Dobrý den,
prosím Vás o preventivní kontrolu.
Díky
Hineg
Logfile of random's system information tool 1.09 (written by random/random)
Run by hynek at 2011-10-04 17:49:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 41 GB (14%) free of 305 GB
Total RAM: 1022 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:50:22, on 4.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\system32\mobsync.exe
C:\Documents and Settings\hynek\Desktop\RSIT.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Deamon\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\trend micro\hynek.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ns.hb-ware.cz:8080
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Deamon\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3967921166
O16 - DPF: {D67DB088-70B4-4006-B052-57F614FD3AA8} (ChtIEx Control) - http://www.vguard.net/myasp/chtIEx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\Software\..\Telephony: DomainName = hb-ware.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = hb-ware.cz
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 10261 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HBWARE-matej.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1150.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1150.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\hynek\Application Data\Mozilla\Firefox\Profiles\yf39my4j.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=FF_5&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Picasa 3\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
C:\Program Files\Mozilla Firefox\searchplugins\
firmycz.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
mapycz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
zbocz.xml
C:\Documents and Settings\hynek\Application Data\Mozilla\Firefox\Profiles\yf39my4j.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-04-14 386776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-20 305328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-04-23 1007160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}]
PDF-XChange Viewer IE-Plugin - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll [2009-02-21 1098008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-26 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-26 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-20 305328]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-04-14 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-04-14 40960]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2004-07-20 851968]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"pdfFactory Pro Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2005-03-03 479232]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"DAEMON Tools"=C:\Deamon\DAEMON Tools\daemon.exe [2006-11-12 157592]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-04-14 273544]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Google Calendar Sync.lnk - C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\temp\WAP54G-full package-0420\Setup.exe"="C:\temp\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup Wizard of WAP54G"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"\\Hbwares\Společné\Instal\Hardware\TISKARNY\Belkin - printserver\files\setup.exe"="\\Hbwares\Společné\Instal\Hardware\TISKARNY\Belkin - printserver\files\setup.exe:*:Enabled:setup.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\wincmd\WINCMD32.EXE"="C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit internationale Version, Dateimanager-Ersatz fuer Windows"
"\\Hbwares\Společné\Instal\Hardware\SITOVKY\bezdrát\Linksys WAP54G\Setup Wizard\WAP54G-full package-0420\Setup.exe"="\\Hbwares\Společné\Instal\Hardware\SITOVKY\bezdrát\Linksys WAP54G\Setup Wizard\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup.exe"
"C:\temp\WAP54G-full package-0420\Setup.exe"="C:\temp\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup Wizard of WAP54G"
"C:\ICQ\ICQ6\ICQ.exe"="C:\ICQ\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\QIP\qip\qip.exe"="C:\QIP\qip\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\QIP\qip.exe"="C:\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\matej\Desktop\Commander.exe"="C:\Documents and Settings\matej\Desktop\Commander.exe:*:Enabled:Commander"
"C:\HRY\FM08\fm.exe"="C:\HRY\FM08\fm.exe:*:Enabled:Football Manager 2008"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=vdrcodec.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.DIVX"=DivX.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"VIDC.MJPG"=Pvmjpg21.dll
"VIDC.PIM1"=pclepim1.dll
"vidc.XVID"=xvidvfw.dll
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave"=wdmaud.drv
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 month======
2011-10-04 17:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-10-04 17:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-10-04 17:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-10-04 17:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-10-04 17:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-10-04 17:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-10-04 17:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-10-04 17:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-10-04 17:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-10-04 17:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-10-04 17:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-10-04 17:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-10-04 17:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-10-04 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-10-04 17:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-10-04 17:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-10-04 17:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-10-04 17:01:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-10-04 17:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676-v2$
2011-10-04 17:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-10-04 17:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-10-04 17:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-10-04 17:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-10-04 17:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-10-04 17:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-10-04 16:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-10-04 16:58:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-10-04 16:58:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-10-04 16:57:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-10-04 16:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-10-04 16:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-10-04 16:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-10-04 16:51:12 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-10-04 16:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-10-04 16:49:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-10-04 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-10-04 16:48:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-10-04 16:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-10-04 16:46:14 ----SHD---- C:\Config.Msi
2011-10-04 16:44:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-10-04 16:42:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-10-04 16:38:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-10-04 16:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-10-04 16:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-10-04 16:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-10-04 16:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-10-04 16:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-10-04 16:35:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-10-04 16:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-10-04 16:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-10-04 16:34:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-10-02 22:37:52 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-10-02 22:25:54 ----D---- C:\Program Files\Microsoft Security Client
2011-10-02 22:19:03 ----D---- C:\WINDOWS\Prefetch
2011-10-02 22:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-10-02 22:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-10-02 22:17:16 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-10-02 22:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-10-02 22:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-10-02 22:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-10-02 22:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-10-02 22:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-10-02 22:16:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-10-02 22:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-10-02 22:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2011-10-02 22:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-10-02 22:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-10-02 22:15:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2011-10-02 22:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-10-02 22:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-10-02 22:15:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-10-02 22:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-10-02 22:15:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-10-02 22:14:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-10-02 22:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-10-02 22:14:42 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-10-02 22:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-10-02 22:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-10-02 22:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-10-02 22:14:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-10-02 22:14:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-10-02 22:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2011-10-02 22:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-10-02 22:13:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-10-02 22:13:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-10-02 22:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2011-10-02 22:13:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2011-10-02 22:13:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2011-10-02 22:13:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-10-02 22:12:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-10-02 22:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2011-10-02 22:12:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2011-10-02 22:12:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-10-02 22:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2011-10-02 22:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-10-02 22:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-10-02 22:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-10-02 22:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2011-10-02 22:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2011-10-02 22:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-10-02 22:11:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-10-02 22:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-10-02 22:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2011-10-02 22:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-10-02 22:10:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2011-10-02 22:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2011-10-02 22:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-10-02 22:10:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2011-10-02 22:10:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2011-10-02 22:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-10-02 22:09:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2011-10-02 22:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-10-02 22:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-10-02 22:09:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-10-02 22:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-10-02 22:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2011-10-02 22:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2011-10-02 22:08:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2011-10-02 22:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2011-10-02 22:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2011-10-02 22:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-10-02 22:08:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-10-02 22:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-10-02 22:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-10-02 22:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2011-10-02 22:07:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-10-02 22:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2011-10-02 22:07:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2011-10-02 22:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-10-02 22:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-10-02 22:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-10-02 22:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2011-10-02 22:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-10-02 22:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-10-02 22:01:59 ----D---- C:\WINDOWS\system32\scripting
2011-10-02 22:01:59 ----D---- C:\WINDOWS\l2schemas
2011-10-02 22:01:58 ----D---- C:\WINDOWS\system32\en
2011-10-02 22:01:58 ----D---- C:\WINDOWS\system32\bits
2011-10-02 21:55:01 ----D---- C:\WINDOWS\network diagnostic
2011-10-02 21:49:08 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-10-02 20:42:50 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-10-02 20:42:46 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-10-02 20:42:46 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-10-02 20:42:45 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-10-02 20:42:44 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-10-02 20:42:42 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-10-02 20:42:41 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-10-02 20:42:41 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-10-02 20:42:35 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2011-10-02 20:42:32 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2011-10-02 20:42:31 ----N---- C:\WINDOWS\system32\slserv.exe
2011-10-02 20:42:31 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-10-02 20:42:31 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slgen.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\slrundll.exe
2011-10-02 20:42:28 ----N---- C:\WINDOWS\system32\setupn.exe
2011-10-02 20:42:28 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-10-02 20:42:26 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-10-02 20:42:25 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-10-02 20:42:25 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-10-02 20:42:24 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-10-02 20:42:24 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-10-02 20:42:24 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-10-02 20:42:23 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-10-02 20:42:22 ----N---- C:\WINDOWS\system32\qutil.dll
2011-10-02 20:42:21 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-10-02 20:42:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-10-02 20:42:21 ----N---- C:\WINDOWS\system32\qagent.dll
2011-10-02 20:42:16 ----N---- C:\WINDOWS\system32\onex.dll
2011-10-02 20:42:11 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\napstat.exe
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-10-02 20:42:05 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-10-02 20:42:05 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-10-02 20:42:05 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-10-02 20:42:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-10-02 20:42:03 ----N---- C:\WINDOWS\system32\mssha.dll
2011-10-02 20:41:49 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-10-02 20:41:48 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-10-02 20:41:48 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-10-02 20:41:48 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-10-02 20:41:45 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-10-02 20:41:45 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2011-10-02 20:41:36 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-10-02 20:41:28 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-10-02 20:40:50 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-10-02 20:40:50 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-10-02 20:40:42 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-10-02 20:40:40 ----N---- C:\WINDOWS\system32\ieencode.dll
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-10-02 20:40:37 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-10-02 20:40:36 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-10-02 20:40:29 ----N---- C:\WINDOWS\system32\faxpatch.exe
2011-10-02 20:40:29 ----A---- C:\WINDOWS\003476_.tmp
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-10-02 20:40:23 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-10-02 20:40:23 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-10-02 20:40:22 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-10-02 20:40:19 ----N---- C:\WINDOWS\system32\credssp.dll
2011-10-02 20:40:16 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\azroles.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-10-02 20:40:08 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-10-02 20:40:07 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-10-02 20:40:04 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-10-02 19:34:47 ----D---- C:\WINDOWS\ie8updates
2011-10-02 19:33:15 ----D---- C:\WINDOWS\WBEM
2011-10-02 19:32:01 ----HDC---- C:\WINDOWS\ie8
2011-10-02 19:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2011-10-02 18:53:12 ----D---- C:\WINDOWS\nview
2011-10-02 18:53:12 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-10-02 18:52:57 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-10-02 18:52:46 ----D---- C:\NVIDIA
2011-09-17 22:31:47 ----D---- C:\Program Files\Plus500
======List of files/folders modified in the last 1 month======
2011-10-04 17:50:29 ----D---- C:\WINDOWS\temp
2011-10-04 17:49:50 ----D---- C:\Program Files\trend micro
2011-10-04 17:49:32 ----D---- C:\WINDOWS
2011-10-04 17:48:43 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-04 17:48:40 ----D---- C:\WINDOWS\Registration
2011-10-04 17:48:09 ----D---- C:\WINDOWS\system32
2011-10-04 17:48:08 ----HD---- C:\WINDOWS\inf
2011-10-04 17:47:32 ----D---- C:\WINDOWS\security
2011-10-04 17:47:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-04 17:41:08 ----RSD---- C:\WINDOWS\assembly
2011-10-04 17:31:35 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-04 17:19:46 ----SHD---- C:\WINDOWS\Installer
2011-10-04 17:19:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-04 17:18:14 ----D---- C:\WINDOWS\WinSxS
2011-10-04 17:08:19 ----A---- C:\WINDOWS\imsins.BAK
2011-10-04 17:08:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-04 17:08:00 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-04 17:06:12 ----D---- C:\WINDOWS\system32\drivers
2011-10-04 16:59:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-04 16:58:04 ----D---- C:\Program Files\Mozilla Firefox
2011-10-04 16:49:36 ----D---- C:\Program Files\Google
2011-10-04 16:44:36 ----D---- C:\Program Files\Movie Maker
2011-10-04 16:37:19 ----A---- C:\WINDOWS\win.ini
2011-10-04 16:36:08 ----D---- C:\Program Files\Internet Explorer
2011-10-04 16:35:12 ----D---- C:\Program Files\Outlook Express
2011-10-04 16:33:02 ----A---- C:\WINDOWS\WINCMD.INI
2011-10-04 15:31:24 ----SD---- C:\WINDOWS\Tasks
2011-10-02 22:50:49 ----D---- C:\Program Files\Common Files
2011-10-02 22:50:02 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-02 22:43:05 ----D---- C:\HRY
2011-10-02 22:42:42 ----D---- C:\WINDOWS\system32\appmgmt
2011-10-02 22:42:40 ----D---- C:\Program Files\Common Files\Apple
2011-10-02 22:41:57 ----RD---- C:\Program Files
2011-10-02 22:41:50 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-10-02 22:40:19 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-02 22:39:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-10-02 22:38:41 ----D---- C:\Program Files\Yahoo!
