Zdravim, prosim o kontrolu logu z HijackThis. Avast nekolikrat zahlasil blize neurceny rootkit.
RSIT nejde spustit ani v nouzovem rezimu,vzdy skonci hlaskou:
Line 8055 (.../rsit.exe)
Error: Variable used without being declared
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:27:56, on 7.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Magdalena\Dokumenty\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1801674531-926492609-725345543-1002\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-926492609-725345543-1002\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O24 - Desktop Component 0: (no name) - http://a5.sphotos.ak.fbcdn.net/hphotos- ... 9366_n.jpg
O24 - Desktop Component 1: (no name) - http://a1.sphotos.ak.fbcdn.net/hphotos- ... 8560_n.jpg
--
End of file - 6867 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pls o kontrolu logu - rootkit? - nejde pustit RSIT
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
takze nejak postupne 
Virustotal nenasel nic:
http://www.virustotal.com/file-scan/rep ... 1323276346
ve spravci disku je taky vse OK, viz prilozeny soubor. Patriot je Flashka...
Dalsi budou logy z OTL az se to dozvejkne
Virustotal nenasel nic:
http://www.virustotal.com/file-scan/rep ... 1323276346
ve spravci disku je taky vse OK, viz prilozeny soubor. Patriot je Flashka...
Dalsi budou logy z OTL az se to dozvejkne
- Přílohy
-
- PrintSCR_spravce.JPG (65.21 KiB) Zobrazeno 2945 x
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
Tak uz ten OTL mame
OTL logfile created on: 7.12.2011 17:49:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Magdalena\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,42 Mb Total Physical Memory | 547,92 Mb Available Physical Memory | 53,59% Memory free
2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,31% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 93,86 Gb Free Space | 41,70% Space Free | Partition Type: NTFS
Drive I: | 29,83 Gb Total Space | 9,37 Gb Free Space | 31,41% Space Free | Partition Type: FAT32
Computer Name: MAGDA | User Name: Magdalena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.03.14 08:43:00 | 001,466,368 | R--- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2008.08.15 17:33:08 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciTrayApp.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
PRC - [2006.08.15 15:48:14 | 001,696,256 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
PRC - [2003.01.16 10:32:40 | 000,049,152 | ---- | M] (Ruling Tec Pte Ltd) -- C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.07 10:39:25 | 001,644,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120700\algo.dll
MOD - [2011.12.05 23:19:20 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120700\aswRep.dll
MOD - [2011.11.15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011.11.15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011.11.15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011.11.15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011.11.15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011.10.13 07:57:05 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.13 07:55:35 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.13 07:54:51 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.13 07:11:30 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.13 07:11:24 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.13 07:11:10 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.13 07:09:22 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.13 07:08:57 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.12 19:25:39 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.11.22 11:32:54 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3405.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3405.36840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3405.36928__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3405.36933__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.11.22 11:32:53 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3405.36917__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3405.36897__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3405.36879__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3405.36834__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:52 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3405.36834__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3405.36918__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:51 | 000,348,160 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:51 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3405.36883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:50 | 000,643,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:50 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:49 | 000,782,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3405.36872__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:49 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3405.36892__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:48 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3405.36835__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3405.36850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3405.36866__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:47 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3405.36877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3403.16829__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3403.16821__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3403.16841__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3403.16839__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3403.16852__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.11.22 11:32:44 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3403.16814__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.11.22 11:32:44 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3403.16838__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3403.16818__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.11.22 11:32:43 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3403.16813__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3403.16866__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.11.22 11:32:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3403.16851__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.11.22 11:32:42 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3403.16830__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3403.16823__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3403.16828__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3403.16854__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3403.16850__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3403.16836__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3403.16839__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,602,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3405.36941__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:39 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3405.36922__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.11.22 11:32:39 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3403.16838__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.11.22 11:32:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3403.16828__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3405.36821__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.11.22 11:32:38 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3405.36911__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.11.22 11:32:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3403.16826__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3403.16827__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3403.16838__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.11.22 11:32:38 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.11.22 11:32:37 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3405.36906__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.11.22 11:32:37 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3405.36839__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.11.22 11:32:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3405.36910__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3405.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3405.36824__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.11.22 11:32:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3403.16840__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3403.16820__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.11.22 11:32:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3403.16839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.11.22 11:32:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3403.16838__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 001,212,416 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3405.36830__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.11.22 11:32:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3405.36823__90ba9c70f846762e\APM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3405.36822__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3403.16835__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.22 11:32:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3403.16846__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3405.36911__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.07.28 16:36:26 | 000,167,936 | ---- | M] () -- C:\Program Files\ASUS\WLAN Card Utilities\AsAuthen.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - [2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.04.29 04:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.20 23:13:00 | 005,070,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.04.01 12:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.03.14 08:50:00 | 001,095,808 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2008.12.25 17:32:00 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.11.19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.08.05 20:10:00 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.11.07 18:15:44 | 000,012,928 | ---- | M] (Padix Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DynCal.sys -- (DynCal)
DRV - [2007.06.28 16:34:02 | 000,029,843 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GZSQ.SYS -- (GZSQ)
DRV - [2006.06.08 10:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006.01.04 15:41:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.08.18 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.18 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-926492609-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1801674531-926492609-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1367
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.06 14:02:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.24 11:34:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.10 20:23:09 | 000,000,000 | ---D | M]
[2009.12.06 11:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Extensions
[2011.12.05 14:00:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions
[2009.11.25 19:12:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.02 19:37:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-1.xml
[2010.07.23 08:59:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-10.xml
[2010.07.25 07:32:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-11.xml
[2010.09.11 06:10:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-12.xml
[2010.09.17 15:39:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-13.xml
[2010.10.20 14:01:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-14.xml
[2010.10.28 11:19:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-15.xml
[2010.12.13 19:07:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-16.xml
[2011.03.03 13:50:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-17.xml
[2011.03.05 17:57:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-18.xml
[2011.03.23 18:33:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-19.xml
[2009.12.06 11:44:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-2.xml
[2011.05.11 20:05:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-20.xml
[2011.05.11 20:39:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-21.xml
[2011.08.24 10:20:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-22.xml
[2011.10.12 17:25:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-23.xml
[2011.11.10 20:23:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-24.xml
[2009.12.18 15:28:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-3.xml
[2010.01.06 17:39:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-4.xml
[2010.02.18 15:13:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-5.xml
[2010.03.25 09:46:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-6.xml
[2010.04.02 10:36:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-7.xml
[2010.06.28 19:06:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-8.xml
[2010.06.30 17:24:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-9.xml
[2008.03.31 08:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.gif
[2008.03.31 08:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.src
[2009.11.22 10:06:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.xml
[2011.12.06 16:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.05 18:51:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAGDALENA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\8U5GABB2.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2011.12.06 14:02:56 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009.11.22 16:37:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.07.17 20:21:00 | 003,883,424 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2011.10.12 17:24:54 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.12 17:24:54 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.12 17:24:54 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.12 17:24:54 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.12 17:24:54 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1367_0\
O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe (Ruling Tec Pte Ltd)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKU\S-1-5-21-1801674531-926492609-725345543-1002..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1801674531-926492609-725345543-1002..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-926492609-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D9C5B60-7D29-4696-A0EC-614BF2A893F0}: DhcpNameServer = 192.168.1.1 212.96.167.18 212.96.161.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F58C74E1-032F-4AD7-8AA9-A1C8B5F6EA65}: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - http://a5.sphotos.ak.fbcdn.net/hphotos- ... 9366_n.jpg
O24 - Desktop Components:1 () - http://a1.sphotos.ak.fbcdn.net/hphotos- ... 8560_n.jpg
O24 - Desktop Components:2 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.22 01:03:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{e9122fa9-9f53-11e0-b2bb-0019db361b9e}\Shell - "" = AutoRun
O33 - MountPoints2\{e9122fa9-9f53-11e0-b2bb-0019db361b9e}\Shell\AutoRun\command - "" = I:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: EventSystem - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 7 Days ==========
[2011.12.07 17:47:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 17:18:30 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.07 17:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Downloads
[2011.12.07 15:31:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Magdalena\Recent
[2011.12.06 14:03:21 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011.12.06 14:03:05 | 000,195,416 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011.12.06 14:02:55 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011.12.06 14:01:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\avast! Internet Security
[2011.12.05 20:13:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
[2011.12.05 19:58:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\18 WoS Pedal to the Metal
[2011.12.05 18:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Steam
[2011.12.05 18:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011.12.05 18:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\SimBin
[2011.12.05 17:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Nabídka Start\Programy\Atari
[2011.12.05 17:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2011.12.05 17:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\My Games
[1999.04.07 16:39:18 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998.12.09 01:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998.12.09 01:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998.12.09 01:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998.12.09 01:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998.12.09 01:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.12.07 17:50:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 17:24:24 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.07 17:23:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.07 17:23:53 | 000,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011.12.07 16:57:10 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.07 15:33:39 | 000,018,038 | ---- | M] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:03:05 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.12.06 14:01:21 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.12.05 17:59:28 | 000,000,291 | ---- | M] () -- C:\WINDOWS\level.ini
[2011.12.04 11:47:34 | 000,013,706 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.30 20:21:34 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\Skype.lnk
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.07 17:50:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.07 15:33:37 | 000,018,038 | ---- | C] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:01:20 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.11.24 19:06:45 | 000,000,291 | ---- | C] () -- C:\WINDOWS\level.ini
[2011.11.24 19:06:45 | 000,000,075 | ---- | C] () -- C:\WINDOWS\tmp2Level.ini
[2011.04.14 14:29:35 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011.04.14 14:29:35 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011.04.14 14:29:35 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011.02.18 16:32:29 | 000,000,213 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.09.03 17:55:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Clifford Uninstall.exe
[2010.09.03 17:55:12 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CBP.INI
[2010.02.26 13:35:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010.02.05 16:36:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.02.01 18:39:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.02.01 18:39:26 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.12.16 16:57:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.16 16:57:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.12.04 15:19:00 | 000,000,381 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.12.03 18:29:53 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.11.24 19:17:44 | 000,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2009.11.22 19:08:26 | 000,146,152 | ---- | C] () -- C:\WINDOWS\hpoins12.dat
[2009.11.22 19:08:26 | 000,001,470 | ---- | C] () -- C:\WINDOWS\hpomdl12.dat
[2009.11.22 18:54:24 | 000,001,386 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009.11.22 18:07:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.11.22 16:20:02 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2009.11.22 14:40:54 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2009.11.22 14:16:13 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.11.22 14:11:09 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009.11.22 13:32:42 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009.11.22 13:32:39 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2009.11.22 13:22:12 | 000,001,174 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009.11.22 11:35:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.11.22 11:30:03 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.11.22 11:25:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.11.22 11:25:01 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.11.22 11:25:00 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.11.22 11:25:00 | 000,188,348 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.11.22 10:39:03 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2009.11.22 10:39:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.11.22 10:26:03 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.22 10:05:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.11.22 09:25:59 | 000,537,600 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2009.11.22 09:25:59 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2009.11.22 09:25:59 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2009.11.22 01:06:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.11.21 18:41:41 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.11.21 18:40:17 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.02.18 18:55:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009.02.03 21:52:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.06.12 15:09:00 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.06.06 18:13:06 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2004.08.18 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 13:00:00 | 000,412,428 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 13:00:00 | 000,407,690 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 13:00:00 | 000,070,888 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 13:00:00 | 000,062,008 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.01.09 17:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ashampoo
[2011.03.14 08:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2010.07.21 17:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NFS Underground
[2011.01.09 17:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Ashampoo
[2009.11.22 13:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeepBurner
[2009.11.22 13:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeviceDoctorSoftware
[2011.05.20 15:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Image Zone Express
[2009.11.22 19:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\OpenOffice.org
[2010.01.29 09:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Printer Info Cache
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"RGSC" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.11.14 14:35:36 | 000,305,064 | R--- | M] (Take-Two Interactive Software, Inc.)
