp\htdocs\presta\img\loader.gif
[2011.07.25 02:39:48 | 000,011,314 | ---- | M] () -- \xampp\htdocs\presta\img\admin\ajax-loader-big.gif
[2009.11.09 16:41:38 | 000,000,673 | ---- | M] () -- \xampp\htdocs\presta\img\admin\ajax-loader.gif
[2011.07.21 12:34:44 | 000,000,847 | ---- | M] () -- \xampp\htdocs\presta\img\admin\jquery-treeview\ajax-loader.gif
[2011.05.23 10:11:44 | 000,001,720 | ---- | M] () -- \xampp\htdocs\presta\js\cropper\loader.js
[2011.11.29 10:44:14 | 000,003,719 | ---- | M] () -- \xampp\htdocs\presta\modules\carriercompare\loader.gif
[2011.06.01 17:01:46 | 000,000,847 | ---- | M] () -- \xampp\htdocs\presta\modules\mondialrelay\images\loader.gif
[2011.01.24 16:27:20 | 000,001,849 | ---- | M] () -- \xampp\htdocs\presta\modules\shopimporter\img\ajax-loader.gif
[2012.02.12 22:37:40 | 000,003,208 | ---- | M] () -- \xampp\htdocs\presta\modules\themeinstallator\import\themes\prestashop-christmas-theme-2011\img\ajax-loader.gif
[2012.02.12 22:33:32 | 000,003,208 | ---- | M] () -- \xampp\htdocs\presta\modules\themes\prestashop-christmas-theme-2011\img\ajax-loader.gif
[2011.04.07 13:09:20 | 000,004,176 | ---- | M] () -- \xampp\htdocs\presta\modules\twenga\ajax-loader.gif
[2011.03.02 17:50:00 | 000,003,208 | ---- | M] () -- \xampp\htdocs\presta\themes\prestashop\img\ajax-loader.gif
[2012.02.12 22:37:48 | 000,003,208 | ---- | M] () -- \xampp\htdocs\presta\themes\prestashop-christmas-theme-2011\img\ajax-loader.gif
[2011.05.23 10:11:44 | 000,000,910 | ---- | M] () -- \xampp\htdocs\presta\tools\swift\Swift\ClassLoader.php
[2013.03.26 19:17:36 | 000,011,314 | ---- | M] () -- \xampp\htdocs\prestapokus\admin2038\themes\default\img\ajax-loader.gif
[2013.03.26 19:17:36 | 000,000,109 | ---- | M] () -- \xampp\htdocs\prestapokus\admin2038\themes\default\img\bg_loaderSpace.png
[2013.03.26 19:17:36 | 000,008,344 | ---- | M] () -- \xampp\htdocs\prestapokus\classes\FileUploader.php
[2013.03.26 19:17:38 | 000,001,371 | ---- | M] () -- \xampp\htdocs\prestapokus\docs\licences\fileuploader.txt
[2013.03.26 19:17:38 | 000,000,109 | ---- | M] () -- \xampp\htdocs\prestapokus\img\bg_loader.png
[2013.03.26 19:17:38 | 000,003,719 | ---- | M] () -- \xampp\htdocs\prestapokus\img\loader.gif
[2013.03.26 19:17:38 | 000,011,314 | ---- | M] () -- \xampp\htdocs\prestapokus\img\admin\ajax-loader-big.gif
[2013.03.26 19:17:38 | 000,009,427 | ---- | M] () -- \xampp\htdocs\prestapokus\img\admin\ajax-loader-yellow.gif
[2013.03.26 19:17:38 | 000,000,673 | ---- | M] () -- \xampp\htdocs\prestapokus\img\admin\ajax-loader.gif
[2013.03.26 19:17:38 | 000,000,723 | ---- | M] () -- \xampp\htdocs\prestapokus\img\admin\field-loader.gif
[2013.03.26 19:17:38 | 000,035,435 | ---- | M] () -- \xampp\htdocs\prestapokus\js\fileuploader.js
[2013.03.26 19:17:38 | 000,001,720 | ---- | M] () -- \xampp\htdocs\prestapokus\js\cropper\loader.js
[2013.03.26 19:17:38 | 000,000,847 | ---- | M] () -- \xampp\htdocs\prestapokus\js\jquery\plugins\treeview-categories\images\ajax-loader.gif
[2013.03.26 19:17:38 | 000,003,719 | ---- | M] () -- \xampp\htdocs\prestapokus\modules\carriercompare\loader.gif
[2013.03.26 19:17:38 | 000,001,849 | ---- | M] () -- \xampp\htdocs\prestapokus\modules\shopimporter\img\ajax-loader.gif
[2013.03.26 19:17:38 | 000,003,208 | ---- | M] () -- \xampp\htdocs\prestapokus\themes\default\img\ajax-loader.gif
[2013.03.26 19:17:38 | 000,007,825 | ---- | M] () -- \xampp\htdocs\prestapokus\themes\default\mobile\img\ajax-loader.gif
[2013.03.26 19:17:38 | 000,000,340 | ---- | M] () -- \xampp\htdocs\prestapokus\themes\default\mobile\img\ajax-loader.png
[2013.03.26 19:17:38 | 000,000,910 | ---- | M] () -- \xampp\htdocs\prestapokus\tools\swift\Swift\ClassLoader.php
[2012.04.30 08:58:22 | 000,010,026 | ---- | M] () -- \xampp\htdocs\rapidsped\components\com_k2\images\system\k2CalendarLoader.gif
[2012.04.30 08:58:22 | 000,000,723 | ---- | M] () -- \xampp\htdocs\rapidsped\components\com_k2\images\system\searchLoader.gif
[2012.04.30 08:58:22 | 000,002,608 | ---- | M] () -- \xampp\htdocs\rapidsped\components\com_k2store\images\ajax-loader.gif
[2012.04.30 08:58:24 | 000,007,773 | ---- | M] () -- \xampp\htdocs\rapidsped\libraries\loader.php
[2012.04.30 08:58:24 | 000,001,786 | ---- | M] () -- \xampp\htdocs\rapidsped\libraries\cms\cmsloader.php
[2012.04.30 08:58:24 | 000,001,737 | ---- | M] () -- \xampp\htdocs\rapidsped\media\k2\assets\images\system\loader.gif
[2012.04.30 08:58:24 | 000,000,584 | ---- | M] () -- \xampp\htdocs\rapidsped\media\system\images\mootree_loader.gif
[2012.04.30 08:58:24 | 000,006,278 | ---- | M] () -- \xampp\htdocs\rapidsped\media\system\js\uploader-uncompressed.js
[2012.04.30 08:58:24 | 000,005,024 | ---- | M] () -- \xampp\htdocs\rapidsped\media\system\js\uploader.js
[2012.04.30 08:58:24 | 000,010,222 | ---- | M] () -- \xampp\htdocs\rapidsped\media\system\swf\uploader.swf