2011-10-02 22:26:13 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-10-02 22:20:52 ----A---- C:\WINDOWS\OEWABLog.txt
2011-10-02 22:19:38 ----A---- C:\WINDOWS\setuplog.txt
2011-10-02 22:18:35 ----D---- C:\WINDOWS\AppPatch
2011-10-02 22:18:34 ----D---- C:\WINDOWS\system32\wbem
2011-10-02 22:18:34 ----D---- C:\WINDOWS\system32\Setup
2011-10-02 22:18:34 ----D---- C:\Program Files\Messenger
2011-10-02 22:18:33 ----RSD---- C:\WINDOWS\Fonts
2011-10-02 22:17:44 ----A---- C:\WINDOWS\iis6.BAK
2011-10-02 22:17:38 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-02 22:02:15 ----D---- C:\WINDOWS\system32\inetsrv
2011-10-02 22:02:15 ----D---- C:\WINDOWS\Help
2011-10-02 22:02:14 ----D---- C:\WINDOWS\ime
2011-10-02 22:02:00 ----D---- C:\WINDOWS\system32\usmt
2011-10-02 22:02:00 ----D---- C:\WINDOWS\system32\oobe
2011-10-02 22:02:00 ----D---- C:\WINDOWS\system32\en-US
2011-10-02 22:01:58 ----D---- C:\WINDOWS\PeerNet
2011-10-02 21:57:26 ----D---- C:\WINDOWS\ServicePackFiles
2011-10-02 21:57:17 ----D---- C:\WINDOWS\system32\Restore
2011-10-02 21:57:16 ----D---- C:\WINDOWS\system32\npp
2011-10-02 21:57:16 ----D---- C:\WINDOWS\mui
2011-10-02 21:57:15 ----D---- C:\WINDOWS\msagent
2011-10-02 21:57:13 ----D---- C:\WINDOWS\srchasst
2011-10-02 21:57:12 ----D---- C:\Program Files\NetMeeting
2011-10-02 21:57:11 ----D---- C:\WINDOWS\system32\Com
2011-10-02 21:57:08 ----D---- C:\Program Files\Windows NT
2011-10-02 21:57:02 ----D---- C:\Program Files\Common Files\System
2011-10-02 21:56:38 ----D---- C:\WINDOWS\system
2011-10-02 21:53:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-10-02 21:49:05 ----D---- C:\WINDOWS\ehome
2011-10-02 19:46:31 ----SHD---- C:\WINDOWS\CSC
2011-10-02 19:33:09 ----D---- C:\WINDOWS\Media
2011-10-02 18:35:34 ----D---- C:\Program Files\ICQToolbar
2011-10-02 18:21:47 ----A---- C:\WINDOWS\hpbafd.ini
2011-09-28 22:00:30 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-21 20:22:18 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-09-09 11:12:13 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-07 21:44:32 ----D---- C:\lanskrounsko1
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-01 43872]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-03-17 639224]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl3eded9a4;MpKsl3eded9a4; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D05454B5-B68E-46BB-B325-9212055D946D}\MpKsl3eded9a4.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 a7ubol45;a7ubol45; C:\WINDOWS\system32\drivers\a7ubol45.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\R:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE31bus.sys [2006-05-01 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE31mdfl.sys [2006-05-01 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE31mdm.sys [2006-05-01 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE31mgmt.sys [2006-05-01 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS); C:\WINDOWS\system32\DRIVERS\se31nd5.sys [2006-05-01 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE31obex.sys [2006-05-01 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM); C:\WINDOWS\system32\DRIVERS\se31unic.sys [2006-05-01 90800]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-03-03 18944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-26 153376]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-30 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-30 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-24 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2006-11-06 210432]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivku
Zdravim a pekny vecer preji 
Jedna se o domaci PC nebo nejaky pracovni\firemni 
Jsou s PC nejake problemy
Jedna se o domaci PC nebo nejaky pracovni\firemni Jsou s PC nejake problemy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku
Domácí (synovo) PC, ale připojené do sítě s MS SBS a MS Exchange. PC byl dost zanedbaný, tak jsem odinstaloval spousty her atp. a aktualizoval OS.
MS Security Essentials našel (a snad i odstranil) trojana Win32/Yabector.gen.
Myslím, že PC by mohlo šlapat svižněji, ale není to žádný mladíček.
MS Security Essentials našel (a snad i odstranil) trojana Win32/Yabector.gen.
Myslím, že PC by mohlo šlapat svižněji, ale není to žádný mladíček.
Re: Prosím o preventivku
Kde MSE hlasil havet, pripadne mrknete to karanteny Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku
Položky: file:c:\documents and settings\matej\Desktop\eBay.lnk
file:c:\Qoobox\Quarantine\C\Documents and Settings\matej\Application Data\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe.vir
soubory smazány
Google toolbar jsem odinstaloval, možnost odstranit ICQ toolbar jsem nenašel Logy (čekal jsem na ně celou noc 
:OTL Extras logfile created on: 4.10.2011 21:30:26 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\hynek\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 231,65 Mb Available Physical Memory | 22,66% Memory free
2,40 Gb Paging File | 1,78 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 40,30 Gb Free Space | 13,52% Space Free | Partition Type: NTFS
Drive D: | 1,51 Gb Total Space | 1,23 Gb Free Space | 81,10% Space Free | Partition Type: FAT
Drive S: | 186,31 Gb Total Space | 54,60 Gb Free Space | 29,31% Space Free | Partition Type: NTFS
Drive U: | 186,31 Gb Total Space | 54,60 Gb Free Space | 29,31% Space Free | Partition Type: NTFS
Drive Z: | 686,43 Gb Total Space | 282,17 Gb Free Space | 41,11% Space Free | Partition Type: NTFS
Computer Name: MATEJ | User Name: hynek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1715567821-507921405-1957994488-1150\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"\\Hbwares\Společné\Instal\Hardware\TISKARNY\Belkin - printserver\files\setup.exe" = \\Hbwares\Společné\Instal\Hardware\TISKARNY\Belkin - printserver\files\setup.exe:*:Enabled:setup.exe
"C:\wincmd\WINCMD32.EXE" = C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit internationale Version, Dateimanager-Ersatz fuer Windows -- (C. Ghisler & Co.)
"\\Hbwares\Společné\Instal\Hardware\SITOVKY\bezdrát\Linksys WAP54G\Setup Wizard\WAP54G-full package-0420\Setup.exe" = \\Hbwares\Společné\Instal\Hardware\SITOVKY\bezdrát\Linksys WAP54G\Setup Wizard\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup.exe
"C:\temp\WAP54G-full package-0420\Setup.exe" = C:\temp\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup Wizard of WAP54G -- (Linksys)
"C:\ICQ\ICQ6\ICQ.exe" = C:\ICQ\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
"C:\QIP\qip\qip.exe" = C:\QIP\qip\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\QIP\qip.exe" = C:\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Documents and Settings\matej\Desktop\Commander.exe" = C:\Documents and Settings\matej\Desktop\Commander.exe:*:Enabled:Commander -- (Pablo Software Solutions)
"C:\HRY\FM08\fm.exe" = C:\HRY\FM08\fm.exe:*:Enabled:Football Manager 2008 -- (Sports Interactive)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\temp\WAP54G-full package-0420\Setup.exe" = C:\temp\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup Wizard of WAP54G -- (Linksys)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0BA9CAC3-5131-4E59-B2AB-B765E876AAA2}" = Brother MFL-Pro Suite
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36C991BC-0116-4777-AC7C-4B2A5D7C6DEF}" = Localization Pack for Microsoft Windows XP Media Center Edition
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{766D51EF-3F9E-490F-8490-0F24910F18BC}" = Zoner Media Explorer 6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2347E4-153B-4194-AA3B-97C0A662B369}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{B530C7EE-9C40-11D4-8583-004F4E03F091}" = Zoner Callisto 4
"{BFEDA49F-2E91-4B54-A366-F5A198FE1173}" = DVB-PC TV Star
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D032A7F0-8B5C-4603-8B46-235025D5F9C1}" = TechniSat DVB-PC TV Star
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Aesop GIF Creator v.1.6_is1" = Aesop v.1.6
"ATF" = ATF
"AVI ReComp" = AVI ReComp 1.2.3
"AviSynth" = AviSynth 2.5
"BelkinPort" = BelkinPort Monitor
"BSPlayerf" = BS.Player FREE
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Corel Applications" = Corel Applications
"DivX Codec" = DivX Codec
"DVBViewer TE_is1" = DVBViewer TE
"EAX Unified" = EAX Unified
"Football Manager 2008" = Football Manager 2008
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"HijackThis" = HijackThis 2.0.2
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Image Mapper" = Image Mapper
"imapbuilder_webunion_is1" = iMapBuilder Interactive Flash Map Builder v2.23 (Demo Version)
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"KONICA MINOLTA magicolor 2430DL" = KONICA MINOLTA magicolor 2430DL
"LANGMaster 4.0 Elementary" = LANGMaster 4.0 - Elementary Level
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 6.0.2 (x86 cs)" = Mozilla Firefox 6.0.2 (x86 cs)
"MV2Player" = MV2Player (remove only)
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"pdfFactory Pro" = pdfFactory Pro
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"Plus500" = Plus500
"PowerDVD" = PowerDVD
"ProgDVB" = ProgDVB
"QIP 2005_is1" = QIP 2005 8080
"QIP2005" = QIP 2005 Uninstall
"rajče.net_is1" = rajče beta53
"RealPlayer 12.0" = RealPlayer
"Shockwave" = Shockwave
"ST6UNST #1" = Meracl ImageMap Generator v3.5.3
"ST6UNST #2" = Meracl ImageMap Generator v3.5.3 (C:\Program Files\Meracl ImageMap Generator\)
"Umíme ve Flashi_is1" = 1.1.13.568
"Visual MP3 Splitter & Joiner_is1" = Visual MP3 Splitter & Joiner 5.9
"WIC" = Windows Imaging Component
"Win Ekonom plus 6.11.1.3" = Win Ekonom plus 6.11.1.3
"Win Ekonom standard 6.11.1.3" = Win Ekonom standard 6.11.1.3
"Win Ekonom standard 6.7.2" = Win Ekonom standard 6.7.2
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.1 beta
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5.6.2011 3:35:42 | Computer Name = MATEJ | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 10.0.2627.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.6.2011 3:57:23 | Computer Name = MATEJ | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.6.2011 5:31:59 | Computer Name = MATEJ | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 16.6.2011 4:57:39 | Computer Name = MATEJ | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Zme6.exe, verze 6.0.4000.8, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 16.6.2011 4:57:40 | Computer Name = MATEJ | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Zme6.exe, verze 6.0.4000.8, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 18.6.2011 3:24:29 | Computer Name = MATEJ | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.
Error - 18.6.2011 3:24:30 | Computer Name = MATEJ | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.
Error - 18.6.2011 3:25:35 | Computer Name = MATEJ | Source = AutoEnrollment | ID = 15
Description = Automatickému zápisu certifikátu pro Local System se nezdařilo kontaktovat
adresář Active Directory(0x8007054b). Zadaná doména neexistuje nebo není k dispozici.
Zápis nebude proveden.
Error - 19.6.2011 13:11:38 | Computer Name = MATEJ | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 2.0.1.4120, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 21.6.2011 5:09:58 | Computer Name = MATEJ | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Photoshop.exe, verze 12.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 12.9.2011 12:36:08 | Computer Name = MATEJ | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
IMAPI CD-Burning COM Service.