"Steam" = "C:\Program Files\Steam\Steam.exe" -silent -- [2011.12.05 18:51:37 | 001,242,448 | ---- | M] (Valve Corporation)
< >
< MD5 for: ACPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:acpi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:acpi.sys
[2008.04.14 03:05:40 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008.04.14 03:05:40 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
[2004.08.18 13:00:00 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.10 15:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CMD.EXE >
[2004.08.18 13:00:00 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=4E5BE66CD70D52637589E9C3E2C1696D -- C:\WINDOWS\$NtServicePackUninstall$\cmd.exe
[2008.04.14 04:22:15 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\ServicePackFiles\i386\cmd.exe
[2008.04.14 04:22:15 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\cmd.exe
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2004.08.18 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 04:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 04:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: FASTFAT.SYS >
[2004.08.18 13:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.13 20:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 20:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
OTL logfile created on: 7.12.2011 17:49:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Magdalena\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,42 Mb Total Physical Memory | 547,92 Mb Available Physical Memory | 53,59% Memory free
2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,31% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 93,86 Gb Free Space | 41,70% Space Free | Partition Type: NTFS
Drive I: | 29,83 Gb Total Space | 9,37 Gb Free Space | 31,41% Space Free | Partition Type: FAT32
Computer Name: MAGDA | User Name: Magdalena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.03.14 08:43:00 | 001,466,368 | R--- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2008.08.15 17:33:08 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciTrayApp.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
PRC - [2006.08.15 15:48:14 | 001,696,256 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
PRC - [2003.01.16 10:32:40 | 000,049,152 | ---- | M] (Ruling Tec Pte Ltd) -- C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.07 10:39:25 | 001,644,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120700\algo.dll
MOD - [2011.12.05 23:19:20 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120700\aswRep.dll
MOD - [2011.11.15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011.11.15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011.11.15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011.11.15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011.11.15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011.10.13 07:57:05 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.13 07:55:35 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.13 07:54:51 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.13 07:11:30 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.13 07:11:24 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.13 07:11:10 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.13 07:09:22 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.13 07:08:57 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.12 19:25:39 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.11.22 11:32:54 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3405.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3405.36840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3405.36928__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3405.36933__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.11.22 11:32:53 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3405.36917__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3405.36897__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3405.36879__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3405.36834__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:52 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3405.36834__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3405.36918__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:51 | 000,348,160 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:51 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3405.36883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:50 | 000,643,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:50 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:49 | 000,782,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3405.36872__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:49 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3405.36892__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:48 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3405.36835__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3405.36850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3405.36866__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:47 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3405.36877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3403.16829__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3403.16821__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3403.16841__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3403.16839__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3403.16852__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.11.22 11:32:44 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3403.16814__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.11.22 11:32:44 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3403.16838__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3403.16818__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.11.22 11:32:43 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3403.16813__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3403.16866__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.11.22 11:32:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3403.16851__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.11.22 11:32:42 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3403.16830__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3403.16823__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3403.16828__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3403.16854__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3403.16850__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3403.16836__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3403.16839__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,602,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3405.36941__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:39 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3405.36922__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.11.22 11:32:39 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3403.16838__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.11.22 11:32:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3403.16828__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3405.36821__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.11.22 11:32:38 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3405.36911__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.11.22 11:32:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3403.16826__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3403.16827__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3403.16838__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.11.22 11:32:38 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.11.22 11:32:37 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3405.36906__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.11.22 11:32:37 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3405.36839__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.11.22 11:32:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3405.36910__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3405.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3405.36824__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.11.22 11:32:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3403.16840__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3403.16820__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.11.22 11:32:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3403.16839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.11.22 11:32:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3403.16838__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 001,212,416 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3405.36830__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.11.22 11:32:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3405.36823__90ba9c70f846762e\APM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3405.36822__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3403.16835__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.22 11:32:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3403.16846__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3405.36911__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.07.28 16:36:26 | 000,167,936 | ---- | M] () -- C:\Program Files\ASUS\WLAN Card Utilities\AsAuthen.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - [2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.04.29 04:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.20 23:13:00 | 005,070,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.04.01 12:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.03.14 08:50:00 | 001,095,808 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2008.12.25 17:32:00 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.11.19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.08.05 20:10:00 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.11.07 18:15:44 | 000,012,928 | ---- | M] (Padix Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DynCal.sys -- (DynCal)
DRV - [2007.06.28 16:34:02 | 000,029,843 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GZSQ.SYS -- (GZSQ)
DRV - [2006.06.08 10:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006.01.04 15:41:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.08.18 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.18 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-926492609-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1801674531-926492609-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1367
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.06 14:02:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.24 11:34:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.10 20:23:09 | 000,000,000 | ---D | M]
[2009.12.06 11:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Extensions
[2011.12.05 14:00:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions
[2009.11.25 19:12:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.02 19:37:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-1.xml
[2010.07.23 08:59:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-10.xml
[2010.07.25 07:32:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-11.xml
[2010.09.11 06:10:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-12.xml
[2010.09.17 15:39:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-13.xml
[2010.10.20 14:01:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-14.xml
[2010.10.28 11:19:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-15.xml
[2010.12.13 19:07:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-16.xml
[2011.03.03 13:50:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-17.xml
[2011.03.05 17:57:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-18.xml
[2011.03.23 18:33:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-19.xml
[2009.12.06 11:44:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-2.xml
[2011.05.11 20:05:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-20.xml
[2011.05.11 20:39:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-21.xml
[2011.08.24 10:20:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-22.xml
[2011.10.12 17:25:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-23.xml
[2011.11.10 20:23:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-24.xml
[2009.12.18 15:28:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-3.xml
[2010.01.06 17:39:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-4.xml
[2010.02.18 15:13:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-5.xml
[2010.03.25 09:46:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-6.xml
[2010.04.02 10:36:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-7.xml
[2010.06.28 19:06:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-8.xml
[2010.06.30 17:24:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-9.xml
[2008.03.31 08:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.gif
[2008.03.31 08:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.src
[2009.11.22 10:06:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.xml
[2011.12.06 16:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.05 18:51:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAGDALENA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\8U5GABB2.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2011.12.06 14:02:56 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009.11.22 16:37:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.07.17 20:21:00 | 003,883,424 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2011.10.12 17:24:54 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.12 17:24:54 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.12 17:24:54 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.12 17:24:54 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.12 17:24:54 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1367_0\
O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe (Ruling Tec Pte Ltd)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKU\S-1-5-21-1801674531-926492609-725345543-1002..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1801674531-926492609-725345543-1002..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-926492609-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D9C5B60-7D29-4696-A0EC-614BF2A893F0}: DhcpNameServer = 192.168.1.1 212.96.167.18 212.96.161.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F58C74E1-032F-4AD7-8AA9-A1C8B5F6EA65}: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - http://a5.sphotos.ak.fbcdn.net/hphotos- ... 9366_n.jpg
O24 - Desktop Components:1 () - http://a1.sphotos.ak.fbcdn.net/hphotos- ... 8560_n.jpg
O24 - Desktop Components:2 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.22 01:03:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{e9122fa9-9f53-11e0-b2bb-0019db361b9e}\Shell - "" = AutoRun
O33 - MountPoints2\{e9122fa9-9f53-11e0-b2bb-0019db361b9e}\Shell\AutoRun\command - "" = I:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: EventSystem - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 7 Days ==========
[2011.12.07 17:47:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 17:18:30 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.07 17:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Downloads
[2011.12.07 15:31:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Magdalena\Recent
[2011.12.06 14:03:21 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011.12.06 14:03:05 | 000,195,416 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011.12.06 14:02:55 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011.12.06 14:01:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\avast! Internet Security
[2011.12.05 20:13:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
[2011.12.05 19:58:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\18 WoS Pedal to the Metal
[2011.12.05 18:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Steam
[2011.12.05 18:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011.12.05 18:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\SimBin
[2011.12.05 17:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Nabídka Start\Programy\Atari
[2011.12.05 17:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2011.12.05 17:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\My Games
[1999.04.07 16:39:18 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998.12.09 01:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998.12.09 01:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998.12.09 01:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998.12.09 01:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998.12.09 01:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.12.07 17:50:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 17:24:24 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.07 17:23:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.07 17:23:53 | 000,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011.12.07 16:57:10 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.07 15:33:39 | 000,018,038 | ---- | M] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:03:05 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.12.06 14:01:21 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.12.05 17:59:28 | 000,000,291 | ---- | M] () -- C:\WINDOWS\level.ini
[2011.12.04 11:47:34 | 000,013,706 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.30 20:21:34 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\Skype.lnk
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.07 17:50:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.07 15:33:37 | 000,018,038 | ---- | C] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:01:20 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.11.24 19:06:45 | 000,000,291 | ---- | C] () -- C:\WINDOWS\level.ini
[2011.11.24 19:06:45 | 000,000,075 | ---- | C] () -- C:\WINDOWS\tmp2Level.ini
[2011.04.14 14:29:35 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011.04.14 14:29:35 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011.04.14 14:29:35 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011.02.18 16:32:29 | 000,000,213 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.09.03 17:55:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Clifford Uninstall.exe
[2010.09.03 17:55:12 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CBP.INI
[2010.02.26 13:35:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010.02.05 16:36:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.02.01 18:39:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.02.01 18:39:26 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.12.16 16:57:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.16 16:57:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.12.04 15:19:00 | 000,000,381 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.12.03 18:29:53 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.11.24 19:17:44 | 000,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2009.11.22 19:08:26 | 000,146,152 | ---- | C] () -- C:\WINDOWS\hpoins12.dat
[2009.11.22 19:08:26 | 000,001,470 | ---- | C] () -- C:\WINDOWS\hpomdl12.dat
[2009.11.22 18:54:24 | 000,001,386 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009.11.22 18:07:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.11.22 16:20:02 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2009.11.22 14:40:54 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2009.11.22 14:16:13 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.11.22 14:11:09 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009.11.22 13:32:42 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009.11.22 13:32:39 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2009.11.22 13:22:12 | 000,001,174 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009.11.22 11:35:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.11.22 11:30:03 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.11.22 11:25:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.11.22 11:25:01 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.11.22 11:25:00 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.11.22 11:25:00 | 000,188,348 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.11.22 10:39:03 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2009.11.22 10:39:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.11.22 10:26:03 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.22 10:05:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.11.22 09:25:59 | 000,537,600 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2009.11.22 09:25:59 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2009.11.22 09:25:59 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2009.11.22 01:06:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.11.21 18:41:41 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.11.21 18:40:17 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.02.18 18:55:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009.02.03 21:52:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.06.12 15:09:00 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.06.06 18:13:06 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2004.08.18 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 13:00:00 | 000,412,428 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 13:00:00 | 000,407,690 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 13:00:00 | 000,070,888 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 13:00:00 | 000,062,008 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.01.09 17:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ashampoo
[2011.03.14 08:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2010.07.21 17:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NFS Underground
[2011.01.09 17:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Ashampoo
[2009.11.22 13:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeepBurner
[2009.11.22 13:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeviceDoctorSoftware
[2011.05.20 15:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Image Zone Express
[2009.11.22 19:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\OpenOffice.org
[2010.01.29 09:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Printer Info Cache
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"RGSC" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent -- [2008.11.14 14:35:36 | 000,305,064 | R--- | M] (Take-Two Interactive Software, Inc.)