[2012.04.30 08:58:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\rapidsped\modules\mod_news_pro_gk4\admin\loader.gif
[2012.04.30 08:58:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\rapidsped\modules\mod_tabs_gk4\admin\loader.gif
[2011.08.16 20:31:12 | 000,001,570 | ---- | M] () -- \xampp\htdocs\rcnachod\administrator\components\com_jce\includes\loader.php
[2011.10.01 13:19:46 | 000,002,545 | ---- | M] () -- \xampp\htdocs\rcnachod\components\com_vportfolio\images\prettyPhoto\loader.gif
[2012.09.26 18:20:41 | 000,009,621 | ---- | M] () -- \xampp\htdocs\rcnachod\libraries\loader.php
[2011.10.11 17:32:26 | 000,001,184 | ---- | M] () -- \xampp\htdocs\rcnachod\libraries\gantry\core\gantryloader.class.php
[2012.09.26 18:20:54 | 000,000,584 | ---- | M] () -- \xampp\htdocs\rcnachod\media\system\images\mootree_loader.gif
[2012.09.26 18:20:54 | 000,006,278 | ---- | M] () -- \xampp\htdocs\rcnachod\media\system\js\uploader-uncompressed.js
[2012.09.26 18:20:54 | 000,005,024 | ---- | M] () -- \xampp\htdocs\rcnachod\media\system\js\uploader.js
[2012.09.26 18:20:55 | 000,010,222 | ---- | M] () -- \xampp\htdocs\rcnachod\media\system\swf\uploader.swf
[2011.08.14 16:31:32 | 000,001,849 | ---- | M] () -- \xampp\htdocs\rcnachod\modules\mod_jt_superfish_menu\admin\loader.gif
[2011.09.26 13:49:02 | 000,001,849 | ---- | M] () -- \xampp\htdocs\rcnachod\modules\mod_tabs_gk4\admin\loader.gif
[2012.09.19 21:32:39 | 000,002,084 | ---- | M] () -- \xampp\htdocs\studiosun\greybox\loader_frame.html
[2013.01.30 18:57:10 | 000,010,026 | ---- | M] () -- \xampp\htdocs\teamrebels\components\com_k2\images\system\k2CalendarLoader.gif
[2013.01.30 18:57:10 | 000,000,723 | ---- | M] () -- \xampp\htdocs\teamrebels\components\com_k2\images\system\searchLoader.gif
[2012.11.07 10:23:40 | 000,009,621 | ---- | M] () -- \xampp\htdocs\teamrebels\libraries\loader.php
[2013.01.30 18:57:11 | 000,001,737 | ---- | M] () -- \xampp\htdocs\teamrebels\media\k2\assets\images\system\loader.gif
[2012.01.26 23:40:48 | 000,000,584 | ---- | M] () -- \xampp\htdocs\teamrebels\media\system\images\mootree_loader.gif
[2012.11.07 10:23:40 | 000,006,278 | ---- | M] () -- \xampp\htdocs\teamrebels\media\system\js\uploader-uncompressed.js
[2012.11.07 10:23:40 | 000,005,024 | ---- | M] () -- \xampp\htdocs\teamrebels\media\system\js\uploader.js
[2012.01.26 23:40:48 | 000,010,222 | ---- | M] () -- \xampp\htdocs\teamrebels\media\system\swf\uploader.swf
[2012.03.24 09:52:18 | 000,007,542 | ---- | M] () -- \xampp\htdocs\teamrebels\modules\mod_dnp_skitter\assets\images\ajax-loader.gif
[2012.03.24 09:52:18 | 000,003,208 | ---- | M] () -- \xampp\htdocs\teamrebels\modules\mod_dnp_skitter\assets\images\ajax-loader1.gif
[2012.07.05 16:21:20 | 000,001,849 | ---- | M] () -- \xampp\htdocs\teamrebels\modules\mod_news_pro_gk4\admin\loader.gif
[2013.01.30 18:56:47 | 000,001,221 | ---- | M] () -- \xampp\htdocs\teamrebels\plugins\system\jat3\jat3\core\element\loader.php
[2011.10.18 02:05:36 | 000,002,545 | ---- | M] () -- \xampp\htdocs\teamrebels\plugins\system\rokbox\themes\clean\ajax-loader.gif
[2011.10.18 02:05:36 | 000,003,208 | ---- | M] () -- \xampp\htdocs\teamrebels\plugins\system\rokbox\themes\dark\ajax-loader.gif
[2011.10.18 02:05:36 | 000,003,208 | ---- | M] () -- \xampp\htdocs\teamrebels\plugins\system\rokbox\themes\light\ajax-loader.gif
[2011.10.18 02:05:36 | 000,003,208 | ---- | M] () -- \xampp\htdocs\teamrebels\plugins\system\rokbox\themes\mynxx\ajax-loader.gif
[2008.12.01 16:37:58 | 000,003,719 | ---- | M] () -- \xampp\htdocs\tonerynaplne\img\loader.gif
[2011.07.25 01:39:48 | 000,011,314 | ---- | M] () -- \xampp\htdocs\tonerynaplne\img\admin\ajax-loader-big.gif
[2009.11.09 15:41:38 | 000,000,673 | ---- | M] () -- \xampp\htdocs\tonerynaplne\img\admin\ajax-loader.gif
[2011.07.21 11:34:44 | 000,000,847 | ---- | M] () -- \xampp\htdocs\tonerynaplne\img\admin\jquery-treeview\ajax-loader.gif
[2011.05.23 09:11:44 | 000,001,720 | ---- | M] () -- \xampp\htdocs\tonerynaplne\js\cropper\loader.js
[2011.11.29 09:44:14 | 000,003,719 | ---- | M] () -- \xampp\htdocs\tonerynaplne\modules\carriercompare\loader.gif
[2012.04.18 18:27:32 | 000,001,018 | ---- | M] () -- \xampp\htdocs\tonerynaplne\modules\jirafe\vendor\jirafe-php-client\src\Jirafe\Autoloader.php
[2011.06.01 16:01:46 | 000,000,847 | ---- | M] () -- \xampp\htdocs\tonerynaplne\modules\mondialrelay\images\loader.gif
[2011.01.24 15:27:20 | 000,001,849 | ---- | M] () -- \xampp\htdocs\tonerynaplne\modules\shopimporter\img\ajax-loader.gif
[2011.04.07 12:09:20 | 000,004,176 | ---- | M] () -- \xampp\htdocs\tonerynaplne\modules\twenga\ajax-loader.gif
[2011.03.02 16:50:00 | 000,003,208 | ---- | M] () -- \xampp\htdocs\tonerynaplne\themes\prestashop\img\ajax-loader.gif
[2011.05.23 09:11:44 | 000,000,910 | ---- | M] () -- \xampp\htdocs\tonerynaplne\tools\swift\Swift\ClassLoader.php
[2012.03.05 14:39:34 | 000,007,756 | ---- | M] () -- \xampp\htdocs\vvs\libraries\loader.php