Error - 12.9.2011 12:36:08 | Computer Name = MATEJ | Source = Service Control Manager | ID = 7000
Description = Služba IMAPI CD-Burning COM Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 13.9.2011 17:35:12 | Computer Name = MATEJ | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 28.9.2011 3:36:26 | Computer Name = MATEJ | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
IMAPI CD-Burning COM Service.
Error - 28.9.2011 3:36:26 | Computer Name = MATEJ | Source = Service Control Manager | ID = 7000
Description = Služba IMAPI CD-Burning COM Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 2.10.2011 13:04:46 | Computer Name = MATEJ | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby COMSysApp
s argumenty za účelem spuštění serveru: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
Error - 2.10.2011 13:05:08 | Computer Name = MATEJ | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
COM+ System Application.
Error - 2.10.2011 13:05:08 | Computer Name = MATEJ | Source = Service Control Manager | ID = 7000
Description = Služba COM+ System Application neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 2.10.2011 14:25:10 | Computer Name = MATEJ | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8024200d: Windows XP Service Pack 3 (KB936929).
Error - 4.10.2011 11:51:05 | Computer Name = MATEJ | Source = Service Control Manager | ID = 7016
Description = Služba BrSplService ohlásila neplatný současný stav 0.
< End of report >
Re: Prosím o preventivku
OTL logfile created on: 4.10.2011 21:30:25 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\hynek\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 231,65 Mb Available Physical Memory | 22,66% Memory free
2,40 Gb Paging File | 1,78 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 40,30 Gb Free Space | 13,52% Space Free | Partition Type: NTFS
Drive D: | 1,51 Gb Total Space | 1,23 Gb Free Space | 81,10% Space Free | Partition Type: FAT
Drive S: | 186,31 Gb Total Space | 54,60 Gb Free Space | 29,31% Space Free | Partition Type: NTFS
Drive U: | 186,31 Gb Total Space | 54,60 Gb Free Space | 29,31% Space Free | Partition Type: NTFS
Drive Z: | 686,43 Gb Total Space | 282,17 Gb Free Space | 41,11% Space Free | Partition Type: NTFS
Computer Name: MATEJ | User Name: hynek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.04 21:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hynek\Desktop\OTL.exe
PRC - [2011.09.06 21:46:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.12 12:48:46 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Deamon\DAEMON Tools\daemon.exe
PRC - [2006.08.02 23:12:00 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.03.13 20:29:46 | 000,344,064 | ---- | M] (TechniSat) -- C:\Program Files\TechniSat DVB\bin\Server4PC.exe
PRC - [2005.03.03 15:02:50 | 000,479,232 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fppdis2a.exe
PRC - [2004.07.20 10:34:28 | 000,851,968 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.06 21:46:06 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010.12.24 19:12:24 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.02.05 20:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008.04.14 02:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 02:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006.07.14 07:34:00 | 000,007,680 | ---- | M] () -- C:\Deamon\DAEMON Tools\Plugins\Images\bw5mount.dll
MOD - [2006.03.13 20:19:16 | 000,131,072 | ---- | M] () -- C:\Program Files\TechniSat DVB\bin\libbz2.dll
MOD - [2004.01.28 05:16:18 | 000,307,200 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2004.01.22 09:36:28 | 000,120,832 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2003.09.24 01:59:02 | 000,151,602 | ---- | M] () -- C:\WINDOWS\system32\pspnt.dll
MOD - [2002.11.26 14:43:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\BrMuSNMP.dll
MOD - [2001.07.31 05:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2006.11.06 14:21:10 | 000,210,432 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2011.10.04 17:48:34 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D05454B5-B68E-46BB-B325-9212055D946D}\MpKsl3eded9a4.sys -- (MpKsl3eded9a4)
DRV - [2007.03.17 14:19:12 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006.09.05 21:09:26 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59obex.sys -- (se59obex)
DRV - [2006.09.05 21:08:40 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mgmt.sys -- (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM)
DRV - [2006.09.05 21:07:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdm.sys -- (se59mdm)
DRV - [2006.09.05 21:07:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdfl.sys -- (se59mdfl)
DRV - [2006.09.05 21:07:00 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM)
DRV - [2006.09.05 21:06:28 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59nd5.sys -- (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS)
DRV - [2006.09.05 21:06:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59unic.sys -- (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM)
DRV - [2006.08.18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.05.01 13:59:18 | 000,086,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31obex.sys -- (SE31obex)
DRV - [2006.05.01 13:58:30 | 000,088,688 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31mgmt.sys -- (SE31mgmt) Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM)
DRV - [2006.05.01 13:57:42 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31mdm.sys -- (SE31mdm)
DRV - [2006.05.01 13:57:38 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31mdfl.sys -- (SE31mdfl)
DRV - [2006.05.01 13:56:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31bus.sys -- (SE31bus) Sony Ericsson Device 049 Driver driver (WDM)
DRV - [2006.05.01 13:56:16 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se31nd5.sys -- (se31nd5) Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS)
DRV - [2006.05.01 13:56:12 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se31unic.sys -- (se31unic) Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM)
DRV - [2006.02.20 18:59:36 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810obex.sys -- (w810obex)
DRV - [2006.02.20 18:59:34 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdm.sys -- (w810mdm)
DRV - [2006.02.20 18:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006.02.20 18:59:32 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdfl.sys -- (w810mdfl)
DRV - [2006.02.20 18:59:28 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2004.09.03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.09.03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.06.21 17:03:22 | 000,078,976 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004.03.10 17:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2002.03.19 11:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [1997.12.23 03:02:46 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ns.hb-ware.cz:8080
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=FF_5&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Picasa 3\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.04.14 20:14:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.06 21:46:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.26 20:54:09 | 000,000,000 | ---D | M]
[2011.05.26 15:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hynek\Application Data\mozilla\Extensions
[2011.05.26 17:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hynek\Application Data\mozilla\Firefox\Profiles\yf39my4j.default\extensions
[2011.05.26 17:36:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\hynek\Application Data\mozilla\Firefox\Profiles\yf39my4j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.26 20:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.26 20:54:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010.12.24 19:10:27 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.07.26 20:53:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.09.06 21:46:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.26 20:53:48 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.04.13 21:24:08 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\firmycz.xml
[2011.05.31 16:46:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.05.31 16:46:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.26 21:23:02 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.04.13 21:24:30 | 000,002,041 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mapycz.xml
[2011.05.31 16:46:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.05.31 16:46:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.05.31 16:46:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
[2010.04.13 21:24:54 | 000,002,207 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zbocz.xml
O1 HOSTS File: ([2009.10.04 15:57:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O3 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DAEMON Tools] C:\Deamon\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe (TechniSat)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 3967921166 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D67DB088-70B4-4006-B052-57F614FD3AA8} http://www.vguard.net/myasp/chtIEx.cab (ChtIEx Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58AD065B-9C40-4D3C-8D65-62FE50B6EB3D}: DhcpNameServer = 192.168.100.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\hynek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\hynek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.14 16:14:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.07.04 14:46:22 | 000,000,199 | ---- | M] () - D:\AUTOEXEC.DOS -- [ FAT ]
O32 - AutoRun File - [2005.07.04 15:24:06 | 000,000,224 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\vdrcodec.dll (Pinnacle Systems)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.04 21:27:39 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\hynek\Desktop\OTL.exe
[2011.10.04 19:58:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\hynek\IECompatCache
[2011.10.04 19:55:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\hynek\PrivacIE
[2011.10.04 16:46:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.04 16:18:56 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011.10.04 16:15:46 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011.10.04 16:11:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011.10.04 16:08:45 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011.10.04 16:08:36 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011.10.04 15:33:25 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011.10.04 15:33:11 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011.10.02 22:48:55 | 000,000,000 | ---D | C] -- S:\HYNEK\Dokumenty\Rulers of nation
[2011.10.02 22:37:52 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011.10.02 22:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.10.02 22:19:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.10.02 22:01:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011.10.02 22:01:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.10.02 22:01:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011.10.02 22:01:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.10.02 21:55:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011.10.02 21:49:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.10.02 20:42:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2011.10.02 20:42:47 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011.10.02 20:42:47 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011.10.02 20:42:47 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011.10.02 20:42:47 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011.10.02 20:42:47 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011.10.02 20:42:47 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011.10.02 20:42:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011.10.02 20:42:46 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2011.10.02 20:42:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011.10.02 20:42:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2011.10.02 20:42:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2011.10.02 20:42:31 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2011.10.02 20:42:31 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011.10.02 20:42:31 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2011.10.02 20:42:30 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011.10.02 20:42:30 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2011.10.02 20:42:30 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2011.10.02 20:42:30 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011.10.02 20:42:30 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011.10.02 20:42:30 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2011.10.02 20:42:30 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2011.10.02 20:42:30 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2011.10.02 20:42:30 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2011.10.02 20:42:28 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2011.10.02 20:42:26 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011.10.02 20:42:25 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2011.10.02 20:42:25 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2011.10.02 20:42:24 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011.10.02 20:42:24 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011.10.02 20:42:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2011.10.02 20:42:21 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2011.10.02 20:42:11 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011.10.02 20:42:06 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011.10.02 20:42:06 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2011.10.02 20:42:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2011.10.02 20:42:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2011.10.02 20:42:06 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2011.10.02 20:42:05 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2011.10.02 20:42:05 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011.10.02 20:42:05 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011.10.02 20:42:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011.10.02 20:42:04 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011.10.02 20:42:03 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2011.10.02 20:42:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2011.10.02 20:41:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2011.10.02 20:41:48 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2011.10.02 20:41:48 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2011.10.02 20:41:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2011.10.02 20:41:45 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011.10.02 20:41:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2011.10.02 20:40:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2011.10.02 20:40:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2011.10.02 20:40:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2011.10.02 20:40:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011.10.02 20:40:38 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2011.10.02 20:40:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2011.10.02 20:40:27 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2011.10.02 20:40:27 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2011.10.02 20:40:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2011.10.02 20:40:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2011.10.02 20:40:24 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2011.10.02 20:40:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2011.10.02 20:40:24 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2011.10.02 20:40:24 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2011.10.02 20:40:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2011.10.02 20:40:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2011.10.02 20:40:16 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2011.10.02 20:40:14 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2011.10.02 20:40:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011.10.02 20:40:13 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2011.10.02 20:40:13 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2011.10.02 20:40:13 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2011.10.02 20:40:13 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2011.10.02 20:40:12 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2011.10.02 20:40:12 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011.10.02 20:40:12 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011.10.02 20:40:12 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011.10.02 20:40:12 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011.10.02 20:40:12 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2011.10.02 20:40:12 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011.10.02 20:40:12 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011.10.02 20:40:12 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2011.10.02 20:40:12 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2011.10.02 20:40:12 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011.10.02 20:40:12 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011.10.02 20:40:12 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011.10.02 20:40:12 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2011.10.02 20:40:12 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2011.10.02 20:40:11 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2011.10.02 20:40:11 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2011.10.02 20:40:11 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2011.10.02 20:40:11 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011.10.02 20:40:11 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011.10.02 20:40:11 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2011.10.02 20:40:11 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2011.10.02 20:40:11 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011.10.02 20:40:11 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011.10.02 20:40:11 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011.10.02 20:40:11 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011.10.02 20:40:11 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011.10.02 20:40:11 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011.10.02 20:40:11 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011.10.02 20:40:11 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011.10.02 20:40:11 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011.10.02 20:40:11 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011.10.02 20:40:11 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011.10.02 20:40:06 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2011.10.02 20:40:06 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2011.10.02 20:40:06 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2011.10.02 20:40:06 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2011.10.02 20:40:06 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2011.10.02 20:40:06 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2011.10.02 20:40:06 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2011.10.02 20:40:04 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011.10.02 19:41:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\hynek\IETldCache