"Steam" = "C:\Program Files\Steam\Steam.exe" -silent -- [2011.12.05 18:51:37 | 001,242,448 | ---- | M] (Valve Corporation)
< >
< MD5 for: ACPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:acpi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:acpi.sys
[2008.04.14 03:05:40 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008.04.14 03:05:40 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
[2004.08.18 13:00:00 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.10 15:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CMD.EXE >
[2004.08.18 13:00:00 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=4E5BE66CD70D52637589E9C3E2C1696D -- C:\WINDOWS\$NtServicePackUninstall$\cmd.exe
[2008.04.14 04:22:15 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\ServicePackFiles\i386\cmd.exe
[2008.04.14 04:22:15 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\cmd.exe
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2004.08.18 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 04:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 04:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: FASTFAT.SYS >
[2004.08.18 13:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.13 20:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 20:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
- Přílohy
-
- Extras.zip
- (9.2 KiB) Staženo 148 x
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.18 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: I8042PRT.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:i8042prt.sys
[2004.08.18 13:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=0F42DE9909B5DBF2C48DD1A79D491AF5 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys
[2008.04.14 03:21:15 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
[2008.04.14 03:21:15 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys
< MD5 for: ISAPNP.SYS >
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: KBDCLASS.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdclass.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:kbdclass.sys
[2008.04.14 03:29:06 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys
[2008.04.14 03:29:06 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6F877BF8DC01A550CD666F3BEDB2213C -- C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys
< MD5 for: LSASS.EXE >
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NTFS.SYS >
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.10 15:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\ntfs.sys
[2004.08.18 13:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
< MD5 for: REGEDIT.EXE >
[2004.08.18 13:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2008.04.14 04:22:42 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\regedit.exe
[2008.04.14 04:22:42 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 10:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 11:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SMSS.EXE >
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.10 15:00:00 | 000,469,504 | ---- | M] (Microsoft Corporation) MD5=C37F36D08F06A7B0CAF8C1EE9E4079A3 -- C:\cmdcons\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2004.08.18 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 04:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 04:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USER32.DLL >
[2004.08.18 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1B4CCC59980DA34E75F20E42B283B027 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:04 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:04 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2006.05.29 13:03:22 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\PNP\MOBO\VIAMRAID.SYS
< MD5 for: WIN32K.SYS >
[2009.08.14 16:06:27 | 001,859,328 | ---- | M] (Microsoft Corporation) MD5=02612CBD26452B050B500BC016F3BF51 -- C:\WINDOWS\$hf_mig$\KB969947\SP2QFE\win32k.sys
[2008.04.14 03:15:34 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys
[2008.04.14 03:15:34 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2010.06.24 22:30:08 | 001,861,120 | ---- | M] (Microsoft Corporation) MD5=1D6A389B0152D2164343731F4151079F -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys
[2010.09.01 08:57:41 | 001,852,800 | ---- | M] (Microsoft Corporation) MD5=21171C673C110D875FE031908409FE23 -- C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys
[2010.06.24 10:02:48 | 001,851,904 | ---- | M] (Microsoft Corporation) MD5=21A48AA96D99AEF0193526F5E762E21B -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys
[2011.06.06 12:36:17 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=44E7131AA0EB70AACADBA6034B443D0B -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
[2010.10.26 15:04:46 | 001,862,272 | ---- | M] (Microsoft Corporation) MD5=470811C7406C06BAD6CCEA5445D879C9 -- C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys
[2010.10.26 14:58:35 | 001,853,312 | ---- | M] (Microsoft Corporation) MD5=4FF440A38D242AA40D40F990C566DF32 -- C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys
[2011.06.06 12:35:21 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=5477E9351066CA7F70A92461A35F5310 -- C:\WINDOWS\$NtUninstallKB2567053$\win32k.sys
[2010.09.01 08:57:07 | 001,861,888 | ---- | M] (Microsoft Corporation) MD5=5577EC6934D639CB20EA0C90A8AF4923 -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys
[2011.03.03 14:52:12 | 001,866,880 | ---- | M] (Microsoft Corporation) MD5=570FB1C8ABCF6375169E94C23537019C -- C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys
[2009.08.14 16:15:39 | 001,850,624 | ---- | M] (Microsoft Corporation) MD5=670C868CDBDF46269EB7CC39B05A7513 -- C:\WINDOWS\$hf_mig$\KB969947\SP3GDR\win32k.sys
[2009.08.14 16:15:39 | 001,850,624 | ---- | M] (Microsoft Corporation) MD5=670C868CDBDF46269EB7CC39B05A7513 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2010.05.02 09:03:50 | 001,860,352 | ---- | M] (Microsoft Corporation) MD5=8402F80D7FCA8CD3A4BCF027773CAD34 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2009.08.14 17:00:31 | 001,859,712 | ---- | M] (Microsoft Corporation) MD5=862CAA1CB5EF221C09918FF185DF14D7 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys
[2010.05.02 09:09:42 | 001,851,264 | ---- | M] (Microsoft Corporation) MD5=8DFA2A74176D58E671C7FD9F8966DE99 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys
[2011.03.03 14:53:33 | 001,857,920 | ---- | M] (Microsoft Corporation) MD5=958A81E06C4E3510AEA1F6BCD258EF4C -- C:\WINDOWS\$NtUninstallKB2555917$\win32k.sys
[2010.12.31 15:04:07 | 001,854,976 | ---- | M] (Microsoft Corporation) MD5=AE4BFDE8B2841CE7F6AFAB0F43435445 -- C:\WINDOWS\$NtUninstallKB2506223$\win32k.sys
[2011.09.06 15:08:32 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=B14465CDD6AFA31154396B54254F2BA8 -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2010.12.31 15:02:56 | 001,864,064 | ---- | M] (Microsoft Corporation) MD5=D8525ABDAFFB6F08CDEF1D87B509B17B -- C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys
[2009.08.14 16:23:54 | 001,850,112 | ---- | M] (Microsoft Corporation) MD5=DD7495BBF161D81900F89369CCD257EF -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys
[2011.09.06 15:10:02 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=EC7DE8AE321E0B01C23770A2AD4AA66F -- C:\WINDOWS\system32\dllcache\win32k.sys
[2011.09.06 15:10:02 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=EC7DE8AE321E0B01C23770A2AD4AA66F -- C:\WINDOWS\system32\win32k.sys
[2004.08.18 13:00:00 | 001,835,904 | ---- | M] (Microsoft Corporation) MD5=F935B816A5B3D08E519D9EEBD65A6672 -- C:\WINDOWS\$NtUninstallKB969947_0$\win32k.sys
< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINSRV.DLL >
[2011.04.26 12:02:48 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=169D34A85EC9E415C4C3A03AA62A34B6 -- C:\WINDOWS\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
[2011.04.26 12:07:50 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=43B8BD54F87BFFFE5C560B2965E13C26 -- C:\WINDOWS\$NtUninstallKB2567680$\winsrv.dll
[2011.06.20 18:44:52 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4F1340B27E7590D3E42541769ABD5872 -- C:\WINDOWS\system32\dllcache\winsrv.dll
[2011.06.20 18:44:52 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4F1340B27E7590D3E42541769ABD5872 -- C:\WINDOWS\system32\winsrv.dll
[2010.06.18 18:46:19 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=681CB546E0EF9C44FDE21EE0D4307DF0 -- C:\WINDOWS\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
[2008.04.14 04:22:05 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\$NtUninstallKB2121546$\winsrv.dll
[2008.04.14 04:22:05 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
[2010.06.18 18:47:41 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=D7F6130150643691D61E957A2CD48D1B -- C:\WINDOWS\$NtUninstallKB2507938$\winsrv.dll
[2004.08.18 13:00:00 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=E4E57FBA176F2752527B1D53A663D2D7 -- C:\WINDOWS\$NtServicePackUninstall$\winsrv.dll
[2011.06.20 18:43:23 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=EF9951D90C530C39DEAB56C16160D837 -- C:\WINDOWS\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
< MD5 for: WS2_32.DLL >
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.12.29 09:57:18 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4v2.dll
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.12.29 09:57:18 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\hpzpp4v2.dll
[2008.07.06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /10 >
[2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFW.sys
[2011.11.28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys
[2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswNdis.sys
[2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswNdis2.sys
[2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 04:21:36 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 04:21:36 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 04:21:36 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 04:21:36 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 04:21:36 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 04:21:36 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 04:21:36 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2009.04.29 02:19:12 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 04:21:37 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 04:21:37 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 04:21:37 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 04:21:37 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 04:21:37 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 04:21:38 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.17 22:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2004.08.18 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2004.08.18 13:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2006.08.06 15:14:10 | 000,000,008 | ---- | M] () -- C:\WINDOWS\system32\drivers\RtkHDAud.dat
[2009.04.02 16:43:00 | 000,000,520 | ---- | M] () -- C:\WINDOWS\system32\drivers\SamSfPa.dat
[2008.04.14 04:21:55 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 04:22:04 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /10 >
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\aswBoot.exe
[2011.12.07 17:23:53 | 000,167,952 | ---- | M] () -- C:\WINDOWS\system32\ativvaxx.cap
[2011.12.06 14:03:05 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.12.07 18:06:09 | 000,022,196 | ---- | M] () -- C:\WINDOWS\system32\emptyregdb.dat
[2011.12.07 18:07:10 | 000,072,702 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.12.07 18:07:10 | 000,063,454 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.12.07 18:07:10 | 000,410,788 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.12.07 18:07:10 | 000,415,306 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.12.07 18:07:10 | 000,972,882 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.12.04 11:47:34 | 000,013,706 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2009.11.21 18:39:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.11.21 18:39:22 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.11.21 18:39:22 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job >
[2011.12.07 17:24:24 | 000,000,942 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.12.07 17:57:06 | 000,000,946 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\*.* /U /s >
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %systemroot%\*. /rp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2009.11.21 18:41:09 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\desktop.ini
[2011.07.28 12:30:50 | 000,002,709 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\hpzinstall.log
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2008.10.13 13:36:02 | 000,070,992 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe
[2009.11.23 17:17:38 | 001,962,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\NOS\Adobe_Downloads\install_flash_player_ax.exe
< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >
[2009.11.22 11:03:37 | 000,000,293 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\desktop.ini
< %ALLUSERSPROFILE%\Data Aplikácií\*.* >
< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %APPDATA%\*. >
[2010.01.07 09:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Adobe
[2009.11.29 09:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\ArcSoft
[2011.01.09 17:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Ashampoo
[2009.11.22 11:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\ATI
[2009.11.22 13:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeepBurner
[2009.11.22 13:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeviceDoctorSoftware
[2011.11.16 14:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\dvdcss
[2011.11.18 14:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Help
[2009.12.03 18:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\HP
[2009.11.22 01:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Identities
[2011.05.20 15:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Image Zone Express
[2009.11.22 13:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\InstallShield
[2009.11.22 13:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Macromedia
[2010.08.15 16:43:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Microsoft
[2009.11.22 17:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Motive
[2009.12.06 11:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla
[2009.11.22 19:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\OpenOffice.org
[2010.01.29 09:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Printer Info Cache
[2010.01.22 15:42:39 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\SecuROM
[2011.11.30 20:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Skype
[2011.11.30 20:21:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\skypePM
[2009.11.22 16:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Sun
[2011.01.09 17:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\THQ
[2011.11.16 14:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\vlc
< %APPDATA%\*.* >
[2009.11.21 18:41:09 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32|bak;true;false;false /fp >
< %PROGRAMFILES%|bak;true;false;false /fp >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.11.10 20:23:05 | 000,912,856 | ---- | M] (Mozilla Corporation) MD5=D29313B19219028151314B3F738FDB19 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.08.17 12:01:37 | 000,634,632 | -HS- | M] (Microsoft Corporation) MD5=6A1D755C68C10863C598C78A597FA7C3 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) MD5=5E101BF6336D3DEF4A588BF56BB2AA38 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< %APPDATA%\Local\Google\Chrome\Application\chrome.exe /md5 >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-11 20:04:06
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 1
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=3
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.07 17:50:59 | 000,000,512 | ---- | M] () MD5=6E2CEEA7ACF62AE688AA84E4DED92038 -- C:\PhysicalMBR.bin
< bcdedit /v >C:\boot.txt /c >
< type C:\boot.txt >> test1.txt /c >
< >
< >
< >