[2012.03.05 14:39:34 | 000,001,786 | ---- | M] () -- \xampp\htdocs\vvs\libraries\cms\cmsloader.php
[2012.03.05 14:39:34 | 000,000,584 | ---- | M] () -- \xampp\htdocs\vvs\media\system\images\mootree_loader.gif
[2012.03.05 14:39:34 | 000,006,252 | ---- | M] () -- \xampp\htdocs\vvs\media\system\js\uploader-uncompressed.js
[2012.03.05 14:39:34 | 000,004,967 | ---- | M] () -- \xampp\htdocs\vvs\media\system\js\uploader.js
[2012.03.05 14:39:34 | 000,010,222 | ---- | M] () -- \xampp\htdocs\vvs\media\system\swf\uploader.swf
[2012.04.30 08:58:22 | 000,010,026 | ---- | M] () -- \xampp\htdocs\yellowhouse\components\com_k2\images\system\k2CalendarLoader.gif
[2012.04.30 08:58:22 | 000,000,723 | ---- | M] () -- \xampp\htdocs\yellowhouse\components\com_k2\images\system\searchLoader.gif
[2012.04.30 08:58:22 | 000,002,608 | ---- | M] () -- \xampp\htdocs\yellowhouse\components\com_k2store\images\ajax-loader.gif
[2012.04.30 08:58:24 | 000,007,773 | ---- | M] () -- \xampp\htdocs\yellowhouse\libraries\loader.php
[2012.04.30 08:58:24 | 000,001,786 | ---- | M] () -- \xampp\htdocs\yellowhouse\libraries\cms\cmsloader.php
[2012.04.30 08:58:24 | 000,001,737 | ---- | M] () -- \xampp\htdocs\yellowhouse\media\k2\assets\images\system\loader.gif
[2012.04.30 08:58:24 | 000,000,584 | ---- | M] () -- \xampp\htdocs\yellowhouse\media\system\images\mootree_loader.gif
[2012.04.30 08:58:24 | 000,006,278 | ---- | M] () -- \xampp\htdocs\yellowhouse\media\system\js\uploader-uncompressed.js
[2012.04.30 08:58:24 | 000,005,024 | ---- | M] () -- \xampp\htdocs\yellowhouse\media\system\js\uploader.js
[2012.04.30 08:58:24 | 000,010,222 | ---- | M] () -- \xampp\htdocs\yellowhouse\media\system\swf\uploader.swf
[2012.04.30 08:58:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\yellowhouse\modules\mod_news_pro_gk4\admin\loader.gif
[2012.04.30 08:58:24 | 000,001,849 | ---- | M] () -- \xampp\htdocs\yellowhouse\modules\mod_tabs_gk4\admin\loader.gif
[2008.12.01 17:37:58 | 000,003,719 | ---- | M] () -- \xampp\htdocs\zahradnisen\img\loader.gif
[2011.07.25 02:39:48 | 000,011,314 | ---- | M] () -- \xampp\htdocs\zahradnisen\img\admin\ajax-loader-big.gif
[2009.11.09 16:41:38 | 000,000,673 | ---- | M] () -- \xampp\htdocs\zahradnisen\img\admin\ajax-loader.gif
[2011.07.21 12:34:44 | 000,000,847 | ---- | M] () -- \xampp\htdocs\zahradnisen\img\admin\jquery-treeview\ajax-loader.gif
[2011.05.23 10:11:44 | 000,001,720 | ---- | M] () -- \xampp\htdocs\zahradnisen\js\cropper\loader.js
[2011.11.29 10:44:14 | 000,003,719 | ---- | M] () -- \xampp\htdocs\zahradnisen\modules\carriercompare\loader.gif
[2011.06.01 17:01:46 | 000,000,847 | ---- | M] () -- \xampp\htdocs\zahradnisen\modules\mondialrelay\images\loader.gif
[2011.01.24 16:27:20 | 000,001,849 | ---- | M] () -- \xampp\htdocs\zahradnisen\modules\shopimporter\img\ajax-loader.gif
[2011.04.07 13:09:20 | 000,004,176 | ---- | M] () -- \xampp\htdocs\zahradnisen\modules\twenga\ajax-loader.gif
[2011.03.02 17:50:00 | 000,003,208 | ---- | M] () -- \xampp\htdocs\zahradnisen\themes\prestashop\img\ajax-loader.gif
[2011.05.23 10:11:44 | 000,000,910 | ---- | M] () -- \xampp\htdocs\zahradnisen\tools\swift\Swift\ClassLoader.php
[2009.12.20 00:00:00 | 000,068,608 | ---- | M] () -- \xampp\MercuryMail\loader.exe
[2009.12.20 00:00:00 | 000,014,987 | ---- | M] () -- \xampp\perl\lib\AutoLoader.pm
[2009.12.20 00:00:00 | 000,025,806 | ---- | M] () -- \xampp\perl\lib\DynaLoader.pm
[2009.12.20 00:00:00 | 000,017,341 | ---- | M] () -- \xampp\perl\lib\SelfLoader.pm
[2009.12.20 00:00:00 | 000,010,882 | ---- | M] () -- \xampp\perl\lib\XSLoader.pm
[2009.12.20 00:00:00 | 000,001,329 | ---- | M] () -- \xampp\perl\lib\Locale\Maketext\GutsLoader.pm
[2009.12.20 00:00:00 | 000,001,027 | ---- | M] () -- \xampp\perl\site\lib\Apache2\XSLoader.pm
[2009.12.20 00:00:00 | 000,001,031 | ---- | M] () -- \xampp\perl\site\lib\APR\XSLoader.pm
[2009.12.20 00:00:00 | 000,010,700 | ---- | M] () -- \xampp\perl\site\lib\ModPerl\RegistryLoader.pm
[2009.12.20 00:00:00 | 000,006,565 | ---- | M] () -- \xampp\php\PEAR\PEAR\Autoloader.php
[2009.12.20 00:00:00 | 000,066,314 | ---- | M] () -- \xampp\php\PEAR\PEAR\Downloader.php
[2009.12.20 00:00:00 | 000,009,232 | ---- | M] () -- \xampp\php\PEAR\Zend\Loader.php
[2009.12.20 00:00:00 | 000,007,587 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\TypeLoader.php
[2009.12.20 00:00:00 | 000,002,786 | ---- | M] () -- \xampp\php\PEAR\Zend\Application\Module\Autoloader.php
[2009.12.20 00:00:00 | 000,016,699 | ---- | M] () -- \xampp\php\PEAR\Zend\Loader\Autoloader.php
[2009.12.20 00:00:00 | 000,014,838 | ---- | M] () -- \xampp\php\PEAR\Zend\Loader\PluginLoader.php
[2009.12.20 00:00:00 | 000,010,500 | ---- | M] () -- \xampp\php\PEAR\Zend\Search\Lucene\Index\DictionaryLoader.php
[2009.12.20 00:00:00 | 000,004,643 | ---- | M] () -- \xampp\php\PEAR\Zend\Tool\Framework\Loader\IncludePathLoader.php