[2011.10.02 19:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.10.02 19:33:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011.10.02 19:33:33 | 011,081,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011.10.02 19:33:33 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011.10.02 19:33:33 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.10.02 19:33:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011.10.02 19:33:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.10.02 19:32:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.10.02 19:17:36 | 000,000,000 | ---D | C] -- S:\HYNEK\Dokumenty\Stažené soubory
[2011.10.02 19:09:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2011.10.02 18:53:12 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2011.10.02 18:53:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2011.10.02 18:52:57 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2011.10.02 18:52:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[23 S:\HYNEK\Dokumenty\*.tmp files -> S:\HYNEK\Dokumenty\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.10.04 21:32:41 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.04 21:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hynek\Desktop\OTL.exe
[2011.10.04 21:10:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.04 20:57:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152UA.job
[2011.10.04 20:19:30 | 000,059,282 | -H-- | M] () -- C:\treeinfo.wc
[2011.10.04 20:19:30 | 000,000,938 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.10.04 19:59:05 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1150.job
[2011.10.04 19:59:04 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1150.job
[2011.10.04 17:53:35 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.10.04 17:49:33 | 000,186,500 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.10.04 17:49:05 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.04 17:49:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.04 17:48:59 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
[2011.10.04 17:48:58 | 003,611,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.04 17:48:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.04 17:48:10 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.04 17:19:04 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.04 17:19:04 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.04 17:08:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.10.04 16:50:30 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\hynek\Application Data\Microsoft\Internet Explorer\Quick Launch\Spustit aplikaci Microsoft Outlook.lnk
[2011.10.04 16:34:36 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\hynek\Desktop\RSIT.exe
[2011.10.02 22:50:02 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.10.02 22:26:44 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011.10.02 22:25:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.10.02 22:17:44 | 002,319,606 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2011.10.02 21:54:37 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011.10.02 19:47:20 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\hynek\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.10.02 18:21:47 | 000,000,521 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2011.10.02 16:51:35 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
[2011.10.02 09:57:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152Core.job
[2011.10.02 02:00:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HBWARE-matej.job
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[23 S:\HYNEK\Dokumenty\*.tmp files -> S:\HYNEK\Dokumenty\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.04 21:32:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.04 16:34:17 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\hynek\Desktop\RSIT.exe
[2011.10.02 22:32:54 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.10.02 22:26:09 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.10.02 20:42:08 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011.10.02 20:40:49 | 000,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2011.10.02 20:40:20 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011.10.02 20:40:12 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011.10.02 19:47:18 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\hynek\Start Menu\Programs\Internet Explorer.lnk
[2011.10.02 19:23:42 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011.10.02 19:14:51 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\hynek\Desktop\Mozilla Firefox.lnk
[2011.10.02 18:53:13 | 000,186,500 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2011.10.02 18:53:12 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011.09.30 18:34:52 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
[2011.05.26 15:04:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.03.05 11:31:22 | 003,673,360 | ---- | C] () -- C:\WINDOWS\System32\MSO97RT.DLL
[2011.03.05 11:31:22 | 001,584,912 | ---- | C] () -- C:\WINDOWS\System32\GRAPH8.EXE
[2010.11.17 12:12:20 | 000,059,180 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.08.25 21:05:32 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.12.20 16:21:07 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2009.12.09 17:46:38 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009.12.09 17:46:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009.12.09 17:46:38 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009.12.09 17:46:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009.10.03 18:28:54 | 000,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.10.03 18:28:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.10.03 18:28:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.10.03 18:28:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.04.24 13:52:25 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.04.24 13:52:25 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.03.10 20:12:49 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2009.03.10 19:32:01 | 000,039,095 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2009.03.10 19:32:00 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll
[2008.12.27 21:10:54 | 002,047,416 | ---- | C] () -- C:\WINDOWS\qip8090.exe
[2008.12.12 23:03:04 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.05.16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.05.16 14:01:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008.05.16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.05.16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008.05.16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.05.16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.05.16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008.05.16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008.05.16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.04.05 15:06:49 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\hynek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.10 21:19:28 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\oledb.dll
[2007.10.31 21:35:48 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.07.04 17:56:48 | 000,000,624 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.06.17 11:54:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2007.05.23 20:00:08 | 000,298,496 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2007.05.06 14:02:33 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2007.04.25 12:28:50 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.22 14:33:20 | 000,000,063 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007.04.12 17:29:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007.03.19 22:28:59 | 000,001,269 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.03.18 23:18:35 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.03.15 19:42:47 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007.03.15 19:42:14 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.03.15 19:41:59 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.03.15 18:12:08 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2007.03.15 18:11:16 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007.03.15 18:11:15 | 000,000,779 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007.03.15 18:11:15 | 000,000,460 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007.03.15 18:11:15 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007.03.15 18:11:15 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2007.03.15 18:10:46 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007.03.15 18:10:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2007.03.15 18:09:20 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007.03.15 17:58:03 | 000,151,602 | ---- | C] () -- C:\WINDOWS\System32\pspnt.dll
[2007.03.15 17:58:03 | 000,065,606 | ---- | C] () -- C:\WINDOWS\System32\rmvport.exe
[2007.03.15 17:57:16 | 000,000,521 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2007.03.15 17:43:56 | 000,000,938 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.03.15 17:12:30 | 000,000,384 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.15 16:40:46 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\hynek\Local Settings\Application Data\fusioncache.dat
[2007.03.14 16:16:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.14 15:54:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.03.14 15:49:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.14 15:48:38 | 003,611,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.09.12 14:43:52 | 000,020,436 | ---- | C] () -- C:\WINDOWS\MSUMLT_U.INI
[2006.09.12 14:43:51 | 000,037,300 | ---- | C] () -- C:\WINDOWS\MSTMON_U.INI
[2006.09.12 14:43:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\MSHRES_U.DLL
[2006.03.15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.15 14:00:00 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.15 14:00:00 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.08.05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.04.18 20:37:41 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2004.03.18 09:44:29 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004.03.05 16:28:08 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\vgtool.dll
[2002.03.04 11:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
========== LOP Check ==========
[2010.11.26 19:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2007.03.28 15:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.03.10 20:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010.10.23 21:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2007.03.15 18:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009.03.10 20:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011.10.02 22:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007.08.23 15:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\ICQ
[2007.04.18 15:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\PC Suite
[2007.04.18 15:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\Teleca
[2007.04.29 22:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\Zoner
[2008.01.29 15:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ
[2007.08.16 17:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ Toolbar
[2007.04.24 09:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Nokia Multimedia Player
[2007.03.28 20:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\PC Suite
[2007.03.30 13:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Teleca
[2007.03.30 13:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Zoner
[2007.09.10 18:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Application Data\ICQ Toolbar
[2007.07.02 18:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Application Data\PC Suite
[2007.07.02 18:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Application Data\Teleca
[2011.01.09 11:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\BSplayer
[2011.01.09 11:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\BSplayer Pro
[2010.11.17 12:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.05.26 20:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Graphs Made Easy
[2007.05.05 12:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\GullySoft
[2011.04.19 23:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\ICQ
[2007.08.15 10:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\ICQ Toolbar
[2009.08.22 23:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\iMapBuilder
[2009.01.24 01:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Leadertech
[2009.03.13 21:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\MyPhoneExplorer
[2007.03.28 15:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Nokia
[2007.03.28 15:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\PC Suite
[2009.03.08 13:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Sachy
[2007.04.12 17:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\ScanSoft
[2008.05.02 13:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Sports Interactive
[2010.10.23 20:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.08.25 21:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Teleca
[2008.11.24 21:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Zoner
[2007.08.17 11:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\ICQ
[2007.08.15 13:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\ICQ Toolbar
[2007.08.24 10:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\Nokia Multimedia Player
[2007.03.28 16:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\PC Suite
[2007.03.30 16:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\Teleca
[2007.08.31 13:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\Zoner
[2011.10.04 17:53:35 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\martina\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\matej2\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\zalohy\matej2\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2006.03.15 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\martina\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\matej2\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2000.06.08 18:00:00 | 000,003,248 | ---- | M] (Microsoft Corporation) MD5=26A8CC0782284C41627B15D5BD938F77 -- C:\zalohy\martina\zalohy\c\WINDOWS\SYSTEM\AUTOCHK.EXE
[2001.10.25 14:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=6EBB26DD0E33C0426FB4A316418E67FC -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2001.10.25 14:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=6EBB26DD0E33C0426FB4A316418E67FC -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2006.03.15 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2006.03.15 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\martina\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\cbbb4d3c59f673ea67243d6f\i386\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.15 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\martina\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\matej2\WINDOWS\system32\drivers\cdrom.sys
[2001.10.25 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=CB762E814F602229A574F4D78D3D6A30 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2001.10.25 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=CB762E814F602229A574F4D78D3D6A30 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\cdrom.sys
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\hynek\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 231,65 Mb Available Physical Memory | 22,66% Memory free
2,40 Gb Paging File | 1,78 Gb Available in Paging File | 74,21% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 40,30 Gb Free Space | 13,52% Space Free | Partition Type: NTFS
Drive D: | 1,51 Gb Total Space | 1,23 Gb Free Space | 81,10% Space Free | Partition Type: FAT
Drive S: | 186,31 Gb Total Space | 54,60 Gb Free Space | 29,31% Space Free | Partition Type: NTFS
Drive U: | 186,31 Gb Total Space | 54,60 Gb Free Space | 29,31% Space Free | Partition Type: NTFS
Drive Z: | 686,43 Gb Total Space | 282,17 Gb Free Space | 41,11% Space Free | Partition Type: NTFS
Computer Name: MATEJ | User Name: hynek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.04 21:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hynek\Desktop\OTL.exe
PRC - [2011.09.06 21:46:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.12 12:48:46 | 000,157,592 | ---- | M] (DT Soft Ltd.) -- C:\Deamon\DAEMON Tools\daemon.exe
PRC - [2006.08.02 23:12:00 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.03.13 20:29:46 | 000,344,064 | ---- | M] (TechniSat) -- C:\Program Files\TechniSat DVB\bin\Server4PC.exe
PRC - [2005.03.03 15:02:50 | 000,479,232 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fppdis2a.exe
PRC - [2004.07.20 10:34:28 | 000,851,968 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.06 21:46:06 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010.12.24 19:12:24 | 005,971,408 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.02.05 20:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008.04.14 02:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 02:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006.07.14 07:34:00 | 000,007,680 | ---- | M] () -- C:\Deamon\DAEMON Tools\Plugins\Images\bw5mount.dll
MOD - [2006.03.13 20:19:16 | 000,131,072 | ---- | M] () -- C:\Program Files\TechniSat DVB\bin\libbz2.dll
MOD - [2004.01.28 05:16:18 | 000,307,200 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2004.01.22 09:36:28 | 000,120,832 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2003.09.24 01:59:02 | 000,151,602 | ---- | M] () -- C:\WINDOWS\system32\pspnt.dll
MOD - [2002.11.26 14:43:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\BrMuSNMP.dll
MOD - [2001.07.31 05:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2006.11.06 14:21:10 | 000,210,432 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2011.10.04 17:48:34 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D05454B5-B68E-46BB-B325-9212055D946D}\MpKsl3eded9a4.sys -- (MpKsl3eded9a4)
DRV - [2007.03.17 14:19:12 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006.09.05 21:09:26 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59obex.sys -- (se59obex)
DRV - [2006.09.05 21:08:40 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mgmt.sys -- (se59mgmt) Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM)