< >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3405.36910__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3405.36910_x-ww_a8b70be -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 -> Junction
< End of report >
Dalsi veci asi az zitra behem dopoledne... Zatim dekuji, zitra budou ty obrazky
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.18 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: I8042PRT.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:i8042prt.sys
[2004.08.18 13:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=0F42DE9909B5DBF2C48DD1A79D491AF5 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys
[2008.04.14 03:21:15 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
[2008.04.14 03:21:15 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys
< MD5 for: ISAPNP.SYS >
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: KBDCLASS.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdclass.sys
[2009.11.22 10:54:55 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:kbdclass.sys
[2008.04.14 03:29:06 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys
[2008.04.14 03:29:06 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6F877BF8DC01A550CD666F3BEDB2213C -- C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys
< MD5 for: LSASS.EXE >
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NTFS.SYS >
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.10 15:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\ntfs.sys
[2004.08.18 13:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
< MD5 for: REGEDIT.EXE >
[2004.08.18 13:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2008.04.14 04:22:42 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\regedit.exe
[2008.04.14 04:22:42 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 10:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 11:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SMSS.EXE >
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.10 15:00:00 | 000,469,504 | ---- | M] (Microsoft Corporation) MD5=C37F36D08F06A7B0CAF8C1EE9E4079A3 -- C:\cmdcons\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2004.08.18 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 04:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 04:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USER32.DLL >
[2004.08.18 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1B4CCC59980DA34E75F20E42B283B027 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:04 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:04 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2006.05.29 13:03:22 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\PNP\MOBO\VIAMRAID.SYS
< MD5 for: WIN32K.SYS >
[2009.08.14 16:06:27 | 001,859,328 | ---- | M] (Microsoft Corporation) MD5=02612CBD26452B050B500BC016F3BF51 -- C:\WINDOWS\$hf_mig$\KB969947\SP2QFE\win32k.sys
[2008.04.14 03:15:34 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys
[2008.04.14 03:15:34 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2010.06.24 22:30:08 | 001,861,120 | ---- | M] (Microsoft Corporation) MD5=1D6A389B0152D2164343731F4151079F -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys
[2010.09.01 08:57:41 | 001,852,800 | ---- | M] (Microsoft Corporation) MD5=21171C673C110D875FE031908409FE23 -- C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys
[2010.06.24 10:02:48 | 001,851,904 | ---- | M] (Microsoft Corporation) MD5=21A48AA96D99AEF0193526F5E762E21B -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys
[2011.06.06 12:36:17 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=44E7131AA0EB70AACADBA6034B443D0B -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
[2010.10.26 15:04:46 | 001,862,272 | ---- | M] (Microsoft Corporation) MD5=470811C7406C06BAD6CCEA5445D879C9 -- C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys
[2010.10.26 14:58:35 | 001,853,312 | ---- | M] (Microsoft Corporation) MD5=4FF440A38D242AA40D40F990C566DF32 -- C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys
[2011.06.06 12:35:21 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=5477E9351066CA7F70A92461A35F5310 -- C:\WINDOWS\$NtUninstallKB2567053$\win32k.sys
[2010.09.01 08:57:07 | 001,861,888 | ---- | M] (Microsoft Corporation) MD5=5577EC6934D639CB20EA0C90A8AF4923 -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys
[2011.03.03 14:52:12 | 001,866,880 | ---- | M] (Microsoft Corporation) MD5=570FB1C8ABCF6375169E94C23537019C -- C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys
[2009.08.14 16:15:39 | 001,850,624 | ---- | M] (Microsoft Corporation) MD5=670C868CDBDF46269EB7CC39B05A7513 -- C:\WINDOWS\$hf_mig$\KB969947\SP3GDR\win32k.sys
[2009.08.14 16:15:39 | 001,850,624 | ---- | M] (Microsoft Corporation) MD5=670C868CDBDF46269EB7CC39B05A7513 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2010.05.02 09:03:50 | 001,860,352 | ---- | M] (Microsoft Corporation) MD5=8402F80D7FCA8CD3A4BCF027773CAD34 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2009.08.14 17:00:31 | 001,859,712 | ---- | M] (Microsoft Corporation) MD5=862CAA1CB5EF221C09918FF185DF14D7 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys
[2010.05.02 09:09:42 | 001,851,264 | ---- | M] (Microsoft Corporation) MD5=8DFA2A74176D58E671C7FD9F8966DE99 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys
[2011.03.03 14:53:33 | 001,857,920 | ---- | M] (Microsoft Corporation) MD5=958A81E06C4E3510AEA1F6BCD258EF4C -- C:\WINDOWS\$NtUninstallKB2555917$\win32k.sys
[2010.12.31 15:04:07 | 001,854,976 | ---- | M] (Microsoft Corporation) MD5=AE4BFDE8B2841CE7F6AFAB0F43435445 -- C:\WINDOWS\$NtUninstallKB2506223$\win32k.sys
[2011.09.06 15:08:32 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=B14465CDD6AFA31154396B54254F2BA8 -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2010.12.31 15:02:56 | 001,864,064 | ---- | M] (Microsoft Corporation) MD5=D8525ABDAFFB6F08CDEF1D87B509B17B -- C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys
[2009.08.14 16:23:54 | 001,850,112 | ---- | M] (Microsoft Corporation) MD5=DD7495BBF161D81900F89369CCD257EF -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys
[2011.09.06 15:10:02 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=EC7DE8AE321E0B01C23770A2AD4AA66F -- C:\WINDOWS\system32\dllcache\win32k.sys
[2011.09.06 15:10:02 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=EC7DE8AE321E0B01C23770A2AD4AA66F -- C:\WINDOWS\system32\win32k.sys
[2004.08.18 13:00:00 | 001,835,904 | ---- | M] (Microsoft Corporation) MD5=F935B816A5B3D08E519D9EEBD65A6672 -- C:\WINDOWS\$NtUninstallKB969947_0$\win32k.sys
< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINSRV.DLL >
[2011.04.26 12:02:48 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=169D34A85EC9E415C4C3A03AA62A34B6 -- C:\WINDOWS\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
[2011.04.26 12:07:50 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=43B8BD54F87BFFFE5C560B2965E13C26 -- C:\WINDOWS\$NtUninstallKB2567680$\winsrv.dll
[2011.06.20 18:44:52 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4F1340B27E7590D3E42541769ABD5872 -- C:\WINDOWS\system32\dllcache\winsrv.dll
[2011.06.20 18:44:52 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4F1340B27E7590D3E42541769ABD5872 -- C:\WINDOWS\system32\winsrv.dll
[2010.06.18 18:46:19 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=681CB546E0EF9C44FDE21EE0D4307DF0 -- C:\WINDOWS\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
[2008.04.14 04:22:05 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\$NtUninstallKB2121546$\winsrv.dll
[2008.04.14 04:22:05 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
[2010.06.18 18:47:41 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=D7F6130150643691D61E957A2CD48D1B -- C:\WINDOWS\$NtUninstallKB2507938$\winsrv.dll
[2004.08.18 13:00:00 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=E4E57FBA176F2752527B1D53A663D2D7 -- C:\WINDOWS\$NtServicePackUninstall$\winsrv.dll
[2011.06.20 18:43:23 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=EF9951D90C530C39DEAB56C16160D837 -- C:\WINDOWS\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
< MD5 for: WS2_32.DLL >
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.12.29 09:57:18 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4v2.dll
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.12.29 09:57:18 | 000,273,920 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\hpzpp4v2.dll
[2008.07.06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /10 >
[2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFW.sys
[2011.11.28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys
[2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswNdis.sys
[2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswNdis2.sys
[2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 04:21:36 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 04:21:36 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 04:21:36 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 04:21:36 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 04:21:36 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 04:21:36 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 04:21:36 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2009.04.29 02:19:12 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 04:21:37 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 04:21:37 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 04:21:37 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 04:21:37 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 04:21:37 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 04:21:38 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.17 22:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2004.08.18 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2004.08.18 13:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2006.08.06 15:14:10 | 000,000,008 | ---- | M] () -- C:\WINDOWS\system32\drivers\RtkHDAud.dat
[2009.04.02 16:43:00 | 000,000,520 | ---- | M] () -- C:\WINDOWS\system32\drivers\SamSfPa.dat
[2008.04.14 04:21:55 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 04:22:04 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /10 >
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\aswBoot.exe
[2011.12.07 17:23:53 | 000,167,952 | ---- | M] () -- C:\WINDOWS\system32\ativvaxx.cap
[2011.12.06 14:03:05 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.12.07 18:06:09 | 000,022,196 | ---- | M] () -- C:\WINDOWS\system32\emptyregdb.dat
[2011.12.07 18:07:10 | 000,072,702 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.12.07 18:07:10 | 000,063,454 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.12.07 18:07:10 | 000,410,788 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.12.07 18:07:10 | 000,415,306 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.12.07 18:07:10 | 000,972,882 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.12.04 11:47:34 | 000,013,706 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2009.11.21 18:39:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.11.21 18:39:22 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.11.21 18:39:22 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job >
[2011.12.07 17:24:24 | 000,000,942 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.12.07 17:57:06 | 000,000,946 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\*.* /U /s >
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %systemroot%\*. /rp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2009.11.21 18:41:09 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\desktop.ini
[2011.07.28 12:30:50 | 000,002,709 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\hpzinstall.log
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2008.10.13 13:36:02 | 000,070,992 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe
[2009.11.23 17:17:38 | 001,962,544 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users.WINDOWS\Data Aplikací\NOS\Adobe_Downloads\install_flash_player_ax.exe
< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >
[2009.11.22 11:03:37 | 000,000,293 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\desktop.ini
< %ALLUSERSPROFILE%\Data Aplikácií\*.* >
< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %APPDATA%\*. >
[2010.01.07 09:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Adobe
[2009.11.29 09:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\ArcSoft
[2011.01.09 17:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Ashampoo
[2009.11.22 11:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\ATI
[2009.11.22 13:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeepBurner
[2009.11.22 13:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\DeviceDoctorSoftware
[2011.11.16 14:08:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\dvdcss
[2011.11.18 14:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Help
[2009.12.03 18:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\HP
[2009.11.22 01:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Identities
[2011.05.20 15:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Image Zone Express
[2009.11.22 13:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\InstallShield
[2009.11.22 13:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Macromedia
[2010.08.15 16:43:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Microsoft
[2009.11.22 17:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Motive
[2009.12.06 11:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla
[2009.11.22 19:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\OpenOffice.org
[2010.01.29 09:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Printer Info Cache
[2010.01.22 15:42:39 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\SecuROM
[2011.11.30 20:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Skype
[2011.11.30 20:21:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\skypePM
[2009.11.22 16:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\Sun
[2011.01.09 17:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\THQ
[2011.11.16 14:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Magdalena\Data aplikací\vlc
< %APPDATA%\*.* >
[2009.11.21 18:41:09 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32|bak;true;false;false /fp >
< %PROGRAMFILES%|bak;true;false;false /fp >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.11.10 20:23:05 | 000,912,856 | ---- | M] (Mozilla Corporation) MD5=D29313B19219028151314B3F738FDB19 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.08.17 12:01:37 | 000,634,632 | -HS- | M] (Microsoft Corporation) MD5=6A1D755C68C10863C598C78A597FA7C3 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) MD5=5E101BF6336D3DEF4A588BF56BB2AA38 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< %APPDATA%\Local\Google\Chrome\Application\chrome.exe /md5 >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-11 20:04:06
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 1
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=3
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.07 17:50:59 | 000,000,512 | ---- | M] () MD5=6E2CEEA7ACF62AE688AA84E4DED92038 -- C:\PhysicalMBR.bin
< bcdedit /v >C:\boot.txt /c >
< type C:\boot.txt >> test1.txt /c >
< >
< >
< >
< >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3405.36910__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3405.36910_x-ww_a8b70be -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 -> Junction
< End of report >
Dalsi veci asi az zitra behem dopoledne... Zatim dekuji, zitra budou ty obrazky
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
Posilam nejdrive csv exporty, u HOOKS/SSDT (obe) a HOOKS/IDT mi nejak nesly vytvorit, udelal jsem teda printscreeny. HOOKS/IAT/EAT taky nesel export, ale stejnak to bylo prazdne...
Prinscreeny posilam v zapesti
Prinscreeny posilam v zapesti
- Přílohy
-
- csv.zip
- (24.55 KiB) Staženo 103 x
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
ComboFix 11-12-06.02 - Magdalena 08.12.2011 15:46:34.1.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1022.804 [GMT 1:00]
Spuštěný z: c:\documents and settings\Magdalena\Plocha\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Xp\WINDOWS
c:\windows\CSC\d6
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-08 do 2011-12-08 )))))))))))))))))))))))))))))))
.
.