< *minodlogin* /s >

< *tnod* /s >
[2011.03.22 19:00:32 | 000,000,631 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\configuration\Content\Reference\JavaScript\TextNode.html

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2007.03.14 17:05:52 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\BadSerialNumberAlert.exv
[2007.03.14 17:05:52 | 000,001,545 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007.03.14 17:05:52 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 17:05:52 | 000,000,833 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ReserializeAlert.exv
[2007.03.14 17:05:52 | 000,028,474 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\SerializationWF.exv
[2007.03.14 17:05:52 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007.03.14 17:05:52 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007.03.14 17:05:52 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 17:05:52 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\ReserializeAlert.exv
[2007.03.14 17:05:52 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\SerializationWF.exv
[2007.03.14 17:05:54 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\BadSerialNumberAlert.exv
[2007.03.14 17:05:54 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007.03.14 17:05:54 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 17:05:54 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\ReserializeAlert.exv
[2007.03.14 17:05:54 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\SerializationWF.exv
[2007.03.15 10:19:10 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\BadSerialNumberAlert.exv
[2007.03.15 10:19:10 | 000,001,545 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007.03.15 10:19:10 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.03.15 10:19:10 | 000,000,833 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ReserializeAlert.exv
[2007.03.15 10:19:10 | 000,028,474 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\SerializationWF.exv
[2007.03.15 10:19:10 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007.03.15 10:19:10 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007.03.15 10:19:10 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.03.15 10:19:10 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\ReserializeAlert.exv
[2007.03.15 10:19:12 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\SerializationWF.exv
[2007.03.15 10:19:14 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\BadSerialNumberAlert.exv
[2007.03.15 10:19:14 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007.03.15 10:19:14 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007.03.15 10:19:16 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\ReserializeAlert.exv
[2007.03.15 10:19:16 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\SerializationWF.exv
[2011.03.22 19:01:10 | 000,033,536 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\JDK\bin\serialver.exe
[2007.04.19 09:14:18 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\BadSerialNumberAlert.exv
[2007.04.19 09:14:18 | 000,001,545 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\CantChangeSerialNumberAlert.exv
[2007.04.19 09:14:18 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.04.19 09:14:18 | 000,000,833 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ReserializeAlert.exv
[2007.04.19 09:14:18 | 000,028,474 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\SerializationWF.exv
[2007.04.19 09:14:20 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007.04.19 09:14:20 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007.04.19 09:14:20 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.04.19 09:14:20 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ar_AE\ReserializeAlert.exv
[2007.04.19 09:14:20 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\ar_AE\SerializationWF.exv
[2007.04.19 09:14:22 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\he_IL\BadSerialNumberAlert.exv
[2007.04.19 09:14:22 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007.04.19 09:14:22 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007.04.19 09:14:22 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\he_IL\ReserializeAlert.exv
[2007.04.19 09:14:22 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\LMResources\he_IL\SerializationWF.exv
[2011.03.11 16:50:06 | 000,356,496 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS5.1\Support Files\Contents\Windows\boost_serialization.dll
[2007.05.03 19:03:32 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\BadSerialNumberAlert.exv
[2007.05.03 19:03:32 | 000,001,545 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007.05.03 19:03:32 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.05.03 19:03:32 | 000,000,833 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ReserializeAlert.exv
[2007.05.03 19:03:32 | 000,028,474 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\SerializationWF.exv
[2007.05.03 19:03:32 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\BadSerialNumberAlert.exv
[2007.05.03 19:03:32 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\CantChangeSerialNumberAlert.exv
[2007.05.03 19:03:32 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\InValidUpGradeSerialNumberAlert.exv
[2007.05.03 19:03:32 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\ReserializeAlert.exv
[2007.05.03 19:03:32 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\SerializationWF.exv
[2007.05.03 19:03:34 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\BadSerialNumberAlert.exv
[2007.05.03 19:03:34 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\CantChangeSerialNumberAlert.exv
[2007.05.03 19:03:34 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\InValidUpGradeSerialNumberAlert.exv
[2007.05.03 19:03:34 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\ReserializeAlert.exv
[2007.05.03 19:03:34 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\SerializationWF.exv
[2012.04.11 02:15:28 | 000,434,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.dll
[2012.12.26 02:43:29 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.10.26 16:03:10 | 004,886,528 | ---- | M] () -- \Program Files (x86)\VMware\Infrastructure\Virtual Infrastructure Client\2.5\VimSoapService.25u2.XmlSerializers.dll
[2009.10.26 16:03:08 | 000,077,824 | ---- | M] () -- \Program Files (x86)\VMware\Infrastructure\VIUpdate\vmwareUpdateService.XmlSerializers.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.04.28 05:36:41 | 000,002,013 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2Q6O5V7\jquery.serialScroll[1].js
[2013.06.11 02:06:43 | 000,002,013 | ---- | M] () -- \Users\Kapr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YN1NVJCX\jquery.serialScroll[1].js
[2013.04.07 23:13:11 | 000,000,156 | ---- | M] () -- \Users\Kapr\Favorites\SERIALSTV.COM - SERIÁLY ONLINE - View forum - Hvězdná Brána - Série 7.url