DRV - [2006.09.05 21:07:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdm.sys -- (se59mdm)
DRV - [2006.09.05 21:07:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59mdfl.sys -- (se59mdfl)
DRV - [2006.09.05 21:07:00 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM)
DRV - [2006.09.05 21:06:28 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59nd5.sys -- (se59nd5) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS)
DRV - [2006.09.05 21:06:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59unic.sys -- (se59unic) Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM)
DRV - [2006.08.18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.05.01 13:59:18 | 000,086,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31obex.sys -- (SE31obex)
DRV - [2006.05.01 13:58:30 | 000,088,688 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31mgmt.sys -- (SE31mgmt) Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM)
DRV - [2006.05.01 13:57:42 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31mdm.sys -- (SE31mdm)
DRV - [2006.05.01 13:57:38 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31mdfl.sys -- (SE31mdfl)
DRV - [2006.05.01 13:56:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE31bus.sys -- (SE31bus) Sony Ericsson Device 049 Driver driver (WDM)
DRV - [2006.05.01 13:56:16 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se31nd5.sys -- (se31nd5) Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS)
DRV - [2006.05.01 13:56:12 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se31unic.sys -- (se31unic) Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM)
DRV - [2006.02.20 18:59:36 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810obex.sys -- (w810obex)
DRV - [2006.02.20 18:59:34 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdm.sys -- (w810mdm)
DRV - [2006.02.20 18:59:34 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mgmt.sys -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - [2006.02.20 18:59:32 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810mdfl.sys -- (w810mdfl)
DRV - [2006.02.20 18:59:28 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w810bus.sys -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - [2004.09.03 19:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.09.03 19:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.06.21 17:03:22 | 000,078,976 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004.03.10 17:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2002.03.19 11:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [1997.12.23 03:02:46 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ns.hb-ware.cz:8080
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=FF_5&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Picasa 3\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.04.14 20:14:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.06 21:46:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.26 20:54:09 | 000,000,000 | ---D | M]
[2011.05.26 15:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hynek\Application Data\mozilla\Extensions
[2011.05.26 17:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hynek\Application Data\mozilla\Firefox\Profiles\yf39my4j.default\extensions
[2011.05.26 17:36:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\hynek\Application Data\mozilla\Firefox\Profiles\yf39my4j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.26 20:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.26 20:54:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2010.12.24 19:10:27 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.07.26 20:53:48 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.09.06 21:46:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.26 20:53:48 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.04.13 21:24:08 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\firmycz.xml
[2011.05.31 16:46:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.05.31 16:46:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.26 21:23:02 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.04.13 21:24:30 | 000,002,041 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mapycz.xml
[2011.05.31 16:46:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.05.31 16:46:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.05.31 16:46:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
[2010.04.13 21:24:54 | 000,002,207 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zbocz.xml
O1 HOSTS File: ([2009.10.04 15:57:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O3 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DAEMON Tools] C:\Deamon\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe (TechniSat)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe (ICQ, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 3967921166 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D67DB088-70B4-4006-B052-57F614FD3AA8} http://www.vguard.net/myasp/chtIEx.cab (ChtIEx Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58AD065B-9C40-4D3C-8D65-62FE50B6EB3D}: DhcpNameServer = 192.168.100.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\hynek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\hynek\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.14 16:14:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.07.04 14:46:22 | 000,000,199 | ---- | M] () - D:\AUTOEXEC.DOS -- [ FAT ]
O32 - AutoRun File - [2005.07.04 15:24:06 | 000,000,224 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\vdrcodec.dll (Pinnacle Systems)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.04 21:27:39 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\hynek\Desktop\OTL.exe
[2011.10.04 19:58:35 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\hynek\IECompatCache
[2011.10.04 19:55:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\hynek\PrivacIE
[2011.10.04 16:46:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.10.04 16:18:56 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011.10.04 16:15:46 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011.10.04 16:11:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011.10.04 16:08:45 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011.10.04 16:08:36 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011.10.04 15:33:25 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011.10.04 15:33:11 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011.10.02 22:48:55 | 000,000,000 | ---D | C] -- S:\HYNEK\Dokumenty\Rulers of nation
[2011.10.02 22:37:52 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011.10.02 22:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.10.02 22:19:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.10.02 22:01:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011.10.02 22:01:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.10.02 22:01:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011.10.02 22:01:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.10.02 21:55:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011.10.02 21:49:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.10.02 20:42:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2011.10.02 20:42:47 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011.10.02 20:42:47 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011.10.02 20:42:47 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011.10.02 20:42:47 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011.10.02 20:42:47 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011.10.02 20:42:47 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011.10.02 20:42:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011.10.02 20:42:46 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2011.10.02 20:42:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011.10.02 20:42:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2011.10.02 20:42:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2011.10.02 20:42:31 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2011.10.02 20:42:31 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011.10.02 20:42:31 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2011.10.02 20:42:30 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011.10.02 20:42:30 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2011.10.02 20:42:30 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2011.10.02 20:42:30 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011.10.02 20:42:30 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011.10.02 20:42:30 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2011.10.02 20:42:30 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2011.10.02 20:42:30 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2011.10.02 20:42:30 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2011.10.02 20:42:28 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2011.10.02 20:42:26 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011.10.02 20:42:25 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2011.10.02 20:42:25 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2011.10.02 20:42:24 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011.10.02 20:42:24 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011.10.02 20:42:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2011.10.02 20:42:21 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2011.10.02 20:42:11 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011.10.02 20:42:06 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011.10.02 20:42:06 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2011.10.02 20:42:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2011.10.02 20:42:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2011.10.02 20:42:06 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2011.10.02 20:42:05 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2011.10.02 20:42:05 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011.10.02 20:42:05 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011.10.02 20:42:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011.10.02 20:42:04 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011.10.02 20:42:03 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2011.10.02 20:42:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2011.10.02 20:41:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2011.10.02 20:41:48 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2011.10.02 20:41:48 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2011.10.02 20:41:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2011.10.02 20:41:45 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011.10.02 20:41:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2011.10.02 20:41:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2011.10.02 20:40:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2011.10.02 20:40:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2011.10.02 20:40:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2011.10.02 20:40:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011.10.02 20:40:38 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2011.10.02 20:40:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2011.10.02 20:40:27 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2011.10.02 20:40:27 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2011.10.02 20:40:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2011.10.02 20:40:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2011.10.02 20:40:24 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2011.10.02 20:40:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2011.10.02 20:40:24 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2011.10.02 20:40:24 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2011.10.02 20:40:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2011.10.02 20:40:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2011.10.02 20:40:16 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2011.10.02 20:40:14 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2011.10.02 20:40:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011.10.02 20:40:13 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2011.10.02 20:40:13 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2011.10.02 20:40:13 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2011.10.02 20:40:13 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2011.10.02 20:40:12 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2011.10.02 20:40:12 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011.10.02 20:40:12 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011.10.02 20:40:12 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011.10.02 20:40:12 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011.10.02 20:40:12 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2011.10.02 20:40:12 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011.10.02 20:40:12 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011.10.02 20:40:12 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2011.10.02 20:40:12 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2011.10.02 20:40:12 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011.10.02 20:40:12 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011.10.02 20:40:12 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011.10.02 20:40:12 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2011.10.02 20:40:12 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2011.10.02 20:40:11 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2011.10.02 20:40:11 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2011.10.02 20:40:11 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2011.10.02 20:40:11 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011.10.02 20:40:11 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011.10.02 20:40:11 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2011.10.02 20:40:11 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2011.10.02 20:40:11 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011.10.02 20:40:11 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011.10.02 20:40:11 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011.10.02 20:40:11 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011.10.02 20:40:11 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011.10.02 20:40:11 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011.10.02 20:40:11 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011.10.02 20:40:11 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011.10.02 20:40:11 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011.10.02 20:40:11 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011.10.02 20:40:11 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011.10.02 20:40:06 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2011.10.02 20:40:06 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2011.10.02 20:40:06 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2011.10.02 20:40:06 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2011.10.02 20:40:06 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2011.10.02 20:40:06 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2011.10.02 20:40:06 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2011.10.02 20:40:04 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011.10.02 19:41:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\hynek\IETldCache
[2011.10.02 19:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.10.02 19:33:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011.10.02 19:33:33 | 011,081,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011.10.02 19:33:33 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011.10.02 19:33:33 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.10.02 19:33:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011.10.02 19:33:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.10.02 19:32:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.10.02 19:17:36 | 000,000,000 | ---D | C] -- S:\HYNEK\Dokumenty\Stažené soubory
[2011.10.02 19:09:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2011.10.02 18:53:12 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvudisp.exe
[2011.10.02 18:53:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2011.10.02 18:52:57 | 000,446,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUNINST.EXE
[2011.10.02 18:52:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[23 S:\HYNEK\Dokumenty\*.tmp files -> S:\HYNEK\Dokumenty\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.10.04 21:32:41 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.04 21:19:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hynek\Desktop\OTL.exe
[2011.10.04 21:10:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.04 20:57:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152UA.job
[2011.10.04 20:19:30 | 000,059,282 | -H-- | M] () -- C:\treeinfo.wc
[2011.10.04 20:19:30 | 000,000,938 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2011.10.04 19:59:05 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1150.job
[2011.10.04 19:59:04 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1150.job
[2011.10.04 17:53:35 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.10.04 17:49:33 | 000,186,500 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.10.04 17:49:05 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.04 17:49:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.04 17:48:59 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
[2011.10.04 17:48:58 | 003,611,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.04 17:48:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.04 17:48:10 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.04 17:19:04 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.04 17:19:04 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.04 17:08:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.10.04 16:50:30 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\hynek\Application Data\Microsoft\Internet Explorer\Quick Launch\Spustit aplikaci Microsoft Outlook.lnk
[2011.10.04 16:34:36 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\hynek\Desktop\RSIT.exe
[2011.10.02 22:50:02 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.10.02 22:26:44 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011.10.02 22:25:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.10.02 22:17:44 | 002,319,606 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2011.10.02 21:54:37 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011.10.02 19:47:20 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\hynek\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.10.02 18:21:47 | 000,000,521 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2011.10.02 16:51:35 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