2011-12-08 09:37 . 2011-12-08 09:37 -------- d-----w- c:\documents and settings\Magdalena\Local Settings\Data aplikací\GHISLER
2011-12-07 17:45 . 2011-12-07 17:45 -------- d-----w- c:\documents and settings\Magdalena\Data aplikací\GHISLER
2011-12-07 17:02 . 2011-12-07 17:05 -------- d-----w- c:\windows\LastGood
2011-12-07 16:50 . 2011-12-07 16:50 512 ----a-w- C:\PhysicalMBR.bin
2011-12-07 16:18 . 2011-12-07 16:18 -------- d-----w- C:\rsit
2011-12-06 13:03 . 2011-11-28 17:54 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-12-06 13:03 . 2011-11-28 17:53 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-12-06 13:02 . 2011-11-28 17:26 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-12-05 19:13 . 2011-12-05 19:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
2011-12-05 17:20 . 2011-12-07 16:25 -------- d-----w- c:\program files\Steam
2011-12-05 17:13 . 2011-12-05 17:13 -------- d-----w- c:\program files\SimBin
2011-12-05 16:55 . 2011-12-05 16:55 -------- d-----w- c:\program files\Atari
2011-11-25 12:04 . 2011-11-25 12:04 -------- d-----w- c:\program files\SCi Games
2011-11-18 13:38 . 2011-11-18 13:38 -------- d-----w- c:\documents and settings\Magdalena\Local Settings\Data aplikací\Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-07 17:46 . 2011-12-07 17:46 9417 ----a-w- C:\Extras.zip
2011-11-28 18:01 . 2011-03-14 07:59 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2009-11-22 08:32 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-03-14 07:59 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2009-11-22 08:32 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2009-11-22 08:32 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2009-11-22 08:32 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2009-11-22 08:32 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2009-11-22 08:32 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2009-11-22 08:32 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2009-11-22 08:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-06 09:18 . 2011-04-14 13:29 21840 ----atw- c:\windows\system32\SIntfNT.dll
2011-11-06 09:18 . 2011-04-14 13:29 17212 ----atw- c:\windows\system32\SIntf32.dll
2011-11-06 09:18 . 2011-04-14 13:29 12067 ----atw- c:\windows\system32\SIntf16.dll
2011-10-10 14:22 . 2009-11-22 00:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:05 . 2004-08-18 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 18:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2004-08-18 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
1999-04-07 15:39 . 1999-04-07 15:39 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
1998-12-09 00:53 . 1998-12-09 00:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
1998-12-09 00:53 . 1998-12-09 00:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
1998-12-09 00:53 . 1998-12-09 00:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
1998-12-09 00:53 . 1998-12-09 00:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
1998-12-09 00:53 . 1998-12-09 00:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
2008-04-14 03:22 73728 --sha-w- c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"Steam"="c:\program files\Steam\Steam.exe" [2011-12-05 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-28 61440]
"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-08-15 1696256]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-17 17880576]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-03-14 1466368]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"RTBatteryMeter"="c:\program files\VibrateGameDeviceDriver\RFPIcon.exe" [2003-01-16 49152]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Magdalena^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\Magdalena\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 20:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2007-12-10 14:55 323584 ----a-w- c:\windows\PixArt\PAC207\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC207_Monitor]
2007-12-10 14:55 323584 ----a-w- c:\windows\PixArt\PAC207\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-11-14 13:35 305064 ----a-r- c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-03-09 08:02 26100520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\EA Games\\MOHAA\\MOHAA.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users.WINDOWS\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Czech\\setup.exe"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [6.12.2011 14:02 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [6.12.2011 14:03 195416]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [6.12.2011 14:03 111320]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.3.2011 8:59 435032]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.11.2009 9:32 314456]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.11.2009 9:32 20568]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [22.11.2009 14:11 1684736]
S3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\DynCal.sys [7.11.2007 18:15 12928]
S3 GZSQ;GZSQ;c:\windows\system32\drivers\GZSQ.SYS [4.2.2011 13:53 29843]
S3 PAC207;PC Camer@;c:\windows\system32\drivers\PFC027.SYS [6.11.2009 19:05 618112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-09 15:43]
.
2011-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-09 15:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-DriverUpdaterPro - c:\program files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-08 15:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-926492609-725345543-1002\Software\SecuROM\License information*]
"datasecu"=hex:ef,bd,03,30,aa,68,41,9e,f5,47,da,a2,7d,51,99,b1,86,08,4e,9e,b3,
38,f9,27,65,66,0d,ef,31,ca,b3,08,ea,c4,ae,99,7e,29,ea,7e,c4,54,22,60,29,15,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(924)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-12-08 15:55:12
ComboFix-quarantined-files.txt 2011-12-08 14:55
.
Před spuštěním: Volných bajtů: 100 472 987 648
Po spuštění: Volných bajtů: 100 526 379 008
.
- - End Of File - - 0C19E22E49DCFB76DE43E43D2DA75CD9
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1022.804 [GMT 1:00]
Spuštěný z: c:\documents and settings\Magdalena\Plocha\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Xp\WINDOWS
c:\windows\CSC\d6
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-08 do 2011-12-08 )))))))))))))))))))))))))))))))
.
.
2011-12-08 09:37 . 2011-12-08 09:37 -------- d-----w- c:\documents and settings\Magdalena\Local Settings\Data aplikací\GHISLER
2011-12-07 17:45 . 2011-12-07 17:45 -------- d-----w- c:\documents and settings\Magdalena\Data aplikací\GHISLER
2011-12-07 17:02 . 2011-12-07 17:05 -------- d-----w- c:\windows\LastGood
2011-12-07 16:50 . 2011-12-07 16:50 512 ----a-w- C:\PhysicalMBR.bin
2011-12-07 16:18 . 2011-12-07 16:18 -------- d-----w- C:\rsit
2011-12-06 13:03 . 2011-11-28 17:54 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-12-06 13:03 . 2011-11-28 17:53 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-12-06 13:02 . 2011-11-28 17:26 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-12-05 19:13 . 2011-12-05 19:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
2011-12-05 17:20 . 2011-12-07 16:25 -------- d-----w- c:\program files\Steam
2011-12-05 17:13 . 2011-12-05 17:13 -------- d-----w- c:\program files\SimBin
2011-12-05 16:55 . 2011-12-05 16:55 -------- d-----w- c:\program files\Atari
2011-11-25 12:04 . 2011-11-25 12:04 -------- d-----w- c:\program files\SCi Games
2011-11-18 13:38 . 2011-11-18 13:38 -------- d-----w- c:\documents and settings\Magdalena\Local Settings\Data aplikací\Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-07 17:46 . 2011-12-07 17:46 9417 ----a-w- C:\Extras.zip
2011-11-28 18:01 . 2011-03-14 07:59 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2009-11-22 08:32 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-03-14 07:59 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2009-11-22 08:32 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2009-11-22 08:32 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2009-11-22 08:32 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2009-11-22 08:32 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2009-11-22 08:32 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2009-11-22 08:32 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2009-11-22 08:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-06 09:18 . 2011-04-14 13:29 21840 ----atw- c:\windows\system32\SIntfNT.dll
2011-11-06 09:18 . 2011-04-14 13:29 17212 ----atw- c:\windows\system32\SIntf32.dll
2011-11-06 09:18 . 2011-04-14 13:29 12067 ----atw- c:\windows\system32\SIntf16.dll
2011-10-10 14:22 . 2009-11-22 00:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:05 . 2004-08-18 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 18:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2004-08-18 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
1999-04-07 15:39 . 1999-04-07 15:39 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
1998-12-09 00:53 . 1998-12-09 00:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
1998-12-09 00:53 . 1998-12-09 00:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
1998-12-09 00:53 . 1998-12-09 00:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
1998-12-09 00:53 . 1998-12-09 00:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
1998-12-09 00:53 . 1998-12-09 00:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
2008-04-14 03:22 73728 --sha-w- c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"Steam"="c:\program files\Steam\Steam.exe" [2011-12-05 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-28 61440]
"Control Center"="c:\program files\ASUS\WLAN Card Utilities\Center.exe" [2006-08-15 1696256]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-17 17880576]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-03-14 1466368]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"RTBatteryMeter"="c:\program files\VibrateGameDeviceDriver\RFPIcon.exe" [2003-01-16 49152]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Magdalena^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\Magdalena\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 20:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
2007-12-10 14:55 323584 ----a-w- c:\windows\PixArt\PAC207\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC207_Monitor]
2007-12-10 14:55 323584 ----a-w- c:\windows\PixArt\PAC207\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-11-14 13:35 305064 ----a-r- c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-03-09 08:02 26100520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\EA Games\\MOHAA\\MOHAA.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users.WINDOWS\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Czech\\setup.exe"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [6.12.2011 14:02 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [6.12.2011 14:03 195416]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [6.12.2011 14:03 111320]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.3.2011 8:59 435032]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.11.2009 9:32 314456]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.11.2009 9:32 20568]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [22.11.2009 14:11 1684736]
S3 DynCal;Dynamic Calibration Service;c:\windows\system32\drivers\DynCal.sys [7.11.2007 18:15 12928]
S3 GZSQ;GZSQ;c:\windows\system32\drivers\GZSQ.SYS [4.2.2011 13:53 29843]
S3 PAC207;PC Camer@;c:\windows\system32\drivers\PFC027.SYS [6.11.2009 19:05 618112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-09 15:43]
.
2011-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-09 15:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-DriverUpdaterPro - c:\program files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-08 15:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-926492609-725345543-1002\Software\SecuROM\License information*]
"datasecu"=hex:ef,bd,03,30,aa,68,41,9e,f5,47,da,a2,7d,51,99,b1,86,08,4e,9e,b3,
38,f9,27,65,66,0d,ef,31,ca,b3,08,ea,c4,ae,99,7e,29,ea,7e,c4,54,22,60,29,15,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(924)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-12-08 15:55:12
ComboFix-quarantined-files.txt 2011-12-08 14:55
.
Před spuštěním: Volných bajtů: 100 472 987 648
Po spuštění: Volných bajtů: 100 526 379 008
.
- - End Of File - - 0C19E22E49DCFB76DE43E43D2DA75CD9
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
no, presnejsi bohuzel bejt nemuzu 
nepodival jsem se na celou cestu, jen vim ze ten "rootkit" avast neumel pojmenovat, proste jen "rootkit" - provedte restart s naslednym scanem pred spustenim systemu. Tam uz vse probehlo OK, Avast nic nenasel. Dival jsem se ted do historie Avast a tam neni jedina zminka o nejake infekci, nebo cemkoliv 
RSIT uz bezi, zatim vse vypada OK.
Prikladam log z RSIT (kdyz uz se udelal
)¨
Logfile of random's system information tool 1.09 (written by random/random)
Run by Magdalena at 2011-12-08 16:21:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 96 GB (42%) free of 230 GB
Total RAM: 1022 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:21:59, on 8.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\Diag\RSIT\RSIT.exe
C:\Program Files\trend micro\Magdalena.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O24 - Desktop Component 0: (no name) - http://a5.sphotos.ak.fbcdn.net/hphotos- ... 9366_n.jpg
O24 - Desktop Component 1: (no name) - http://a1.sphotos.ak.fbcdn.net/hphotos- ... 8560_n.jpg
--
End of file - 6095 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-08-15 1696256]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-17 17880576]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-03-14 1466368]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"RTBatteryMeter"=C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]
"PAC207_Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-12-05 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC207_Monitor]
C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Magdalena^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-09-16 384512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\EA Games\MOHAA\MOHAA.exe"="C:\Program Files\EA Games\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe"="C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
======List of files/folders created in the last 1 month======
2011-12-08 16:21:55 ----D---- C:\Program Files\trend micro
2011-12-08 15:55:14 ----D---- C:\WINDOWS\temp
2011-12-08 15:55:13 ----A---- C:\ComboFix.txt
2011-12-08 15:44:00 ----A---- C:\WINDOWS\zip.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\SWSC.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\SWREG.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\sed.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\PEV.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\NIRCMD.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\MBR.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\grep.exe
2011-12-08 15:43:53 ----D---- C:\WINDOWS\ERDNT
2011-12-08 15:43:49 ----D---- C:\Qoobox
2011-12-07 18:45:27 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\GHISLER
2011-12-07 18:06:09 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2011-12-07 18:05:59 ----A---- C:\WINDOWS\vbaddin.ini
2011-12-07 18:05:59 ----A---- C:\WINDOWS\vb.ini
2011-12-07 18:01:32 ----A---- C:\WINDOWS\imsins.BAK
2011-12-07 17:20:00 ----A---- C:\WINDOWS\ntbtlog.txt
2011-12-07 17:18:30 ----D---- C:\rsit
2011-12-06 14:03:21 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys
2011-12-06 14:03:05 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2011-12-06 14:02:55 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2011-12-05 20:13:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
2011-12-05 18:20:00 ----D---- C:\Program Files\Steam
2011-12-05 18:13:50 ----D---- C:\Program Files\SimBin
2011-12-05 17:55:55 ----D---- C:\Program Files\Atari
2011-11-25 13:04:47 ----D---- C:\Program Files\SCi Games
2011-11-24 19:06:45 ----A---- C:\WINDOWS\tmp2Level.ini
2011-11-24 19:06:45 ----A---- C:\WINDOWS\level.ini
2011-11-18 14:38:16 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\Help
2011-11-11 21:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-11-09 19:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
======List of files/folders modified in the last 1 month======
2011-12-08 16:21:55 ----RD---- C:\Program Files
2011-12-08 16:21:30 ----D---- C:\WINDOWS\Prefetch
2011-12-08 16:19:52 ----D---- C:\WINDOWS
2011-12-08 16:19:10 ----AD---- C:\WINDOWS\system32
2011-12-08 16:19:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-08 15:53:48 ----A---- C:\WINDOWS\system.ini
2011-12-08 15:53:28 ----D---- C:\WINDOWS\system32\drivers\etc
2011-12-08 15:52:59 ----SHD---- C:\WINDOWS\CSC
2011-12-08 15:51:53 ----D---- C:\WINDOWS\system32\drivers
2011-12-08 15:50:54 ----D---- C:\WINDOWS\AppPatch
2011-12-08 15:50:51 ----D---- C:\Program Files\Common Files
2011-12-08 15:46:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-08 15:39:11 ----D---- C:\WINDOWS\security
2011-12-08 15:39:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-07 18:06:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-07 18:06:16 ----D---- C:\WINDOWS\system32\Com
2011-12-07 18:06:09 ----HD---- C:\WINDOWS\inf
2011-12-07 18:06:09 ----D---- C:\WINDOWS\Registration
2011-12-07 18:05:44 ----D---- C:\WINDOWS\system32\wbem
2011-12-07 18:05:43 ----D---- C:\WINDOWS\system32\inetsrv
2011-12-07 16:39:20 ----D---- C:\Config.Msi
2011-12-07 16:38:09 ----SHD---- C:\WINDOWS\Installer
2011-12-07 15:31:19 ----D---- C:\WINDOWS\Debug
2011-12-05 19:59:48 ----D---- C:\WINDOWS\system32\DirectX
2011-12-05 19:59:12 ----RSD---- C:\WINDOWS\assembly
2011-12-05 19:56:27 ----D---- C:\Program Files\City Interactive
2011-12-05 17:10:17 ----D---- C:\Program Files\TopCD
2011-12-05 14:00:46 ----D---- C:\Program Files\Mozilla Firefox
2011-12-04 11:50:24 ----D---- C:\WINDOWS\system32\config
2011-11-30 20:57:17 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\Skype
2011-11-30 20:21:41 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\skypePM
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-27 15:05:32 ----A---- C:\WINDOWS\win.ini
2011-11-25 19:57:00 ----SD---- C:\WINDOWS\Tasks
2011-11-25 13:09:24 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-25 13:03:09 ----D---- C:\Program Files\Richard Burns Rally
2011-11-18 14:38:16 ----D---- C:\WINDOWS\Help
2011-11-16 14:56:14 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\vlc
2011-11-16 14:08:56 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\dvdcss
2011-11-11 13:27:17 ----HD---- C:\WINDOWS\$hf_mig$
2011-11-09 19:09:15 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2011-11-28 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2011-11-28 195416]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2011-11-28 111320]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-11-22 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-04-20 5070848]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2009-03-14 1095808]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 catchme;catchme; \??\C:\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys [2007-11-07 12928]
S3 GZSQ;GZSQ; C:\WINDOWS\system32\drivers\GZSQ.SYS [2007-06-28 29843]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-12-06 21568]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PAC207;PC Camer@; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2008-02-13 618112]
S3 RT73;ASUS USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-08 344064]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2008-12-25 3721664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-09 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-09 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
nepodival jsem se na celou cestu, jen vim ze ten "rootkit" avast neumel pojmenovat, proste jen "rootkit" - provedte restart s naslednym scanem pred spustenim systemu. Tam uz vse probehlo OK, Avast nic nenasel. Dival jsem se ted do historie Avast a tam neni jedina zminka o nejake infekci, nebo cemkoliv RSIT uz bezi, zatim vse vypada OK.