[2013.04.07 23:13:11 | 000,000,168 | ---- | M] () -- \Users\Kapr\Favorites\SERIALSTV.COM - SERIÁLY ONLINE - View topic - Hvězdná Brána - Série 6.url
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.09 13:22:58 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.01.09 13:21:54 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.09 13:23:29 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.01.09 13:18:13 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.04.29 19:09:29 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\518daa915c6d232fa5a3349972cc5199\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.05.16 21:39:11 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c9508bbbee390fa5c287a84d1a88d7d9\System.Runtime.Serialization.ni.dll
[2013.04.29 19:11:42 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\2252e5d4dad3601caba4860ae876954b\System.Xml.Serialization.ni.dll
[2013.04.29 19:16:02 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\0871d594472274679cfd39872b5681cf\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.04.29 19:15:50 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\896da6a8a6758c5d820c6a120fc867ea\System.Runtime.Serialization.ni.dll
[2013.05.16 21:44:50 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\fee34c821c1b681a540a849af9ca9008\System.Runtime.Serialization.ni.dll
[2013.04.29 19:20:35 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\85fd451da8da46f451729990194df10c\System.Xml.Serialization.ni.dll
[2011.04.06 17:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.amd64
[2011.04.06 17:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.x86
[2013.04.29 18:47:13 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.06.18 15:17:10 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.04.29 18:47:12 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.06.18 15:17:09 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.06.18 15:17:12 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012.12.25 21:19:41 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.12.25 21:19:41 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 07:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 07:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 06:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 06:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 06:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2013.03.26 19:17:38 | 000,002,013 | ---- | M] () -- \xampp\htdocs\fame\js\jquery\plugins\jquery.serialScroll.js
[2013.03.26 19:17:38 | 000,000,544 | ---- | M] () -- \xampp\htdocs\fame\themes\default\img\icon\serial_scroll_left.gif
[2013.03.26 19:17:38 | 000,000,508 | ---- | M] () -- \xampp\htdocs\fame\themes\default\img\icon\serial_scroll_right.gif
[2012.11.07 02:22:06 | 000,002,126 | ---- | M] () -- \xampp\htdocs\fdi\libraries\rokcommon\Doctrine\Parser\Serialize.php
[2012.05.21 11:31:44 | 000,004,482 | ---- | M] () -- \xampp\htdocs\fdi2\libraries\gantry\admin\widgets\slider\js\unserialize.js
[2012.10.22 20:25:59 | 000,004,482 | ---- | M] () -- \xampp\htdocs\laurakean\libraries\gantry\admin\widgets\slider\js\unserialize.js
[2011.10.11 17:32:24 | 000,004,459 | ---- | M] () -- \xampp\htdocs\obis\libraries\gantry\admin\widgets\slider\js\unserialize.js
[2011.05.23 10:11:44 | 000,002,013 | ---- | M] () -- \xampp\htdocs\presta\js\jquery\jquery.serialScroll-1.2.2-min.js
[2012.02.12 22:37:40 | 000,000,258 | ---- | M] () -- \xampp\htdocs\presta\modules\themeinstallator\import\themes\prestashop-christmas-theme-2011\img\icon\serial_scroll_left.gif
[2012.02.12 22:37:40 | 000,000,259 | ---- | M] () -- \xampp\htdocs\presta\modules\themeinstallator\import\themes\prestashop-christmas-theme-2011\img\icon\serial_scroll_right.gif
[2012.02.12 22:33:33 | 000,000,258 | ---- | M] () -- \xampp\htdocs\presta\modules\themes\prestashop-christmas-theme-2011\img\icon\serial_scroll_left.gif
[2012.02.12 22:33:33 | 000,000,259 | ---- | M] () -- \xampp\htdocs\presta\modules\themes\prestashop-christmas-theme-2011\img\icon\serial_scroll_right.gif
[2008.12.01 17:37:58 | 000,000,258 | ---- | M] () -- \xampp\htdocs\presta\themes\prestashop\img\icon\serial_scroll_left.gif
[2008.12.01 17:37:58 | 000,000,259 | ---- | M] () -- \xampp\htdocs\presta\themes\prestashop\img\icon\serial_scroll_right.gif
[2012.02.12 22:37:49 | 000,000,258 | ---- | M] () -- \xampp\htdocs\presta\themes\prestashop-christmas-theme-2011\img\icon\serial_scroll_left.gif
[2012.02.12 22:37:49 | 000,000,259 | ---- | M] () -- \xampp\htdocs\presta\themes\prestashop-christmas-theme-2011\img\icon\serial_scroll_right.gif
[2013.03.26 19:17:38 | 000,002,013 | ---- | M] () -- \xampp\htdocs\prestapokus\js\jquery\plugins\jquery.serialScroll.js
[2013.03.26 19:17:38 | 000,000,544 | ---- | M] () -- \xampp\htdocs\prestapokus\themes\default\img\icon\serial_scroll_left.gif
[2013.03.26 19:17:38 | 000,000,508 | ---- | M] () -- \xampp\htdocs\prestapokus\themes\default\img\icon\serial_scroll_right.gif
[2011.10.11 17:32:24 | 000,004,459 | ---- | M] () -- \xampp\htdocs\rcnachod\libraries\gantry\admin\widgets\slider\js\unserialize.js
[2011.05.23 09:11:44 | 000,002,013 | ---- | M] () -- \xampp\htdocs\tonerynaplne\js\jquery\jquery.serialScroll-1.2.2-min.js
[2008.12.01 16:37:58 | 000,000,258 | ---- | M] () -- \xampp\htdocs\tonerynaplne\themes\prestashop\img\icon\serial_scroll_left.gif
[2008.12.01 16:37:58 | 000,000,259 | ---- | M] () -- \xampp\htdocs\tonerynaplne\themes\prestashop\img\icon\serial_scroll_right.gif
[2011.05.23 10:11:44 | 000,002,013 | ---- | M] () -- \xampp\htdocs\zahradnisen\js\jquery\jquery.serialScroll-1.2.2-min.js
[2008.12.01 17:37:58 | 000,000,258 | ---- | M] () -- \xampp\htdocs\zahradnisen\themes\prestashop\img\icon\serial_scroll_left.gif
[2008.12.01 17:37:58 | 000,000,259 | ---- | M] () -- \xampp\htdocs\zahradnisen\themes\prestashop\img\icon\serial_scroll_right.gif
[2010.12.03 19:58:24 | 000,000,307 | ---- | M] () -- \xampp\mysql\mysql-test\suite\engines\funcs\r\tc_column_serial.result
[2010.12.03 19:58:24 | 000,000,323 | ---- | M] () -- \xampp\mysql\mysql-test\suite\engines\funcs\t\tc_column_serial.test
[2009.12.20 00:00:00 | 000,002,030 | ---- | M] () -- \xampp\perl\site\lib\SOAP\Deserializer.pod
[2009.12.20 00:00:00 | 000,013,276 | ---- | M] () -- \xampp\perl\site\lib\SOAP\Serializer.pod
[2009.12.20 00:00:00 | 000,002,122 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\Deserializer.php
[2009.12.20 00:00:00 | 000,001,694 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\Serializer.php
[2009.12.20 00:00:00 | 000,009,327 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\Amf0\Deserializer.php
[2009.12.20 00:00:00 | 000,013,000 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\Amf0\Serializer.php
[2009.12.20 00:00:00 | 000,015,603 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\Amf3\Deserializer.php
[2009.12.20 00:00:00 | 000,017,197 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\Amf3\Serializer.php