[2011.10.02 09:57:00 | 000,000,980 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152Core.job
[2011.10.02 02:00:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HBWARE-matej.job
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[23 S:\HYNEK\Dokumenty\*.tmp files -> S:\HYNEK\Dokumenty\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.04 21:32:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.04 16:34:17 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\hynek\Desktop\RSIT.exe
[2011.10.02 22:32:54 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.10.02 22:26:09 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.10.02 20:42:08 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011.10.02 20:40:49 | 000,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2011.10.02 20:40:20 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011.10.02 20:40:12 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011.10.02 19:47:18 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\hynek\Start Menu\Programs\Internet Explorer.lnk
[2011.10.02 19:23:42 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011.10.02 19:14:51 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\hynek\Desktop\Mozilla Firefox.lnk
[2011.10.02 18:53:13 | 000,186,500 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2011.10.02 18:53:12 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2011.09.30 18:34:52 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
[2011.05.26 15:04:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.03.05 11:31:22 | 003,673,360 | ---- | C] () -- C:\WINDOWS\System32\MSO97RT.DLL
[2011.03.05 11:31:22 | 001,584,912 | ---- | C] () -- C:\WINDOWS\System32\GRAPH8.EXE
[2010.11.17 12:12:20 | 000,059,180 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.08.25 21:05:32 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.12.20 16:21:07 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2009.12.09 17:46:38 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009.12.09 17:46:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009.12.09 17:46:38 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009.12.09 17:46:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009.10.03 18:28:54 | 000,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.10.03 18:28:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.10.03 18:28:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.10.03 18:28:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.04.24 13:52:25 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.04.24 13:52:25 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.03.10 20:12:49 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2009.03.10 19:32:01 | 000,039,095 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2009.03.10 19:32:00 | 000,112,688 | ---- | C] () -- C:\WINDOWS\System32\shw32.dll
[2008.12.27 21:10:54 | 002,047,416 | ---- | C] () -- C:\WINDOWS\qip8090.exe
[2008.12.12 23:03:04 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.05.16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.05.16 14:01:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008.05.16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.05.16 14:01:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008.05.16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.05.16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.05.16 14:01:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008.05.16 14:01:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008.05.16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.04.05 15:06:49 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\hynek\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.10 21:19:28 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\oledb.dll
[2007.10.31 21:35:48 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.07.04 17:56:48 | 000,000,624 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.06.17 11:54:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2007.05.23 20:00:08 | 000,298,496 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2007.05.06 14:02:33 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2007.04.25 12:28:50 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.22 14:33:20 | 000,000,063 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007.04.12 17:29:33 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007.03.19 22:28:59 | 000,001,269 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.03.18 23:18:35 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.03.15 19:42:47 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007.03.15 19:42:14 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.03.15 19:41:59 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.03.15 18:12:08 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2007.03.15 18:11:16 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007.03.15 18:11:15 | 000,000,779 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007.03.15 18:11:15 | 000,000,460 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007.03.15 18:11:15 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007.03.15 18:11:15 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2007.03.15 18:10:46 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007.03.15 18:10:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2007.03.15 18:09:20 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007.03.15 17:58:03 | 000,151,602 | ---- | C] () -- C:\WINDOWS\System32\pspnt.dll
[2007.03.15 17:58:03 | 000,065,606 | ---- | C] () -- C:\WINDOWS\System32\rmvport.exe
[2007.03.15 17:57:16 | 000,000,521 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2007.03.15 17:43:56 | 000,000,938 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.03.15 17:12:30 | 000,000,384 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.15 16:40:46 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\hynek\Local Settings\Application Data\fusioncache.dat
[2007.03.14 16:16:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.14 15:54:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.03.14 15:49:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.14 15:48:38 | 003,611,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.09.12 14:43:52 | 000,020,436 | ---- | C] () -- C:\WINDOWS\MSUMLT_U.INI
[2006.09.12 14:43:51 | 000,037,300 | ---- | C] () -- C:\WINDOWS\MSTMON_U.INI
[2006.09.12 14:43:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\MSHRES_U.DLL
[2006.03.15 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.15 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.15 14:00:00 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.15 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.15 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.15 14:00:00 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.15 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.15 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.15 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.15 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.15 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.15 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.08.05 15:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.04.18 20:37:41 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2004.03.18 09:44:29 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004.03.05 16:28:08 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\vgtool.dll
[2002.03.04 11:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
========== LOP Check ==========
[2010.11.26 19:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2007.03.28 15:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.03.10 20:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2010.10.23 21:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2007.03.15 18:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009.03.10 20:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011.10.02 22:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007.08.23 15:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\ICQ
[2007.04.18 15:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\PC Suite
[2007.04.18 15:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\Teleca
[2007.04.29 22:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dasa\Application Data\Zoner
[2008.01.29 15:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ
[2007.08.16 17:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ Toolbar
[2007.04.24 09:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Nokia Multimedia Player
[2007.03.28 20:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\PC Suite
[2007.03.30 13:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Teleca
[2007.03.30 13:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Zoner
[2007.09.10 18:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Application Data\ICQ Toolbar
[2007.07.02 18:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Application Data\PC Suite
[2007.07.02 18:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Application Data\Teleca
[2011.01.09 11:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\BSplayer
[2011.01.09 11:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\BSplayer Pro
[2010.11.17 12:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.05.26 20:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Graphs Made Easy
[2007.05.05 12:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\GullySoft
[2011.04.19 23:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\ICQ
[2007.08.15 10:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\ICQ Toolbar
[2009.08.22 23:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\iMapBuilder
[2009.01.24 01:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Leadertech
[2009.03.13 21:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\MyPhoneExplorer
[2007.03.28 15:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Nokia
[2007.03.28 15:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\PC Suite
[2009.03.08 13:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Sachy
[2007.04.12 17:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\ScanSoft
[2008.05.02 13:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Sports Interactive
[2010.10.23 20:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.08.25 21:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Teleca
[2008.11.24 21:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matej\Application Data\Zoner
[2007.08.17 11:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\ICQ
[2007.08.15 13:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\ICQ Toolbar
[2007.08.24 10:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\Nokia Multimedia Player
[2007.03.28 16:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\PC Suite
[2007.03.30 16:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\Teleca
[2007.08.31 13:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\vendula\Application Data\Zoner
[2011.10.04 17:53:35 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\martina\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\zalohy\matej2\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\zalohy\matej2\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2006.03.15 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\martina\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\zalohy\matej2\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\autochk.exe
[2008.04.14 02:12:12 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2000.06.08 18:00:00 | 000,003,248 | ---- | M] (Microsoft Corporation) MD5=26A8CC0782284C41627B15D5BD938F77 -- C:\zalohy\martina\zalohy\c\WINDOWS\SYSTEM\AUTOCHK.EXE
[2001.10.25 14:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=6EBB26DD0E33C0426FB4A316418E67FC -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2001.10.25 14:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=6EBB26DD0E33C0426FB4A316418E67FC -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2006.03.15 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2006.03.15 14:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\martina\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\cbbb4d3c59f673ea67243d6f\i386\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\zalohy\matej2\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.15 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\martina\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\zalohy\matej2\WINDOWS\system32\drivers\cdrom.sys
[2001.10.25 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=CB762E814F602229A574F4D78D3D6A30 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2001.10.25 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=CB762E814F602229A574F4D78D3D6A30 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\cdrom.sys
Re: Prosím o preventivku
< MD5 for: CRYPTSVC.DLL >
[2006.03.15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2006.03.15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\martina\WINDOWS\system32\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.18 00:49:03 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\matej2\WINDOWS\system32\cryptsvc.dll
[2001.10.25 14:00:00 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=849D84F975D682B333AF158B8ABFD221 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2001.10.25 14:00:00 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=849D84F975D682B333AF158B8ABFD221 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\martina\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.18 00:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\matej2\WINDOWS\system32\eventlog.dll
[2006.03.15 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2006.03.15 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2001.10.25 14:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=8DAEFE31BA545A98E07A976F7435CC5B -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2001.10.25 14:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=8DAEFE31BA545A98E07A976F7435CC5B -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2001.10.25 14:00:00 | 001,001,472 | ---- | M] (Microsoft Corporation) MD5=0348A56A9E9A658AE3AD15B42026498E -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2001.10.25 14:00:00 | 001,001,472 | ---- | M] (Microsoft Corporation) MD5=0348A56A9E9A658AE3AD15B42026498E -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\martina\WINDOWS\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\matej2\WINDOWS\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[1999.05.05 23:22:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=81EF5B254642034E4139BC589B45D629 -- C:\zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\EXPLORER.EXE
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2006.03.15 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2000.06.08 18:00:00 | 000,225,280 | ---- | M] (Microsoft Corporation) MD5=AB4013DE0ECF598992B12651A86E3C3D -- C:\zalohy\martina\zalohy\c\WINDOWS\EXPLORER.EXE
< MD5 for: HAL.DLL >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2001.10.25 14:00:00 | 000,078,464 | ---- | M] (Microsoft Corporation) MD5=254916581AC499E53EE700E7E5B9E5B5 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\hal.dll
[2001.10.25 14:00:00 | 000,078,464 | ---- | M] (Microsoft Corporation) MD5=254916581AC499E53EE700E7E5B9E5B5 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\zalohy\martina\WINDOWS\system32\HAL.DLL
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\zalohy\matej2\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 07:59:19 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\hal.dll
[2006.03.15 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\changer.sys
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.04 08:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\changer.sys
< MD5 for: ISAPNP.SYS >
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\martina\WINDOWS\system32\drivers\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\matej2\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\matej2\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\matej2\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2006.03.15 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\martina\WINDOWS\system32\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.18 00:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\matej2\WINDOWS\system32\lsass.exe
[2006.03.15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2006.03.15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
[2001.10.25 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F80A83B21434C30A788EB8991E6A61ED -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2001.10.25 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F80A83B21434C30A788EB8991E6A61ED -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2001.10.25 14:00:00 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2001.10.25 14:00:00 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2006.03.15 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2006.03.15 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\martina\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\matej2\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\martina\WINDOWS\system32\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.18 00:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\matej2\WINDOWS\system32\netlogon.dll
[2001.10.25 14:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=606FAB9689DA902468D0D150B90D93A9 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2001.10.25 14:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=606FAB9689DA902468D0D150B90D93A9 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2006.03.15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\martina\WINDOWS\system32\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\matej2\WINDOWS\system32\scecli.dll
[2006.03.15 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2006.03.15 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2001.10.25 14:00:00 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=88CA7CD14736FAC776C2F0EAC14CC269 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2001.10.25 14:00:00 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=88CA7CD14736FAC776C2F0EAC14CC269 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\martina\WINDOWS\system32\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.18 00:49:27 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\matej2\WINDOWS\system32\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.03.15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 16:49:28 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\zalohy\matej2\cbbb4d3c59f673ea67243d6f\i386\system32\smss.exe
[2001.10.25 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=ED12D92A7B26E99E3A5BF4B043F7314E -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\smss.exe