Prikladam log z RSIT (kdyz uz se udelal
)¨Logfile of random's system information tool 1.09 (written by random/random)
Run by Magdalena at 2011-12-08 16:21:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 96 GB (42%) free of 230 GB
Total RAM: 1022 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:21:59, on 8.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\Diag\RSIT\RSIT.exe
C:\Program Files\trend micro\Magdalena.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O24 - Desktop Component 0: (no name) - http://a5.sphotos.ak.fbcdn.net/hphotos- ... 9366_n.jpg
O24 - Desktop Component 1: (no name) - http://a1.sphotos.ak.fbcdn.net/hphotos- ... 8560_n.jpg
--
End of file - 6095 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-08-15 1696256]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-17 17880576]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-03-14 1466368]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"RTBatteryMeter"=C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]
"PAC207_Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-12-05 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC207_Monitor]
C:\WINDOWS\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Magdalena^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.1.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-09-16 384512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\EA Games\MOHAA\MOHAA.exe"="C:\Program Files\EA Games\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe"="C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
======List of files/folders created in the last 1 month======
2011-12-08 16:21:55 ----D---- C:\Program Files\trend micro
2011-12-08 15:55:14 ----D---- C:\WINDOWS\temp
2011-12-08 15:55:13 ----A---- C:\ComboFix.txt
2011-12-08 15:44:00 ----A---- C:\WINDOWS\zip.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\SWSC.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\SWREG.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\sed.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\PEV.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\NIRCMD.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\MBR.exe
2011-12-08 15:44:00 ----A---- C:\WINDOWS\grep.exe
2011-12-08 15:43:53 ----D---- C:\WINDOWS\ERDNT
2011-12-08 15:43:49 ----D---- C:\Qoobox
2011-12-07 18:45:27 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\GHISLER
2011-12-07 18:06:09 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2011-12-07 18:05:59 ----A---- C:\WINDOWS\vbaddin.ini
2011-12-07 18:05:59 ----A---- C:\WINDOWS\vb.ini
2011-12-07 18:01:32 ----A---- C:\WINDOWS\imsins.BAK
2011-12-07 17:20:00 ----A---- C:\WINDOWS\ntbtlog.txt
2011-12-07 17:18:30 ----D---- C:\rsit
2011-12-06 14:03:21 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys
2011-12-06 14:03:05 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2011-12-06 14:02:55 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2011-12-05 20:13:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
2011-12-05 18:20:00 ----D---- C:\Program Files\Steam
2011-12-05 18:13:50 ----D---- C:\Program Files\SimBin
2011-12-05 17:55:55 ----D---- C:\Program Files\Atari
2011-11-25 13:04:47 ----D---- C:\Program Files\SCi Games
2011-11-24 19:06:45 ----A---- C:\WINDOWS\tmp2Level.ini
2011-11-24 19:06:45 ----A---- C:\WINDOWS\level.ini
2011-11-18 14:38:16 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\Help
2011-11-11 21:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-11-09 19:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
======List of files/folders modified in the last 1 month======
2011-12-08 16:21:55 ----RD---- C:\Program Files
2011-12-08 16:21:30 ----D---- C:\WINDOWS\Prefetch
2011-12-08 16:19:52 ----D---- C:\WINDOWS
2011-12-08 16:19:10 ----AD---- C:\WINDOWS\system32
2011-12-08 16:19:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-08 15:53:48 ----A---- C:\WINDOWS\system.ini
2011-12-08 15:53:28 ----D---- C:\WINDOWS\system32\drivers\etc
2011-12-08 15:52:59 ----SHD---- C:\WINDOWS\CSC
2011-12-08 15:51:53 ----D---- C:\WINDOWS\system32\drivers
2011-12-08 15:50:54 ----D---- C:\WINDOWS\AppPatch
2011-12-08 15:50:51 ----D---- C:\Program Files\Common Files
2011-12-08 15:46:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-08 15:39:11 ----D---- C:\WINDOWS\security
2011-12-08 15:39:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-07 18:06:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-07 18:06:16 ----D---- C:\WINDOWS\system32\Com
2011-12-07 18:06:09 ----HD---- C:\WINDOWS\inf
2011-12-07 18:06:09 ----D---- C:\WINDOWS\Registration
2011-12-07 18:05:44 ----D---- C:\WINDOWS\system32\wbem
2011-12-07 18:05:43 ----D---- C:\WINDOWS\system32\inetsrv
2011-12-07 16:39:20 ----D---- C:\Config.Msi
2011-12-07 16:38:09 ----SHD---- C:\WINDOWS\Installer
2011-12-07 15:31:19 ----D---- C:\WINDOWS\Debug
2011-12-05 19:59:48 ----D---- C:\WINDOWS\system32\DirectX
2011-12-05 19:59:12 ----RSD---- C:\WINDOWS\assembly
2011-12-05 19:56:27 ----D---- C:\Program Files\City Interactive
2011-12-05 17:10:17 ----D---- C:\Program Files\TopCD
2011-12-05 14:00:46 ----D---- C:\Program Files\Mozilla Firefox
2011-12-04 11:50:24 ----D---- C:\WINDOWS\system32\config
2011-11-30 20:57:17 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\Skype
2011-11-30 20:21:41 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\skypePM
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-27 15:05:32 ----A---- C:\WINDOWS\win.ini
2011-11-25 19:57:00 ----SD---- C:\WINDOWS\Tasks
2011-11-25 13:09:24 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-25 13:03:09 ----D---- C:\Program Files\Richard Burns Rally
2011-11-18 14:38:16 ----D---- C:\WINDOWS\Help
2011-11-16 14:56:14 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\vlc
2011-11-16 14:08:56 ----D---- C:\Documents and Settings\Magdalena\Data aplikací\dvdcss
2011-11-11 13:27:17 ----HD---- C:\WINDOWS\$hf_mig$
2011-11-09 19:09:15 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2011-11-28 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2011-11-28 195416]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2011-11-28 111320]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-11-22 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-04-20 5070848]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2009-03-14 1095808]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 catchme;catchme; \??\C:\DOCUME~1\MAGDAL~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DynCal;Dynamic Calibration Service; C:\WINDOWS\system32\drivers\Dyncal.sys [2007-11-07 12928]
S3 GZSQ;GZSQ; C:\WINDOWS\system32\drivers\GZSQ.SYS [2007-06-28 29843]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-12-06 21568]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PAC207;PC Camer@; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2008-02-13 618112]
S3 RT73;ASUS USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-08 344064]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2008-12-25 3721664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-09 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-09 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
tlacitko zadny se mi nejak nepodarilo naji 
tak jsem nedelal nic, jenom vlozil script a dal "prohledat" tady je log
OTL logfile created on: 9.12.2011 10:12:11 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Magdalena\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,42 Mb Total Physical Memory | 545,07 Mb Available Physical Memory | 53,31% Memory free
2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,46% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 93,60 Gb Free Space | 41,59% Space Free | Partition Type: NTFS
Computer Name: MAGDA | User Name: Magdalena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.03.14 08:43:00 | 001,466,368 | R--- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2008.08.15 17:33:08 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciTrayApp.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
PRC - [2006.08.15 15:48:14 | 001,696,256 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
PRC - [2003.01.16 10:32:40 | 000,049,152 | ---- | M] (Ruling Tec Pte Ltd) -- C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.08 19:31:17 | 001,645,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120801\algo.dll
MOD - [2011.12.08 10:55:15 | 001,645,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120800\algo.dll
MOD - [2011.12.08 00:32:09 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120801\aswRep.dll
MOD - [2011.12.08 00:32:09 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120800\aswRep.dll
MOD - [2011.11.15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011.11.15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011.11.15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011.11.15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011.11.15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011.11.15 03:36:18 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011.10.13 07:57:05 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.13 07:55:35 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.13 07:54:51 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.13 07:11:30 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.13 07:11:24 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.13 07:11:10 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.13 07:09:22 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.13 07:08:57 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.12 19:25:39 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.11.22 11:32:54 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3405.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3405.36840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3405.36928__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3405.36933__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.11.22 11:32:53 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3405.36917__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3405.36897__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3405.36879__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3405.36834__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:52 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3405.36834__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3405.36918__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:51 | 000,348,160 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:51 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3405.36883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:50 | 000,643,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:50 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:49 | 000,782,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3405.36872__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:49 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3405.36892__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:48 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3405.36835__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3405.36850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3405.36866__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:47 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3405.36877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3403.16829__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3403.16821__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3403.16841__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3403.16839__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3403.16852__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.11.22 11:32:44 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3403.16814__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.11.22 11:32:44 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3403.16838__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3403.16818__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.11.22 11:32:43 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3403.16813__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3403.16866__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.11.22 11:32:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3403.16851__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.11.22 11:32:42 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3403.16830__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3403.16823__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3403.16828__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3403.16854__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3403.16850__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3403.16836__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3403.16839__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,602,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3405.36941__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:39 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3405.36922__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.11.22 11:32:39 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3403.16838__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.11.22 11:32:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3403.16828__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3405.36821__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.11.22 11:32:38 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3405.36911__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.11.22 11:32:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3403.16826__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3403.16827__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3403.16838__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.11.22 11:32:38 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.11.22 11:32:37 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3405.36906__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.11.22 11:32:37 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3405.36839__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.11.22 11:32:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3405.36910__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3405.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3405.36824__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.11.22 11:32:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3403.16840__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3403.16820__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.11.22 11:32:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3403.16839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.11.22 11:32:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3403.16838__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 001,212,416 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3405.36830__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.11.22 11:32:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3405.36823__90ba9c70f846762e\APM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3405.36822__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3403.16835__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.22 11:32:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3403.16846__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3405.36911__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.07.28 16:36:26 | 000,167,936 | ---- | M] () -- C:\Program Files\ASUS\WLAN Card Utilities\AsAuthen.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - [2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.04.29 04:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.20 23:13:00 | 005,070,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.04.01 12:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.03.14 08:50:00 | 001,095,808 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2008.12.25 17:32:00 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.11.19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.08.05 20:10:00 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.11.07 18:15:44 | 000,012,928 | ---- | M] (Padix Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DynCal.sys -- (DynCal)
DRV - [2007.06.28 16:34:02 | 000,029,843 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GZSQ.SYS -- (GZSQ)
DRV - [2006.06.08 10:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006.01.04 15:41:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.08.18 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.18 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1367
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.06 14:02:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.24 11:34:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.10 20:23:09 | 000,000,000 | ---D | M]
[2009.12.06 11:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Extensions
[2011.12.05 14:00:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions
[2009.11.25 19:12:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.02 19:37:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-1.xml
[2010.07.23 08:59:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-10.xml
[2010.07.25 07:32:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-11.xml
[2010.09.11 06:10:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-12.xml
[2010.09.17 15:39:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-13.xml
[2010.10.20 14:01:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-14.xml
[2010.10.28 11:19:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-15.xml
[2010.12.13 19:07:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-16.xml
[2011.03.03 13:50:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-17.xml
[2011.03.05 17:57:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-18.xml
[2011.03.23 18:33:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-19.xml
[2009.12.06 11:44:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-2.xml
[2011.05.11 20:05:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-20.xml
[2011.05.11 20:39:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-21.xml
[2011.08.24 10:20:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-22.xml
[2011.10.12 17:25:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-23.xml
[2011.11.10 20:23:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-24.xml
[2009.12.18 15:28:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-3.xml
[2010.01.06 17:39:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-4.xml
[2010.02.18 15:13:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-5.xml
[2010.03.25 09:46:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-6.xml
[2010.04.02 10:36:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-7.xml
[2010.06.28 19:06:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-8.xml
[2010.06.30 17:24:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-9.xml
[2008.03.31 08:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.gif
[2008.03.31 08:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.src
[2009.11.22 10:06:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.xml
[2011.12.06 16:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.05 18:51:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAGDALENA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\8U5GABB2.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2011.12.06 14:02:56 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009.11.22 16:37:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.07.17 20:21:00 | 003,883,424 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2011.10.12 17:24:54 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.12 17:24:54 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.12 17:24:54 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.12 17:24:54 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.12 17:24:54 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