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:E5A9D792

< End of report >

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 10:52
od K.a.p.r
Log Extras.txt

OTL Extras logfile created on: 4.7.2013 11:01:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kapr\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 43,21% Memory free
4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 9,63 Gb Free Space | 8,62% Space Free | Partition Type: NTFS
Drive E: | 49,81 Gb Total Space | 3,55 Gb Free Space | 7,14% Space Free | Partition Type: NTFS
Drive F: | 248,28 Gb Total Space | 22,93 Gb Free Space | 9,24% Space Free | Partition Type: NTFS

Computer Name: KAPR-PC | User Name: Kapr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-547005843-1775508806-2719200146-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038A4258-C986-4AB8-877A-5A72DF3522D9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{06D89194-4422-4CBF-8F0E-3638B712F796}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0BB66426-868A-4FCF-9C01-BAC61333DAF6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1921FA9B-9B79-487C-A9CC-223D95BFB5B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1A219A59-562A-4BC1-8453-ED17F61F1BD6}" = lport=445 | protocol=6 | dir=in | app=system |
"{20A87E5E-798D-45F7-AFC4-409349E8BBB5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{393E6BA8-3C2E-49B2-B92D-F921AE2610F6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3ADBA6C8-22B0-460C-AA7E-CE97DEEE9683}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3CF75E4B-3103-4EB1-A042-E89DE7DB8814}" = rport=139 | protocol=6 | dir=out | app=system |
"{3FFC5CF9-1144-427E-9409-683B057CA432}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50F726EE-644E-407A-8090-09C86908DA02}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5BC85352-31F7-47FE-A93E-2E70853CC676}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FB82C6A-8883-42A3-8D2C-D472DEE52DCE}" = rport=445 | protocol=6 | dir=out | app=system |
"{8244D3B2-740F-4748-913F-CEE31EB963BE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8E2BFB59-6743-405C-B8D3-A9BEFE43076F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9047E576-1021-45EA-8822-7CE68D21529E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9EF4E9A9-32EF-4247-82E7-EEDED166CD3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9D77771-AA8E-4A0E-98BD-BDDEF4E02ACA}" = rport=138 | protocol=17 | dir=out | app=system |
"{B775FF3A-3596-46C7-9E2D-B7A51BAD2AB5}" = lport=138 | protocol=17 | dir=in | app=system |
"{B9C9D581-E5D3-4D26-AC74-476C51171D81}" = rport=137 | protocol=17 | dir=out | app=system |
"{DAA854CE-A9A0-4C97-B0E0-F2D9DE5286D4}" = lport=139 | protocol=6 | dir=in | app=system |
"{EED8D48C-2BD3-469B-863A-421EEA9C85F0}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C4F76F-38B4-4921-A127-BB8291C1BEE3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{0B4E818E-DA38-431F-B101-1A91F242AE63}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10C637AE-2FEB-42FC-9D95-66E37FF9BC6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{13FD46EB-5C6A-4EB4-9325-B277143E81D2}" = dir=in | app=c:\program files (x86)\nusphere\phped\php5\php.exe |
"{19510EEB-9C08-489E-A69F-C32AE046E20F}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{220C37C7-60BF-423F-B884-A9776CA8E5E3}" = dir=in | app=c:\program files (x86)\nusphere\phped\php\php.exe |
"{2D46B7D4-90B3-4A36-9A1E-3F0E1BFB3BB5}" = dir=in | app=c:\program files (x86)\nusphere\phped\php5\php-cgi.exe |
"{2DA8BB89-6FCA-4543-A70D-C930FEECDAEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3084A567-D1F3-4863-8956-F0D8176C6D0E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{36617DD8-17B0-43C6-BA48-66C78D376055}" = dir=in | app=c:\program files (x86)\nusphere\phped\debugger\dbglistener.exe |
"{42FF7405-8147-448C-901F-C871D439B537}" = dir=in | app=c:\program files (x86)\nusphere\phped\php53\php-cgi.exe |
"{44785716-A3A3-49AD-9CEF-F2AAA15E890E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{474E3481-133E-4E40-8054-59C732F587DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D0D497D-B70B-454A-952B-45F85B59D3E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55A44A68-4C91-4C56-AB6C-87B4F40DE001}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{59489F3E-ED14-427B-A426-DFAF6448A456}" = dir=out | app=c:\program files (x86)\nusphere\phped\phped.exe |
"{72B815EC-744A-4AED-B23B-D74B60C382EA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{744FB908-D368-4FBA-8278-89D1FB5612E6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{747487DB-872D-4189-94B2-045A90BEEFE3}" = dir=in | app=c:\program files (x86)\nusphere\phped\php53\php.exe |
"{799E7917-5FF2-4E83-B534-E63ECA6A8055}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8817B4EF-F8AD-44B6-85F3-3DA8AAC5302F}" = protocol=58 | dir=in | app=system |
"{90AB2237-ABEB-4112-97A3-72453BD217A6}" = dir=out | app=c:\program files (x86)\virtual rc pro\game.exe |
"{90FB69A9-FA82-4547-B5D8-47606129D592}" = protocol=6 | dir=out | app=system |
"{91D608FF-CBA8-4BCE-837F-683D9564E3FC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A62EA5E6-5127-4EDC-944A-075E8AB7DBFE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9BB6F0D-3880-4BF5-ADCA-2030F9449BFE}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{AB935E0E-030A-46EA-952A-21CF2B8BF95A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B4BE7116-ACF0-43C4-9C25-409810C2127C}" = dir=in | app=c:\program files (x86)\nusphere\phped\php\php-cgi.exe |
"{B877CA45-E18B-445C-AA9C-8C8CA0367F81}" = dir=out | app=c:\program files (x86)\virtual rc pro\vrcpro.exe |
"{C1F9DBAF-555F-44C0-92EE-C50B0135DD25}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CBF11018-BC41-42D8-B05A-B9451CFA6027}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CBF50298-B3F9-4751-BE04-B4206A10918C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6B9E0DA-4BB8-4D0A-A438-C621327443EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF1F14C7-C8CF-4D11-9276-A09F2D349518}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E14EF29C-FE16-4EA7-A74A-F772ED7F6E4C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E65A1C19-B3AE-4925-A801-CEA335A4C72D}" = dir=in | app=c:\program files (x86)\nusphere\phped\srv.exe |
"{ED077594-FF2E-4016-91E0-013EEFF4FD78}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9F82390-CAA4-4D27-B715-8C550A46A537}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FF4ED168-EBF6-4918-A5B3-931056AF2FAE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0281161C-B369-45E1-95F1-B9B4C06DBEE1}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{28D7AA89-5007-4490-8B9F-7BB246A0DA0B}C:\users\kapr\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kapr\appdata\local\akamai\netsession_win.exe |
"TCP Query User{45209908-DBEA-4AD1-8337-01C2C4FC7352}C:\Program Files (x86)\Trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"TCP Query User{5BEDAA8E-D0A0-45DC-AF51-EDEDDE63BA4F}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{6B8EC01C-2559-4A62-8171-F5030EE40FC1}C:\users\kapr\downloads\winbox.exe" = protocol=6 | dir=in | app=c:\users\kapr\downloads\winbox.exe |
"TCP Query User{94BFDA59-694A-4BF0-A74B-0DFA010693BA}C:\users\kapr\desktop\winbox.exe" = protocol=6 | dir=in | app=c:\users\kapr\desktop\winbox.exe |
"UDP Query User{174A4E8E-33C9-42F4-B521-4247493AD8F2}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{5D074B2D-BAE0-4166-AFEF-41E295388590}C:\users\kapr\desktop\winbox.exe" = protocol=17 | dir=in | app=c:\users\kapr\desktop\winbox.exe |
"UDP Query User{9F166419-69BB-4696-BE29-CBDFCA491315}C:\users\kapr\downloads\winbox.exe" = protocol=17 | dir=in | app=c:\users\kapr\downloads\winbox.exe |
"UDP Query User{AECE2ED0-563E-4650-A7CE-5B46E69BCCAB}C:\Program Files (x86)\Trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"UDP Query User{B8D42C23-E196-48B3-BBBB-020FBA9ED2DA}C:\users\kapr\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kapr\appdata\local\akamai\netsession_win.exe |
"UDP Query User{F2C28AD8-2DAB-4D3F-BDA7-C66195C75211}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{91DE36DA-9DE8-0CE8-AE5A-884735889FF6}" = ATI Catalyst Install Manager
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Find and Mount_is1" = Find and Mount 2.32
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"sp6" = Logitech SetPoint 6.51
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}" = Google Earth
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1E8D5C8F-7DA3-4B08-9C06-03A0B7FE1FB5}" = Network Recording Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57F1AB5A-0B9A-4229-B231-B1516A33DCD4}" = VMware Infrastructure Client 2.5
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{739CE62B-2893-4D89-8BF8-9B4034633DB6}" = Adobe Setup
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1" = Dell Display Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8F4FC41-5CAF-475D-83DE-456723992201}" = PhoenixRC
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF530916-26EE-4FE4-8946-670C82357454}_is1" = Virtual RC Pro Racing Simulator
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D6CD1A90-1421-4F19-AFD8-BE4E28A1D6D5}" = Adobe Illustrator CS3
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D93B70D2-4DA4-4F6F-9DC8-72D08F74A386}" = VMware Infrastructure Update
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F0703991-E476-4997-98C6-239E67FC9944}" = Adobe Creative Suite 3 Design Premium
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_1e533f03b8b42b2b6a1aba5a0b9d358" = Přidat nebo odebrat Adobe Creative Suite 3 Design Premium
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"CSELITE65_is1" = CSE HTML Validator Lite v6.52
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.6.0
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Embedded Browser_is1" = Mozilla Embedded Browser version 10.0.2
"Mozilla Firefox 21.0 (x86 cs)" = Mozilla Firefox 21.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NuSphere PhpED_is1" = NuSphere PhpED version 7.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PHP Documentor_is1" = Php Documentor version 1.4.2 for NuSphere PhpED
"PHP_is1" = php-4.4.9 for NuSphere PhpED
"PHP5_is1" = php-5.2.17 for NuSphere PhpED
"PHP53_is1" = php-5.3.10 for NuSphere PhpED
"POLYSTYLE_is1" = Polystyle 2.0zo (trial) for NuSphere PhpED
"TeamViewer 8" = TeamViewer 8
"Trillian" = Trillian