[2001.10.25 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=ED12D92A7B26E99E3A5BF4B043F7314E -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2001.10.25 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2001.10.25 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2006.03.15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2006.03.15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\martina\WINDOWS\system32\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\matej2\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\martina\WINDOWS\system32\dllcache\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\martina\WINDOWS\system32\drivers\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\matej2\WINDOWS\system32\dllcache\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\matej2\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2000.06.08 18:00:00 | 000,224,912 | ---- | M] (Microsoft Corporation) MD5=38D337F202300F5F8F6861AF3EC2DAE1 -- C:\zalohy\martina\zalohy\c\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\zalohy\martina\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\zalohy\martina\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\zalohy\martina\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\zalohy\martina\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.15 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\martina\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\matej2\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2004.08.04 08:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\ff0686f2f699fa07ed5ad0848fa3055b\sp3qfe\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\zalohy\martina\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\zalohy\matej2\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2001.10.25 14:00:00 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=E7774698BB0D14B0710A9A31E209F9B6 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2001.10.25 14:00:00 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=E7774698BB0D14B0710A9A31E209F9B6 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.03.15 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2006.03.15 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\martina\WINDOWS\system32\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\matej2\WINDOWS\system32\userinit.exe
[2001.10.25 14:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=95C5E6E59DF2B91E8A5CD181B1C96174 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2001.10.25 14:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=95C5E6E59DF2B91E8A5CD181B1C96174 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.15 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2006.03.15 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\martina\WINDOWS\system32\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\matej2\WINDOWS\system32\winlogon.exe
[2001.10.25 14:00:00 | 000,430,080 | ---- | M] (Microsoft Corporation) MD5=674D88B0BE536B5FF62F5C3D71A177A4 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2001.10.25 14:00:00 | 000,430,080 | ---- | M] (Microsoft Corporation) MD5=674D88B0BE536B5FF62F5C3D71A177A4 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2000.06.08 18:00:00 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=08368ECE14B3672EBFFB1059413C31A8 -- C:\zalohy\martina\zalohy\c\WINDOWS\SYSTEM\WS2_32.DLL
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.03.15 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2006.03.15 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\martina\WINDOWS\system32\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.18 00:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\matej2\WINDOWS\system32\ws2_32.dll
[2001.10.25 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2001.10.25 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[1999.05.05 23:22:00 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=B61FD94EA42E742C4E45CD93C92A5886 -- C:\zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\SYSTEM\WS2_32.DLL
< >
< %systemroot%*.* /U /s >
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[10259 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.08.24 21:06:22 | 004,170,752 | ---- | M] () -- C:\DivX511.exe
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.10.25 07:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008.11.05 19:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008.11.05 19:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2007.03.15 18:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010.11.26 19:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011.10.04 19:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009.02.17 16:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2011.10.02 22:26:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.10.02 19:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2007.03.28 15:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.03.10 20:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2011.06.19 20:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2010.10.23 21:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2007.03.15 18:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009.03.10 20:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011.07.26 20:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011.10.02 22:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.03.13 19:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2007.03.15 16:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.03.01 23:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java.exe
[2010.03.01 23:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 23:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 23:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 23:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 23:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 23:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 23:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 23:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 23:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\unpack200.exe
[2011.08.20 01:10:11 | 000,527,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
< %APPDATA%\*. >
[2011.05.26 15:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Adobe
[2007.04.22 19:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\AdobeUM
[2007.04.27 13:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Ahead
[2009.08.17 20:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Apple Computer
[2009.08.17 20:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Corel
[2009.08.17 18:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Google
[2008.01.29 15:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ
[2007.08.16 17:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ Toolbar
[2007.03.14 16:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Identities
[2007.04.22 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Macromedia
[2008.05.16 13:58:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\hynek\Application Data\Microsoft
[2011.05.26 15:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Mozilla
[2007.04.24 09:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Nokia Multimedia Player
[2007.03.28 20:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\PC Suite
[2011.05.26 15:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Real
[2008.11.06 11:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Sony Ericsson
[2008.01.28 15:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Sun
[2007.03.30 13:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Teleca
[2007.03.30 13:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Zoner
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.03.17 14:19:12 | 000,639,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2007.03.14 15:47:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.03.14 15:47:51 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.03.14 15:47:51 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.10.04 17:48:58 | 003,611,120 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.10.04 17:49:33 | 000,186,500 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2011.10.04 17:19:04 | 000,071,060 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.10.04 17:19:04 | 000,441,124 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.10.04 17:19:04 | 000,501,230 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.10.02 22:24:13 | 000,000,090 | ---- | M] () -- C:\WINDOWS\system32\spupdwxp.log
[2011.10.04 17:20:21 | 000,855,652 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2011.10.04 17:49:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.08.24 21:06:22 | 004,170,752 | ---- | M] () -- C:\DivX511.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 02:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.04 21:32:41 | 000,000,512 | ---- | M] () MD5=5C5B4D629917808A998105FE7757B8A2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2010.07.22 23:08:27 | 000,000,395 | ---- | M] () -- \Documents and Settings\matej\Cookies\matej@crackfound[1].txt
[2010.10.23 22:40:19 | 000,000,584 | ---- | M] () -- \Documents and Settings\matej\Recent\CRACK.lnk
[2006.07.09 19:42:40 | 000,049,206 | ---- | M] () -- \HRY\Mafia\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
[2 \HRY\NHL 2002\*.tmp files -> \HRY\NHL 2002\*.tmp -> ]
[1999.03.28 17:44:12 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Graphics9\Custom\Tiles\CRACKS2M.CPT
[2005.08.30 16:13:16 | 000,003,556 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\PHP\CrackF.html
[2004.12.18 17:13:50 | 002,482,481 | ---- | M] () -- \temp\MP3\O.PÍSNIČKY\Animal Crackers-Vocals By Steven Tyler Dialo...mp3
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2007.01.13 11:35:09 | 000,036,481 | ---- | M] () -- \zalohy\matej2\Documents and Settings\hynek\Local Settings\Temporary Internet Files\Content.IE5\GN5VQ6R5\crack_windows_xp_sp2[2].html
[2007.01.13 11:42:29 | 007,592,723 | ---- | M] () -- \zalohy\matej2\Documents and Settings\hynek\Local Settings\Temporary Internet Files\Content.IE5\GN5VQ6R5\Windows__Genuine_Advantage_Validation_Crack_III[2].rar
[2005.10.03 15:48:02 | 000,016,945 | ---- | M] () -- \zalohy\matej2\HRY\Sports Interactive\Football Manager 2006\data\graphics\pictures\players\eng\conference south\st albans\dean cracknell.png
[2005.10.03 15:48:28 | 000,017,405 | ---- | M] () -- \zalohy\matej2\HRY\Sports Interactive\Football Manager 2006\data\graphics\pictures\players\sco\spl\dundee utd\david mccracken.png
< *keygen* /s >
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2009.12.14 07:52:35 | 000,008,192 | ---- | M] () -- \HRY\The sims 3\Keygen na The Sims 3.exe
[2003.08.06 18:50:08 | 000,004,014 | ---- | M] () -- \HRY\ZOO\keygen.nfo
[2005.08.30 16:13:12 | 000,013,367 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
========== Alternate Data Streams ==========
@Alternate Data Stream - 7472 bytes -> S:\HYNEK\Dokumenty\SCHEMA.GIF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7464 bytes -> S:\HYNEK\Dokumenty\obrazek.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7080 bytes -> S:\HYNEK\Dokumenty\HPIM0166.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6832 bytes -> S:\HYNEK\Dokumenty\ISC.TIF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6796 bytes -> S:\HYNEK\Dokumenty\orto.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6228 bytes -> S:\HYNEK\Dokumenty\OBR4.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6176 bytes -> S:\HYNEK\Dokumenty\OBR2.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6040 bytes -> S:\HYNEK\Dokumenty\DSCF0020.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5700 bytes -> S:\HYNEK\Dokumenty\VYPIS.TIF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5560 bytes -> S:\HYNEK\Dokumenty\OBR5.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5284 bytes -> S:\HYNEK\Dokumenty\OBR1.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5220 bytes -> S:\HYNEK\Dokumenty\OBR6.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5128 bytes -> S:\HYNEK\Dokumenty\Mandátní smlouva - Frňka.tif:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5084 bytes -> S:\HYNEK\Dokumenty\DPH PCM Global.tif:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4292 bytes -> S:\HYNEK\Dokumenty\OBR3.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 3180 bytes -> S:\HYNEK\Dokumenty\Vyúčtování-pracák.tif:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8FF81EB0
< End of report >
[2006.03.15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2006.03.15 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\martina\WINDOWS\system32\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.18 00:49:03 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\zalohy\matej2\WINDOWS\system32\cryptsvc.dll
[2001.10.25 14:00:00 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=849D84F975D682B333AF158B8ABFD221 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2001.10.25 14:00:00 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=849D84F975D682B333AF158B8ABFD221 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\martina\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.18 00:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\zalohy\matej2\WINDOWS\system32\eventlog.dll
[2006.03.15 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2006.03.15 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2001.10.25 14:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=8DAEFE31BA545A98E07A976F7435CC5B -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2001.10.25 14:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=8DAEFE31BA545A98E07A976F7435CC5B -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2001.10.25 14:00:00 | 001,001,472 | ---- | M] (Microsoft Corporation) MD5=0348A56A9E9A658AE3AD15B42026498E -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2001.10.25 14:00:00 | 001,001,472 | ---- | M] (Microsoft Corporation) MD5=0348A56A9E9A658AE3AD15B42026498E -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\martina\WINDOWS\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\matej2\WINDOWS\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\explorer.exe
[2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[1999.05.05 23:22:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=81EF5B254642034E4139BC589B45D629 -- C:\zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\EXPLORER.EXE
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 12:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2006.03.15 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2000.06.08 18:00:00 | 000,225,280 | ---- | M] (Microsoft Corporation) MD5=AB4013DE0ECF598992B12651A86E3C3D -- C:\zalohy\martina\zalohy\c\WINDOWS\EXPLORER.EXE
< MD5 for: HAL.DLL >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2001.10.25 14:00:00 | 000,078,464 | ---- | M] (Microsoft Corporation) MD5=254916581AC499E53EE700E7E5B9E5B5 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\hal.dll
[2001.10.25 14:00:00 | 000,078,464 | ---- | M] (Microsoft Corporation) MD5=254916581AC499E53EE700E7E5B9E5B5 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\zalohy\martina\WINDOWS\system32\HAL.DLL
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\zalohy\matej2\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 07:59:19 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\hal.dll
[2006.03.15 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.15 14:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\changer.sys
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.04 08:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\changer.sys
< MD5 for: ISAPNP.SYS >
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2011.10.02 21:49:03 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\martina\WINDOWS\system32\drivers\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\matej2\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\matej2\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\zalohy\matej2\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2006.03.15 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\martina\WINDOWS\system32\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.18 00:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\zalohy\matej2\WINDOWS\system32\lsass.exe
[2006.03.15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2006.03.15 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
[2001.10.25 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F80A83B21434C30A788EB8991E6A61ED -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2001.10.25 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F80A83B21434C30A788EB8991E6A61ED -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2001.10.25 14:00:00 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2001.10.25 14:00:00 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2006.03.15 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2006.03.15 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\martina\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\zalohy\matej2\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\martina\WINDOWS\system32\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.18 00:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\zalohy\matej2\WINDOWS\system32\netlogon.dll
[2001.10.25 14:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=606FAB9689DA902468D0D150B90D93A9 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2001.10.25 14:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=606FAB9689DA902468D0D150B90D93A9 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2006.03.15 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\martina\WINDOWS\system32\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\zalohy\matej2\WINDOWS\system32\scecli.dll
[2006.03.15 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2006.03.15 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2001.10.25 14:00:00 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=88CA7CD14736FAC776C2F0EAC14CC269 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2001.10.25 14:00:00 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=88CA7CD14736FAC776C2F0EAC14CC269 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\martina\WINDOWS\system32\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.18 00:49:27 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\zalohy\matej2\WINDOWS\system32\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.03.15 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 16:49:28 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\zalohy\matej2\cbbb4d3c59f673ea67243d6f\i386\system32\smss.exe
[2001.10.25 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=ED12D92A7B26E99E3A5BF4B043F7314E -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\smss.exe