O1 HOSTS File: ([2011.12.08 15:53:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe (Ruling Tec Pte Ltd)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D9C5B60-7D29-4696-A0EC-614BF2A893F0}: DhcpNameServer = 192.168.1.1 212.96.167.18 212.96.161.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F58C74E1-032F-4AD7-8AA9-A1C8B5F6EA65}: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - http://a5.sphotos.ak.fbcdn.net/hphotos- ... 9366_n.jpg
O24 - Desktop Components:1 () - http://a1.sphotos.ak.fbcdn.net/hphotos- ... 8560_n.jpg
O24 - Desktop Components:2 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.22 01:03:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.08 16:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.08 15:55:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.12.08 15:44:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.12.08 15:44:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.12.08 15:44:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.12.08 15:44:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.12.08 15:43:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.12.08 15:43:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.08 15:42:46 | 004,331,784 | R--- | C] (Swearware) -- C:\Documents and Settings\Magdalena\Plocha\ComboFix.exe
[2011.12.08 10:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\GHISLER
[2011.12.08 10:37:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Plocha\csv
[2011.12.08 10:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Plocha\PowerToolV4.1_en
[2011.12.07 18:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Data aplikací\GHISLER
[2011.12.07 18:06:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Hry
[2011.12.07 17:47:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 17:18:30 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.07 17:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Downloads
[2011.12.07 15:31:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Magdalena\Recent
[2011.12.06 14:03:21 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011.12.06 14:03:05 | 000,195,416 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011.12.06 14:02:55 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011.12.06 14:01:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\avast! Internet Security
[2011.12.05 20:13:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
[2011.12.05 19:58:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\18 WoS Pedal to the Metal
[2011.12.05 18:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Steam
[2011.12.05 18:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011.12.05 18:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\SimBin
[2011.12.05 17:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Nabídka Start\Programy\Atari
[2011.12.05 17:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2011.12.05 17:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\My Games
[2011.11.30 17:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\klec na koně
[2011.11.25 13:09:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Nabídka Start\Programy\SCi Games
[2011.11.25 13:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\SCi Games
[2011.11.24 19:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Enviro-Bear 2000
[2011.11.24 19:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Cockpit Crash 1984
[2011.11.24 19:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Nová složka (2)
[2011.11.18 14:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Help
[2011.11.18 14:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Data aplikací\Help
[2011.11.10 20:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Street Racing Syndicate
[1999.04.07 16:39:18 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998.12.09 01:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998.12.09 01:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998.12.09 01:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998.12.09 01:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998.12.09 01:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.09 10:06:17 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.09 09:57:03 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.09 09:54:56 | 000,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011.12.09 09:54:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.08 16:19:10 | 000,415,450 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.08 16:19:10 | 000,411,070 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.12.08 16:19:10 | 000,072,890 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.12.08 16:19:10 | 000,063,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.08 15:53:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.12.08 15:40:14 | 004,331,784 | R--- | M] (Swearware) -- C:\Documents and Settings\Magdalena\Plocha\ComboFix.exe
[2011.12.07 18:46:12 | 000,009,417 | ---- | M] () -- C:\Extras.zip
[2011.12.07 18:14:02 | 000,066,774 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\PrintSCR_spravce.JPG
[2011.12.07 18:06:09 | 000,022,196 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.12.07 18:02:28 | 000,003,739 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.07 17:50:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 15:33:39 | 000,018,038 | ---- | M] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:03:05 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.12.06 14:01:21 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.12.05 17:59:28 | 000,000,291 | ---- | M] () -- C:\WINDOWS\level.ini
[2011.12.04 11:47:34 | 000,013,706 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.30 20:21:34 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\Skype.lnk
[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.11.28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011.11.27 18:55:22 | 000,060,928 | ---- | M] () -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.27 10:14:15 | 000,000,075 | ---- | M] () -- C:\WINDOWS\tmp2Level.ini
[2011.11.25 13:09:14 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\Richard Burns Rally.lnk
[2011.11.24 19:06:52 | 000,961,376 | ---- | M] () -- C:\WINDOWS\content.csv
[2011.11.17 16:57:50 | 000,001,816 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.08 15:44:00 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.12.08 15:44:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.12.08 15:44:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.12.08 15:44:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.12.08 15:44:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.12.07 18:46:12 | 000,009,417 | ---- | C] () -- C:\Extras.zip
[2011.12.07 18:09:38 | 000,066,774 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\PrintSCR_spravce.JPG
[2011.12.07 18:06:13 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Windows Messenger.lnk
[2011.12.07 18:06:09 | 000,022,196 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.12.07 18:01:32 | 000,003,739 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.12.07 17:50:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.07 15:33:37 | 000,018,038 | ---- | C] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:01:20 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.11.25 13:09:14 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\Richard Burns Rally.lnk
[2011.11.24 19:06:52 | 000,961,376 | ---- | C] () -- C:\WINDOWS\content.csv
[2011.11.24 19:06:45 | 000,000,291 | ---- | C] () -- C:\WINDOWS\level.ini
[2011.11.24 19:06:45 | 000,000,075 | ---- | C] () -- C:\WINDOWS\tmp2Level.ini
[2011.04.14 14:29:35 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011.04.14 14:29:35 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011.04.14 14:29:35 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011.02.18 16:32:29 | 000,000,213 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.09.03 17:55:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Clifford Uninstall.exe
[2010.09.03 17:55:12 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CBP.INI
[2010.02.26 13:35:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010.02.05 16:36:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.02.01 18:39:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.02.01 18:39:26 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.12.16 16:57:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.16 16:57:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.12.04 15:19:00 | 000,000,381 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.12.03 18:29:53 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.11.24 19:17:44 | 000,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2009.11.22 19:08:26 | 000,146,152 | ---- | C] () -- C:\WINDOWS\hpoins12.dat
[2009.11.22 19:08:26 | 000,001,470 | ---- | C] () -- C:\WINDOWS\hpomdl12.dat
[2009.11.22 18:54:24 | 000,001,386 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009.11.22 18:07:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.11.22 16:20:02 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2009.11.22 14:40:54 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2009.11.22 14:16:13 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.11.22 14:11:09 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009.11.22 13:32:42 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009.11.22 13:32:39 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2009.11.22 13:22:12 | 000,001,174 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009.11.22 11:35:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.11.22 11:30:03 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.11.22 11:25:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.11.22 11:25:01 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.11.22 11:25:00 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.11.22 11:25:00 | 000,188,348 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.11.22 10:39:03 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2009.11.22 10:39:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.11.22 10:26:03 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.22 10:05:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.11.22 09:25:59 | 000,537,600 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2009.11.22 09:25:59 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2009.11.22 09:25:59 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2009.11.22 01:06:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.11.21 18:41:41 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.11.21 18:40:17 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.02.18 18:55:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009.02.03 21:52:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.06.12 15:09:00 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.06.06 18:13:06 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2004.08.18 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 13:00:00 | 000,415,450 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 13:00:00 | 000,411,070 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 13:00:00 | 000,072,890 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 13:00:00 | 000,063,598 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== Custom Scans ==========
< %systemroot%\*.* /U /s >
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %systemroot%\*. /rp /s >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3405.36910__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3405.36910_x-ww_a8b70be -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 -> Junction
< End of report >
tak jsem nedelal nic, jenom vlozil script a dal "prohledat" tady je logOTL logfile created on: 9.12.2011 10:12:11 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Magdalena\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,42 Mb Total Physical Memory | 545,07 Mb Available Physical Memory | 53,31% Memory free
2,40 Gb Paging File | 1,93 Gb Available in Paging File | 80,46% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 93,60 Gb Free Space | 41,59% Space Free | Partition Type: NTFS
Computer Name: MAGDA | User Name: Magdalena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.15 06:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.03.14 08:43:00 | 001,466,368 | R--- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2008.08.15 17:33:08 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciTrayApp.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
PRC - [2006.08.15 15:48:14 | 001,696,256 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
PRC - [2003.01.16 10:32:40 | 000,049,152 | ---- | M] (Ruling Tec Pte Ltd) -- C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.08 19:31:17 | 001,645,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120801\algo.dll
MOD - [2011.12.08 10:55:15 | 001,645,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120800\algo.dll
MOD - [2011.12.08 00:32:09 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120801\aswRep.dll
MOD - [2011.12.08 00:32:09 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120800\aswRep.dll
MOD - [2011.11.15 06:39:54 | 000,420,920 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011.11.15 06:39:53 | 003,702,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011.11.15 06:38:16 | 000,122,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011.11.15 06:38:15 | 000,222,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011.11.15 06:38:14 | 001,746,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011.11.15 03:36:18 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MOD - [2011.10.13 07:57:05 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.13 07:55:35 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.13 07:54:51 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.13 07:11:30 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.13 07:11:24 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.13 07:11:10 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.13 07:09:22 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.13 07:08:57 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.12 19:25:39 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.11.22 11:32:54 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3405.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3405.36840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.11.22 11:32:54 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3405.36928__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3405.36933__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.11.22 11:32:54 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3405.36929__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.11.22 11:32:53 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3405.36917__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:53 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3405.36897__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3405.36879__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:53 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3405.36834__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:52 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3405.36834__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3405.36845__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3405.36918__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:52 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3405.36844__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:51 | 000,348,160 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3405.36884__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:51 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3405.36883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:50 | 000,643,072 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:50 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3405.36927__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:49 | 000,782,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3405.36872__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:49 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3405.36892__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.11.22 11:32:48 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3405.36835__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3405.36846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:48 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3405.36850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:48 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3405.36876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3405.36866__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:47 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:47 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3405.36877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3405.36870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009.11.22 11:32:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3405.36871__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3403.16829__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3403.16821__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.11.22 11:32:46 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3403.16841__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3403.16853__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3403.16839__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3403.16852__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.11.22 11:32:45 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.11.22 11:32:44 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3403.16814__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.11.22 11:32:44 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3403.16838__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3403.16818__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.11.22 11:32:43 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3403.16813__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.11.22 11:32:43 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3403.16866__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.11.22 11:32:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3403.16851__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.11.22 11:32:43 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.11.22 11:32:42 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3403.16830__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3403.16833__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3403.16823__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3403.16828__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3403.16842__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.11.22 11:32:42 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3403.16854__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.11.22 11:32:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3403.16850__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3403.16845__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3403.16836__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3403.16843__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3403.16839__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3403.16844__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.11.22 11:32:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3403.16841__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,602,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3405.36941__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:39 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3405.36922__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.11.22 11:32:39 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3403.16838__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.11.22 11:32:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3403.16828__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.11.22 11:32:39 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3405.36821__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.11.22 11:32:38 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3405.36911__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.11.22 11:32:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3403.16826__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3403.16827__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3403.16838__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.11.22 11:32:38 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.11.22 11:32:38 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.11.22 11:32:37 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3405.36906__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.11.22 11:32:37 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3405.36839__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.11.22 11:32:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3405.36910__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3405.36825__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.11.22 11:32:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3405.36824__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.11.22 11:32:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3403.16840__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3403.16820__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.11.22 11:32:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3403.16839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.11.22 11:32:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3403.16838__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 001,212,416 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3405.36830__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.11.22 11:32:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3405.36823__90ba9c70f846762e\APM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3405.36822__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.11.22 11:32:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3403.16835__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.22 11:32:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3403.16846__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.11.22 11:32:35 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3405.36911__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.07.28 16:36:26 | 000,167,936 | ---- | M] () -- C:\Program Files\ASUS\WLAN Card Utilities\AsAuthen.