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.6.2013 11:27:07 | Computer Name = Kapr-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: phoenixRC.exe, verze: 0.0.0.0, časové razítko:
0x4d05e8d9 Název chybujícího modulu: phnxdll.dll, verze: 0.0.0.0, časové razítko:
0x4b2a2720 Kód výjimky: 0xc0000417 Posun chyby: 0x00002d01 ID chybujícího procesu:
0x11c8 Čas spuštění chybující aplikace: 0x01ce6913a000ca0c Cesta k chybující aplikaci:
C:\Program Files (x86)\PhoenixRC\phoenixRC.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ShareRapid\P_RC\P_RC\PhoenixRC - Emu_0.3\phnxdll.dll ID zprávy: deff5853-d506-11e2-ad80-004f4e626716

Error - 3.7.2013 10:00:22 | Computer Name = Kapr-PC | Source = Application Hang | ID = 1002
Description = Program OutlookFIX.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
12dc Čas spuštění: 01ce77f27e26cd43 Čas ukončení: 25 Cesta k aplikaci: C:\Users\Kapr\AppData\Local\Cimaware\Apps\OfficeFix6\OutlookFIX\OutlookFIX.exe

ID
hlášení:

Error - 3.7.2013 10:12:23 | Computer Name = Kapr-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: keygen.exe, verze: 0.0.0.0, časové razítko:
0x51cb5653 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x03a52474 ID chybujícího procesu: 0x8f4 Čas spuštění
chybující aplikace: 0x01ce77f755452498 Cesta k chybující aplikaci: C:\Users\Kapr\AppData\Local\Temp\7z429793B8\keygen.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 942c8dad-e3ea-11e2-9ba1-004f4e626716

Error - 3.7.2013 10:13:44 | Computer Name = Kapr-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: keygen.exe, verze: 0.0.0.0, časové razítko:
0x51cb5653 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x032d2474 ID chybujícího procesu: 0xecc Čas spuštění
chybující aplikace: 0x01ce77f786a1d250 Cesta k chybující aplikaci: C:\Users\Kapr\Downloads\Outlookfix.Outlook.Pst.Repair.key.generator.by.F4CG\Outlookfix.Outlook.Pst.Repair.key.generator.by.F4CG\keygen.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: c4bb6111-e3ea-11e2-9ba1-004f4e626716

Error - 3.7.2013 14:40:33 | Computer Name = Kapr-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Remo Repair Outlook
[PST]\rs-ror.exe.Manifest se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.7.2013 14:40:33 | Computer Name = Kapr-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Remo Repair Outlook
[PST]\rs-ror.exe.Manifest se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.7.2013 14:43:25 | Computer Name = Kapr-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: rs-ror32.exe, verze: 3.0.0.6, časové razítko:
0x4e1433ba Název chybujícího modulu: rs-ror32.exe, verze: 3.0.0.6, časové razítko:
0x4e1433ba Kód výjimky: 0xc0000094 Posun chyby: 0x00047f04 ID chybujícího procesu:
0x964 Čas spuštění chybující aplikace: 0x01ce781cda8d6dd0 Cesta k chybující aplikaci:
C:\Program Files\Remo Repair Outlook [PST]\32\rs-ror32.exe Cesta k chybujícímu modulu:
C:\Program Files\Remo Repair Outlook [PST]\32\rs-ror32.exe ID zprávy: 712f3f2e-e410-11e2-9369-004f4e626716

Error - 3.7.2013 14:45:31 | Computer Name = Kapr-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: rs-ror32.exe, verze: 3.0.0.6, časové razítko:
0x4e1433ba Název chybujícího modulu: rs-ror32.exe, verze: 3.0.0.6, časové razítko:
0x4e1433ba Kód výjimky: 0xc0000094 Posun chyby: 0x00047f04 ID chybujícího procesu:
0x115c Čas spuštění chybující aplikace: 0x01ce781d40a5df63 Cesta k chybující aplikaci:
C:\Program Files\Remo Repair Outlook [PST]\32\rs-ror32.exe Cesta k chybujícímu modulu:
C:\Program Files\Remo Repair Outlook [PST]\32\rs-ror32.exe ID zprávy: bc42f18a-e410-11e2-9369-004f4e626716

Error - 3.7.2013 14:56:56 | Computer Name = Kapr-PC | Source = Outlook | ID = 34
Description = Nepodařilo se získat správce oboru procházení. Chyba=0x8001010d.