[2001.10.25 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=ED12D92A7B26E99E3A5BF4B043F7314E -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2001.10.25 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2001.10.25 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2006.03.15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2006.03.15 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\martina\WINDOWS\system32\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\zalohy\matej2\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\martina\WINDOWS\system32\dllcache\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\martina\WINDOWS\system32\drivers\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\matej2\WINDOWS\system32\dllcache\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\zalohy\matej2\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2000.06.08 18:00:00 | 000,224,912 | ---- | M] (Microsoft Corporation) MD5=38D337F202300F5F8F6861AF3EC2DAE1 -- C:\zalohy\martina\zalohy\c\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\zalohy\martina\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\zalohy\martina\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\zalohy\martina\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\zalohy\martina\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.15 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\martina\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\matej2\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2004.08.04 08:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\ff0686f2f699fa07ed5ad0848fa3055b\sp3qfe\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\zalohy\martina\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\zalohy\matej2\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2001.10.25 14:00:00 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=E7774698BB0D14B0710A9A31E209F9B6 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2001.10.25 14:00:00 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=E7774698BB0D14B0710A9A31E209F9B6 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.03.15 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2006.03.15 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\martina\WINDOWS\system32\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\zalohy\matej2\WINDOWS\system32\userinit.exe
[2001.10.25 14:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=95C5E6E59DF2B91E8A5CD181B1C96174 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2001.10.25 14:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=95C5E6E59DF2B91E8A5CD181B1C96174 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.15 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2006.03.15 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\martina\WINDOWS\system32\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\zalohy\matej2\WINDOWS\system32\winlogon.exe
[2001.10.25 14:00:00 | 000,430,080 | ---- | M] (Microsoft Corporation) MD5=674D88B0BE536B5FF62F5C3D71A177A4 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2001.10.25 14:00:00 | 000,430,080 | ---- | M] (Microsoft Corporation) MD5=674D88B0BE536B5FF62F5C3D71A177A4 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2000.06.08 18:00:00 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=08368ECE14B3672EBFFB1059413C31A8 -- C:\zalohy\martina\zalohy\c\WINDOWS\SYSTEM\WS2_32.DLL
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.03.15 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2006.03.15 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\martina\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\martina\WINDOWS\system32\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\matej2\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.18 00:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\matej2\WINDOWS\SoftwareDistribution\Download\4df038d60d071da9e4afe55fba7cbfbf\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\zalohy\matej2\WINDOWS\system32\ws2_32.dll
[2001.10.25 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\zalohy\martina\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2001.10.25 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\zalohy\matej2\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[1999.05.05 23:22:00 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=B61FD94EA42E742C4E45CD93C92A5886 -- C:\zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\SYSTEM\WS2_32.DLL
< >
< %systemroot%*.* /U /s >
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[10259 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.08.24 21:06:22 | 004,170,752 | ---- | M] () -- C:\DivX511.exe
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.10.25 07:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2008.11.05 19:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2008.11.05 19:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2007.03.15 18:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010.11.26 19:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011.10.04 19:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2009.02.17 16:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macromedia
[2011.10.02 22:26:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.10.02 19:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2007.03.28 15:19:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009.03.10 20:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2011.06.19 20:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2010.10.23 21:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2007.03.15 18:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009.03.10 20:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011.07.26 20:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011.10.02 22:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008.03.13 19:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2007.03.15 16:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.03.01 23:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java.exe
[2010.03.01 23:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 23:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 23:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 23:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 23:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 23:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 23:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 23:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 23:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\unpack200.exe
[2011.08.20 01:10:11 | 000,527,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
< %APPDATA%\*. >
[2011.05.26 15:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Adobe
[2007.04.22 19:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\AdobeUM
[2007.04.27 13:39:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Ahead
[2009.08.17 20:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Apple Computer
[2009.08.17 20:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Corel
[2009.08.17 18:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Google
[2008.01.29 15:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ
[2007.08.16 17:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ Toolbar
[2007.03.14 16:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Identities
[2007.04.22 17:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Macromedia
[2008.05.16 13:58:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\hynek\Application Data\Microsoft
[2011.05.26 15:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Mozilla
[2007.04.24 09:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Nokia Multimedia Player
[2007.03.28 20:17:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\PC Suite
[2011.05.26 15:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Real
[2008.11.06 11:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Sony Ericsson
[2008.01.28 15:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Sun
[2007.03.30 13:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Teleca
[2007.03.30 13:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\Zoner
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.03.17 14:19:12 | 000,639,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2007.03.14 15:47:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.03.14 15:47:51 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.03.14 15:47:51 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.10.04 17:48:58 | 003,611,120 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.10.04 17:49:33 | 000,186,500 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2011.10.04 17:19:04 | 000,071,060 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.10.04 17:19:04 | 000,441,124 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.10.04 17:19:04 | 000,501,230 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.10.02 22:24:13 | 000,000,090 | ---- | M] () -- C:\WINDOWS\system32\spupdwxp.log
[2011.10.04 17:20:21 | 000,855,652 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2011.10.04 17:49:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.08.24 21:06:22 | 004,170,752 | ---- | M] () -- C:\DivX511.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 02:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.04 21:32:41 | 000,000,512 | ---- | M] () MD5=5C5B4D629917808A998105FE7757B8A2 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2010.07.22 23:08:27 | 000,000,395 | ---- | M] () -- \Documents and Settings\matej\Cookies\matej@crackfound[1].txt
[2010.10.23 22:40:19 | 000,000,584 | ---- | M] () -- \Documents and Settings\matej\Recent\CRACK.lnk
[2006.07.09 19:42:40 | 000,049,206 | ---- | M] () -- \HRY\Mafia\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
[2 \HRY\NHL 2002\*.tmp files -> \HRY\NHL 2002\*.tmp -> ]
[1999.03.28 17:44:12 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Graphics9\Custom\Tiles\CRACKS2M.CPT
[2005.08.30 16:13:16 | 000,003,556 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\PHP\CrackF.html
[2004.12.18 17:13:50 | 002,482,481 | ---- | M] () -- \temp\MP3\O.PÍSNIČKY\Animal Crackers-Vocals By Steven Tyler Dialo...mp3
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2001.02.13 10:40:14 | 000,000,168 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Download\Crack atd..url
[2002.05.03 11:33:02 | 000,000,242 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Download\NapsterCZ - Programs, cracks, serials, etc..url
[2007.01.13 11:35:09 | 000,036,481 | ---- | M] () -- \zalohy\matej2\Documents and Settings\hynek\Local Settings\Temporary Internet Files\Content.IE5\GN5VQ6R5\crack_windows_xp_sp2[2].html
[2007.01.13 11:42:29 | 007,592,723 | ---- | M] () -- \zalohy\matej2\Documents and Settings\hynek\Local Settings\Temporary Internet Files\Content.IE5\GN5VQ6R5\Windows__Genuine_Advantage_Validation_Crack_III[2].rar
[2005.10.03 15:48:02 | 000,016,945 | ---- | M] () -- \zalohy\matej2\HRY\Sports Interactive\Football Manager 2006\data\graphics\pictures\players\eng\conference south\st albans\dean cracknell.png
[2005.10.03 15:48:28 | 000,017,405 | ---- | M] () -- \zalohy\matej2\HRY\Sports Interactive\Football Manager 2006\data\graphics\pictures\players\sco\spl\dundee utd\david mccracken.png
< *keygen* /s >
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \Documents and Settings\hynek\Favorites\PelMel\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2009.12.14 07:52:35 | 000,008,192 | ---- | M] () -- \HRY\The sims 3\Keygen na The Sims 3.exe
[2003.08.06 18:50:08 | 000,004,014 | ---- | M] () -- \HRY\ZOO\keygen.nfo
[2005.08.30 16:13:12 | 000,013,367 | ---- | M] () -- \Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
[2003.03.12 14:17:34 | 000,000,190 | ---- | M] () -- \zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url
========== Alternate Data Streams ==========
@Alternate Data Stream - 7472 bytes -> S:\HYNEK\Dokumenty\SCHEMA.GIF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7464 bytes -> S:\HYNEK\Dokumenty\obrazek.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 7080 bytes -> S:\HYNEK\Dokumenty\HPIM0166.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6832 bytes -> S:\HYNEK\Dokumenty\ISC.TIF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6796 bytes -> S:\HYNEK\Dokumenty\orto.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6228 bytes -> S:\HYNEK\Dokumenty\OBR4.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6176 bytes -> S:\HYNEK\Dokumenty\OBR2.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 6040 bytes -> S:\HYNEK\Dokumenty\DSCF0020.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5700 bytes -> S:\HYNEK\Dokumenty\VYPIS.TIF:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5560 bytes -> S:\HYNEK\Dokumenty\OBR5.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5284 bytes -> S:\HYNEK\Dokumenty\OBR1.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5220 bytes -> S:\HYNEK\Dokumenty\OBR6.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5128 bytes -> S:\HYNEK\Dokumenty\Mandátní smlouva - Frňka.tif:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 5084 bytes -> S:\HYNEK\Dokumenty\DPH PCM Global.tif:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 4292 bytes -> S:\HYNEK\Dokumenty\OBR3.JPG:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 3180 bytes -> S:\HYNEK\Dokumenty\Vyúčtování-pracák.tif:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8FF81EB0
< End of report >
Re: Prosím o preventivku
Mam takove tuseni zalozene na logu co jste dal, ze ty windows co tam mate nejsou legalni, jak to je
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku
Dobrý den,
Windowsy jsou legální. Byla to ale nějaká složitější instalace, nějaký upgrade v rámci technologické záruky, nebo tak něco. Instalačky přišly od Microsoftu poštou, myslím z Holandska. Musel bych se zeptat bráchy, jak to bylo, ale licenčně je to určitě OK.
Windowsy jsou legální. Byla to ale nějaká složitější instalace, nějaký upgrade v rámci technologické záruky, nebo tak něco. Instalačky přišly od Microsoftu poštou, myslím z Holandska. Musel bych se zeptat bráchy, jak to bylo, ale licenčně je to určitě OK.
Re: Prosím o preventivku
Tohle asi nebude simulator akvarijnich rybicek 
c:\zalohy\matej2\Documents and Settings\hynek\Local Settings\Temporary Internet Files\Content.IE5\GN5VQ6R5\crack_windows_xp_sp2[2].html
c:\\zalohy\matej2\Documents and Settings\hynek\Local Settings\Temporary Internet Files\Content.IE5\GN5VQ6R5\Windows__Genuine_Advantage_Validation_Crack_III[2].rar
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku
No to asi ne. Nevím, jestli to kluk pro někoho někde stáhnul, ale na tomhle PC je legální Win XP Media Center Edition.
Při včerejší aktualizaci SP3 nebyl s MS žádný problém, což pokud vím při kradeném OS většinou nejde...
V případě potřeby můžu najít a scanem poslat doklady o koupi.
Při včerejší aktualizaci SP3 nebyl s MS žádný problém, což pokud vím při kradeném OS většinou nejde...
V případě potřeby můžu najít a scanem poslat doklady o koupi.
Re: Prosím o preventivku
v pohode, nic skenovat nemusite, nejsme SW policie nebo COI Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - File not found [Disabled | Stopped] -- -- (HidServ) IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar) IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ns.hb-ware.cz:8080 FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=FF_5&q=" O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar) O3 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1715567821-507921405-1957994488-1150\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ] [2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [2010.10.23 21:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe [2007.08.16 17:26:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hynek\Application Data\ICQ Toolbar @Alternate Data Stream - 7472 bytes -> S:\HYNEK\Dokumenty\SCHEMA.GIF:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 7464 bytes -> S:\HYNEK\Dokumenty\obrazek.jpg:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 7080 bytes -> S:\HYNEK\Dokumenty\HPIM0166.JPG:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 6832 bytes -> S:\HYNEK\Dokumenty\ISC.TIF:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 6796 bytes -> S:\HYNEK\Dokumenty\orto.jpg:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 6228 bytes -> S:\HYNEK\Dokumenty\OBR4.JPG:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 6176 bytes -> S:\HYNEK\Dokumenty\OBR2.JPG:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 6040 bytes -> S:\HYNEK\Dokumenty\DSCF0020.jpg:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 5700 bytes -> S:\HYNEK\Dokumenty\VYPIS.TIF:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 5560 bytes -> S:\HYNEK\Dokumenty\OBR5.JPG:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 5284 bytes -> S:\HYNEK\Dokumenty\OBR1.JPG:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 5220 bytes -> S:\HYNEK\Dokumenty\OBR6.JPG:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 5128 bytes -> S:\HYNEK\Dokumenty\Mandátní smlouva - Frňka.tif:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 5084 bytes -> S:\HYNEK\Dokumenty\DPH PCM Global.tif:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 4292 bytes -> S:\HYNEK\Dokumenty\OBR3.JPG:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 3180 bytes -> S:\HYNEK\Dokumenty\Vyúčtování-pracák.tif:Q30lsldxJoudresxAaaqpcawXc @Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8FF81EB0 :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SSBkgdUpdate"=- "DAEMON Tools"=- "NeroFilterCheck"=- "SunJavaUpdateSched"=- "QuickTime Task"=- "AdobeAAMUpdater-1.0"=- "SwitchBoard"=- "AdobeCS5ServiceManager"=- "TkBellExe"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=- :services gupdatem gupdate gusvc JavaQuickStarterService :files C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HBWARE-matej.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-507921405-1957994488-1152UA.job C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\MpIdleTask.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1150.job C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1150.job C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1152.job c:\Documents and Settings\hynek\Favorites\PelMel\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url c:\HRY\The sims 3\Keygen na The Sims 3.exe c:\HRY\ZOO\keygen.nfo c:\Program Files\Macromedia\Dreamweaver 8\Configuration\Content\Reference\HTML\KEYGEN.html c:\zalohy\martina\Documents and Settings\All Users\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url c:\zalohy\martina\Documents and Settings\Martina.HBWARE\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url c:\zalohy\martina\Documents and Settings\Martina\Oblíbené položky\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url c:\zalohy\martina\zalohy\c\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url c:\zalohy\martina\zalohy\d\zalohy\pokladna_W98\WINDOWS\Oblíbené\Cracks,serial numbers,keygenerators,hacking,delphi,dream,dialer,full,fireworks,printer,dreamweaver,diablo,wolf,pro,crack,flash,.url C:\WINDOWS\temp\*.tmp C:\Program Files\ICQToolbar %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?