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.11.28 19:01:23 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - [2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.04.29 04:30:44 | 003,643,904 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.20 23:13:00 | 005,070,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.04.01 12:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.03.14 08:50:00 | 001,095,808 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2008.12.25 17:32:00 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.11.19 16:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.19 16:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.19 16:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.08.05 20:10:00 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.11.07 18:15:44 | 000,012,928 | ---- | M] (Padix Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DynCal.sys -- (DynCal)
DRV - [2007.06.28 16:34:02 | 000,029,843 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GZSQ.SYS -- (GZSQ)
DRV - [2006.06.08 10:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006.01.04 15:41:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.08.18 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.18 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1367
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - HKLM\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer10: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.06 14:02:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.24 11:34:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.10 20:23:09 | 000,000,000 | ---D | M]
[2009.12.06 11:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Extensions
[2011.12.05 14:00:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions
[2009.11.25 19:12:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.02 19:37:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-1.xml
[2010.07.23 08:59:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-10.xml
[2010.07.25 07:32:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-11.xml
[2010.09.11 06:10:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-12.xml
[2010.09.17 15:39:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-13.xml
[2010.10.20 14:01:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-14.xml
[2010.10.28 11:19:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-15.xml
[2010.12.13 19:07:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-16.xml
[2011.03.03 13:50:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-17.xml
[2011.03.05 17:57:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-18.xml
[2011.03.23 18:33:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-19.xml
[2009.12.06 11:44:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-2.xml
[2011.05.11 20:05:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-20.xml
[2011.05.11 20:39:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-21.xml
[2011.08.24 10:20:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-22.xml
[2011.10.12 17:25:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-23.xml
[2011.11.10 20:23:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-24.xml
[2009.12.18 15:28:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-3.xml
[2010.01.06 17:39:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-4.xml
[2010.02.18 15:13:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-5.xml
[2010.03.25 09:46:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-6.xml
[2010.04.02 10:36:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-7.xml
[2010.06.28 19:06:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-8.xml
[2010.06.30 17:24:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin-9.xml
[2008.03.31 08:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.gif
[2008.03.31 08:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.src
[2009.11.22 10:06:17 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Magdalena\Data aplikací\Mozilla\Firefox\Profiles\8u5gabb2.default\searchplugins\icqplugin.xml
[2011.12.06 16:53:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.05 18:51:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAGDALENA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\8U5GABB2.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2011.12.06 14:02:56 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009.11.22 16:37:10 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.07.17 20:21:00 | 003,883,424 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2011.10.12 17:24:54 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.12 17:24:54 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.12 17:24:54 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.12 17:24:54 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.12 17:24:54 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
O1 HOSTS File: ([2011.12.08 15:53:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RTBatteryMeter] C:\Program Files\VibrateGameDeviceDriver\rfpicon.exe (Ruling Tec Pte Ltd)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D9C5B60-7D29-4696-A0EC-614BF2A893F0}: DhcpNameServer = 192.168.1.1 212.96.167.18 212.96.161.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F58C74E1-032F-4AD7-8AA9-A1C8B5F6EA65}: DhcpNameServer = 192.168.2.1 212.96.167.18 89.190.50.18
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - http://a5.sphotos.ak.fbcdn.net/hphotos- ... 9366_n.jpg
O24 - Desktop Components:1 () - http://a1.sphotos.ak.fbcdn.net/hphotos- ... 8560_n.jpg
O24 - Desktop Components:2 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.22 01:03:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.08 16:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.08 15:55:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.12.08 15:44:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.12.08 15:44:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.12.08 15:44:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.12.08 15:44:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.12.08 15:43:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.12.08 15:43:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.08 15:42:46 | 004,331,784 | R--- | C] (Swearware) -- C:\Documents and Settings\Magdalena\Plocha\ComboFix.exe
[2011.12.08 10:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\GHISLER
[2011.12.08 10:37:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Plocha\csv
[2011.12.08 10:27:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Plocha\PowerToolV4.1_en
[2011.12.07 18:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Data aplikací\GHISLER
[2011.12.07 18:06:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Hry
[2011.12.07 17:47:06 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 17:18:30 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.07 17:17:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Downloads
[2011.12.07 15:31:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Magdalena\Recent
[2011.12.06 14:03:21 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011.12.06 14:03:05 | 000,195,416 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011.12.06 14:02:55 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011.12.06 14:01:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\avast! Internet Security
[2011.12.05 20:13:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab Setup Files
[2011.12.05 19:58:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\18 WoS Pedal to the Metal
[2011.12.05 18:20:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Steam
[2011.12.05 18:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011.12.05 18:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\SimBin
[2011.12.05 17:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Nabídka Start\Programy\Atari
[2011.12.05 17:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2011.12.05 17:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\My Games
[2011.11.30 17:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\klec na koně
[2011.11.25 13:09:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Nabídka Start\Programy\SCi Games
[2011.11.25 13:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\SCi Games
[2011.11.24 19:10:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Enviro-Bear 2000
[2011.11.24 19:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Cockpit Crash 1984
[2011.11.24 19:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Nová složka (2)
[2011.11.18 14:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\Help
[2011.11.18 14:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Data aplikací\Help
[2011.11.10 20:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Magdalena\Dokumenty\Street Racing Syndicate
[1999.04.07 16:39:18 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998.12.09 01:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998.12.09 01:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998.12.09 01:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998.12.09 01:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998.12.09 01:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.09 10:06:17 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.09 09:57:03 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.09 09:54:56 | 000,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011.12.09 09:54:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.08 16:19:10 | 000,415,450 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.08 16:19:10 | 000,411,070 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.12.08 16:19:10 | 000,072,890 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.12.08 16:19:10 | 000,063,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.08 15:53:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.12.08 15:40:14 | 004,331,784 | R--- | M] (Swearware) -- C:\Documents and Settings\Magdalena\Plocha\ComboFix.exe
[2011.12.07 18:46:12 | 000,009,417 | ---- | M] () -- C:\Extras.zip
[2011.12.07 18:14:02 | 000,066,774 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\PrintSCR_spravce.JPG
[2011.12.07 18:06:09 | 000,022,196 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.12.07 18:02:28 | 000,003,739 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.07 17:50:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.07 17:47:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Magdalena\Plocha\OTL.exe
[2011.12.07 15:33:39 | 000,018,038 | ---- | M] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:03:05 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.12.06 14:01:21 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.12.05 17:59:28 | 000,000,291 | ---- | M] () -- C:\WINDOWS\level.ini
[2011.12.04 11:47:34 | 000,013,706 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.30 20:21:34 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\Skype.lnk
[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.11.28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.11.28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.11.28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.11.28 18:26:19 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011.11.27 18:55:22 | 000,060,928 | ---- | M] () -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.27 10:14:15 | 000,000,075 | ---- | M] () -- C:\WINDOWS\tmp2Level.ini
[2011.11.25 13:09:14 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\Magdalena\Plocha\Richard Burns Rally.lnk
[2011.11.24 19:06:52 | 000,961,376 | ---- | M] () -- C:\WINDOWS\content.csv
[2011.11.17 16:57:50 | 000,001,816 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.08 15:44:00 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.12.08 15:44:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.12.08 15:44:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.12.08 15:44:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.12.08 15:44:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.12.07 18:46:12 | 000,009,417 | ---- | C] () -- C:\Extras.zip
[2011.12.07 18:09:38 | 000,066,774 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\PrintSCR_spravce.JPG
[2011.12.07 18:06:13 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Windows Messenger.lnk
[2011.12.07 18:06:09 | 000,022,196 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.12.07 18:01:32 | 000,003,739 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.12.07 17:50:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.07 15:33:37 | 000,018,038 | ---- | C] () -- C:\Documents and Settings\Magdalena\Dokumenty\cc_20111207_153332.reg
[2011.12.06 14:01:20 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\avast! Internet Security.lnk
[2011.12.05 19:56:50 | 000,001,815 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\18 Wheels of Steel - Pedal to the Metal.lnk
[2011.11.25 13:09:14 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\Magdalena\Plocha\Richard Burns Rally.lnk
[2011.11.24 19:06:52 | 000,961,376 | ---- | C] () -- C:\WINDOWS\content.csv
[2011.11.24 19:06:45 | 000,000,291 | ---- | C] () -- C:\WINDOWS\level.ini
[2011.11.24 19:06:45 | 000,000,075 | ---- | C] () -- C:\WINDOWS\tmp2Level.ini
[2011.04.14 14:29:35 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011.04.14 14:29:35 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011.04.14 14:29:35 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011.02.18 16:32:29 | 000,000,213 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.09.03 17:55:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Clifford Uninstall.exe
[2010.09.03 17:55:12 | 000,000,091 | ---- | C] () -- C:\WINDOWS\CBP.INI
[2010.02.26 13:35:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010.02.05 16:36:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.02.01 18:39:30 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.02.01 18:39:26 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.12.16 16:57:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.16 16:57:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.12.04 15:19:00 | 000,000,381 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.12.03 18:29:53 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.11.24 19:17:44 | 000,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2009.11.22 19:08:26 | 000,146,152 | ---- | C] () -- C:\WINDOWS\hpoins12.dat
[2009.11.22 19:08:26 | 000,001,470 | ---- | C] () -- C:\WINDOWS\hpomdl12.dat
[2009.11.22 18:54:24 | 000,001,386 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009.11.22 18:07:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.11.22 16:20:02 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2009.11.22 14:40:54 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2009.11.22 14:16:13 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.11.22 14:11:09 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009.11.22 13:32:42 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009.11.22 13:32:39 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2009.11.22 13:22:12 | 000,001,174 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009.11.22 11:35:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.11.22 11:30:03 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.11.22 11:25:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.11.22 11:25:01 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.11.22 11:25:00 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009.11.22 11:25:00 | 000,188,348 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.11.22 10:39:03 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2009.11.22 10:39:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.11.22 10:26:03 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\Magdalena\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.22 10:05:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.11.22 09:25:59 | 000,537,600 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2009.11.22 09:25:59 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2009.11.22 09:25:59 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2009.11.22 01:06:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.11.21 18:41:41 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.11.21 18:40:17 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.02.18 18:55:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009.02.03 21:52:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.06.12 15:09:02 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.06.12 15:09:00 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.06.12 15:08:58 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.06.06 18:13:06 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2005.01.25 15:15:42 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL
[2004.08.18 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 13:00:00 | 000,415,450 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 13:00:00 | 000,411,070 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 13:00:00 | 000,072,890 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 13:00:00 | 000,063,598 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== Custom Scans ==========
< %systemroot%\*.* /U /s >
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %systemroot%\*. /rp /s >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3405.36910__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3405.36910_x-ww_a8b70be -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e] -> C:\WINDOWS\WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 -> Junction
< End of report >
Re: Pls o kontrolu logu - rootkit? - nejde pustit RSIT
OK.
Super, dekuji za pomoc
Super, dekuji za pomoc
Přispějete na provoz fóra?