Error - 3.7.2013 17:16:48 | Computer Name = Kapr-PC | Source = Chrome | ID = 1
Description =

[ System Events ]
Error - 3.7.2013 14:01:31 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 3.7.2013 14:01:31 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 3.7.2013 16:29:32 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7000
Description = Služba MLPTDR_N neuspěla při spuštění v důsledku následující chyby:
%%193

Error - 3.7.2013 16:29:35 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 3.7.2013 16:31:36 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 3.7.2013 16:31:36 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 4.7.2013 4:57:43 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7000
Description = Služba MLPTDR_N neuspěla při spuštění v důsledku následující chyby:
%%193

Error - 4.7.2013 4:57:48 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 4.7.2013 4:59:48 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 4.7.2013 4:59:48 | Computer Name = Kapr-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 10:57
od Márty84
:???: Fajn. Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:

:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 17:00
od K.a.p.r
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.04.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Kapr :: KAPR-PC [administrátor]

Ochrana: Povolena

4.7.2013 12:07:57
MBAM-log-2013-07-04 (18-00-18).txt

Typ: Kompletní kontrola (C:\|E:\|F:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 1943909
Uplynulý čas: 4 hodin, 10 minut, 16 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Backdoor.Bot) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 68
C:\Users\Kapr\AppData\Local\Temp\iswizard\iswizard.7z (Trojan.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Kapr\Downloads\CORE_CS_5.5.rar (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
C:\Users\Kapr\Downloads\new.a.cr.su.P.P\ADOBE.CREATIVE.SUITE.5.5.MASTER.COLLECTION.RU.CZ.PL.TR.WIN.ESD.KEYGEN-XFORCE\ADOBE.CS5.5.MC_KEYGEN_WIN_OSX-XFORCE\adobemasterkeygen55.exe (Trojan.Agent.ck) -> Nebyla provedena žádná instrukce.
C:\Users\Kapr\Downloads\productkey\ProduKey.exe (PUP.PSWTool.ProductKey) -> Nebyla provedena žádná instrukce.
E:\Documents and Settings\Kapr\Local Settings\Temp\321.tmp\Adobe_CS5_Activator.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
E:\Documents and Settings\Kapr\Plocha\Aktivace Win7\Windows_Loader_v1.9.3.zip (RiskWare.Tool.HCK) -> Nebyla provedena žádná instrukce.
F:\319.tmp\Adobe_CS5_Activator.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\zoom3_v1_02.exe (Malware.Gen) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\Antivir\AVG 7\AVG.Anti-Virus.v7.0.225.Professional.Edition-VDOWN.rar (Trojan.Agent) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\Audio\Acoustica CD Label Maker\acousticacdlabelmakerv1.42keygenici.zip (RiskWare.Tool.HCK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\Audio\Audio on-line Recorder\crack.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\Ineternet\Komunikace\Trillian 2.01\Trillian Pro 2\Trillian Pro v2.01b3\trillian_crk.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\Visual Basic 5.0 pro\TOOLS\NT351SP5.A\I386\KEYGEN.EXE (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\Češtiny a Patche\cracky\Alcohol_120_Percent_v1.4.8_build_1222_Trial.zip (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 15\Češtiny a Patche\cracky\Alcohol_120_Percent_v1.4.8_build_1222_Trial_to_Full_by_FFF.zip (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 18\Vypalování\Clone\Clone CD 4.2.0.2\keygen\Clonecd4.0.0.1kg.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 18\WWW_programy\FLASH animace\A4Desk vynikající program na flash\Keygen.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 19\Dostane zvuk z videa\Crack\easyvideotoaudioconverterkeygen.exe (Trojan.Downloader) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\ChessGenius.zip (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\7650\SIS APLIKACE\SeleQ\SeleQ15i.zip (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\7650\ZIP\BOMBERv1.1.zip (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\7650\ZIP\Jacadoiq1.0.1.zip (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\Big App Pack\-Ximplify.Seleq.v1.50i.zip (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\Big App Pack\SeleQ.v1.5i..Keygen.(7650.Nokia).zip (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\Big App Pack\the.Car.Game.v1.0.Full.[Tinland.Dragon].(SIS.7650.Nokia).zip (PUP.Keygen.Intro) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 20\Mobil\Nokia 6630\Netříděno\Big App Pack\Ximplify.Seleq.v1.50i.zip (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
F:\CD COPY\Programy 21\Handy recovery - Obnova partition\THM.exe (Trojan.Bancos) -> Nebyla provedena žádná instrukce.
F:\Flashka alcoma\CorelDRAW Graphics Suite X4 Setup Files\keygen.exe (Trojan.Dropper.PGen) -> Nebyla provedena žádná instrukce.
F:\Flashka alcoma\Programy\RemoveWGA12.exe (PUP.RemoveWGA) -> Nebyla provedena žádná instrukce.
F:\Flashka alcoma\Programy\Virtualní CDROM\daemon409-x86.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
F:\Prográmky\RSMInitp\AppData\1000000600002i\svchost.exe (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
F:\Prográmky\RSMInitp\AppData\30000000c200002i\DW20.EXE (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
F:\Prográmky\RSMInitp\AppData\4000001900002i\iexplore.exe (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
F:\Prográmky\Smart movie\SmartMovie_symbian_lcg_v3.22_Patch_by_Bokiv.zip (Trojan.Bancos) -> Nebyla provedena žádná instrukce.
F:\Prográmky\Smart movie\SmartMovie_symbian_lcg_v3.22_Patch_by_Bokiv\PATCH.exe (Trojan.Bancos) -> Nebyla provedena žádná instrukce.
F:\Rapid\CorelDRAW_Graphics_Suite_X5_v15.2.0.661CZE\CorelDRAW Graphics Suite X5 v15.2.0.661CZE\CorelDRAW.Graphics.Suite.X5.v15.2.0.661.Incl.Keymaker-CORE.rar (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\Rapid\CorelDRAW_Graphics_Suite_X5_v15.2.0.661CZE\CorelDRAW Graphics Suite X5 v15.2.0.661CZE\keygen.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\System Volume Information\_restore{9F6569FB-25C4-435C-9157-9D69CF2B3E57}\RP844\A0240095.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
F:\System Volume Information\_restore{CD2BA3BC-8BD4-4F2E-86DD-553CBF6BC765}\RP133\A0025895.exe (Trojan.Agent.CK) -> Nebyla provedena žádná instrukce.
F:\Webdesign\template\2293.TM.Templates\10012\html\images\spacer.gif (Extension.Mismatch) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1R1JCQLP\boss[1].exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J166WND0\b[1].exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKRY4P4U\go[2].exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\0358819166.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\0466377720.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\0655294226.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\1501726791.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\2170738126.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\2416557276.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\3247051203.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\3342049486.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\3833895342.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\3873333898.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\4427289611.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\4896101389.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\4999946225.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\5170764297.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\6097438700.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\6112176077.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\6694572989.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\6754810388.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\6782893712.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\7560151901.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\8060786977.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\8749595163.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\9348343571.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\9486047553.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.
F:\Záloha Schub\AppData\Local\Temp\9700667144.exe (Trojan.Ircbot) -> Nebyla provedena žádná instrukce.

(konec)

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 17:57
od Márty84
Márty84 píše: :???: Fajn. Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:
Zadna odpoved taky odpoved :James008:


A pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
:39:

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 18:18
od K.a.p.r
Chápu, napravím. I tak děkuji za Váš čas. LOCK

Re: Problém s trojským koněm - Bitcoinminer

Napsal: 04 črc 2013 18:55
od Márty84
No bohuzel neni zac. Mate tam toho cinknuteho softu docela dost :roll:

Preji uspesne vyreseni.

Mejte se :bye:

:closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz