Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

vytížení pc na 100%

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Danstahr
Přítel fóra
Přítel fóra
Příspěvky: 1069
Registrován: 28 říj 2006 20:23
Bydliště: Londýn
Kontaktovat uživatele:
Kontaktovat uživatele Danstahr

Re: vytížení pc na 100%

#16 Příspěvek od Danstahr »

Vydrzte prosim do zitrka, nejede mi internet a z mobilu lustit nelze, diky.
Koupím trochu času, cenu respektuji.
Nahoru
Uživatelský avatar
Danstahr
Přítel fóra
Přítel fóra
Příspěvky: 1069
Registrován: 28 říj 2006 20:23
Bydliště: Londýn
Kontaktovat uživatele:
Kontaktovat uživatele Danstahr

Re: vytížení pc na 100%

#17 Příspěvek od Danstahr »

Tak už to jede, snad na déle než na minutu...

:arrow: Máte po ruce nějaký jiný neinfikovaný počítač s vypalovačkou?
Koupím trochu času, cenu respektuji.
Nahoru
manatte
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 20 črc 2011 22:59

Re: vytížení pc na 100%

#18 Příspěvek od manatte »

Ano mám.
Bohužel, taky časového vytížení zde budu zase zítra cca od. 18:00.

Děkuji moc za pomoc
Nahoru
Uživatelský avatar
Danstahr
Přítel fóra
Přítel fóra
Příspěvky: 1069
Registrován: 28 říj 2006 20:23
Bydliště: Londýn
Kontaktovat uživatele:
Kontaktovat uživatele Danstahr

Re: vytížení pc na 100%

#19 Příspěvek od Danstahr »

Navod od kolegy Naughtyho (omlouvam se za pokazenou cestinu):
Dìlej na nenakaženém pc!

Prvnì stáhni z následujících odkazù dva soubory http://www.itxassociates.com/OT-Tools/OTLPEStd.exe a http://www.eeepc.fr/wp-content/uploads/ ... eepcfr.zip
¨

Pøedpøíprava instal souborù
----------------------------

1.

Za pomocí winrar/7-zip rozbal OTLPEStd do libovolné složky, jenž bude obsahovat tøi soubory:

ImgBurn.exe
ImgBurn.ini
OTLPE_New_Std.iso <-- Opìt rozbal, ale tentokrát na plochu, tak aby byla složka OTLPE_New_Std, v ní budou už složky/soubory programu


2.

Rozbal eeepcfr.zip vedle složky OTLPE_New_Std, tak aby existovala jen jedna složka eeepcfr obsahující samotné soubory/složky programu.


Pøíprava bootovací flash (klúèe)
---------------------------------

Vlož prázdnou flash (min. požadavek kapacity 512MB) do usb
Spus ...\eeecpfr\usb_prep8.cmd, pøi objevení èerného okna zmaèkni libovolnou klávesu, tímto krokem dojde k naètení ovládacího okna.

Nastav:
- pod USB removable nastav zprávnou jednotku s flashkou
- do Drive Label vypiš: OTLPE
- klikni na tøi teèky u "Source Path to built BartPE/WinPE Files" navol cestu ke složce OTLPE_New_Std (klik na Ok)
- zbytek programu nech nastaveno jak je (viz pøiložený obrázek)

Obrázek

- ujisti se, že je ptvrzena volba "Enable File Copy".
- klik na Start, potvrï 2X kliknutím na YES/Ano
- dojde ke kopírování souborù, pøi dokonèení potvrï dialogove okno
- kliknutím na "close" ukonci program PetoUSB, ukonèi i èerné okno

poznámka: pokud tì vyzvu zkopíruj na flash i soubory, které sem uvedl

- vytáhni flash s PC.

Pokud nejde vytvoøit flash disk, spus nero, v menu programu zvol otevøít, najdi cestu k iso souboru (tj. OTLPE_New_Std.iso), dej vypálit. Dále postupuj jak u flash s pøenosem na druhý pc. Informuj mne o tim, že report byl vytvoøen z cd.

Na nakaženém pc!

- zasuò flash do PC, zapni
- pokud nedojde k naètení nebo dojde k BSOD (modré obrazovce) pøejdi do BIOS-u (vetšinou pøes tlaèítko del hned pøi zapnutí PC) kde nastavíš:
V Boot Sequence hledej usb bootable nebo other a nastav first
V AHCI Mode/Sata mode - jen v pøípadì BSOD - natav IDE
poznámka: každý bios je jiný, proto zevrubný popis
- pøi úspìšném startu operaèního systému "starting Reatogo-X-Pe" s usb se naète plocha, kde bude umístnìn soubor s názvem otlpe


Získávání logu
-------------------

- spus OTLpe
- dojde k výzvì pøipojení registru (Do you wish to load remote user profile(s) scanning), klik na YES
- zvol úèet administrátora (nebo s jeho oprávnìním, tj. tøeba tvùj profil pokud seš neomezený vládce :-D))
- pokud bude chtít pøipoj mu i uživatelské úèty nacházející se v profilech uživatelù (dat soubor)
- ponech nastavení programu tak jak je
- zde doplòek: - do bílého pole mající titulek "Customs scans/Fixes" programu zkopíruj následující skript taktéž z bílého pole:

Kód: Vybrat vše


netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
netlogon.dll
scecli.dll
user32.dll
winsrv.dll
ws2_32.dll
autochk.exe
cmd.exe
csrss.exe
explorer.exe
lsass.exe
ntkrnlpa.exe
ntoskrnl.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
regedit.exe
userinit.exe
winlogon.exe
wscript.exe
afd.sys
adp3132.sys
acpi.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys 
Changer.sys
fastfat.sys
i8042prt.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys 
JakNDis.sys
kbdclass.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys 
nvrd32.sys 
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
tdx.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
Win32k.sys
Wdf01000.sys
/md5stop
%systemroot%\system32\drivers\*.sys /md5

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\Spool\prtprocs\*.* /s
%systemroot%\system32\drivers\*.sys /10
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /10
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job
%systemroot%\*.* /U /s
%systemroot%\*. /rp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Nabídka Start\*.lnk /x
%ALLUSERSPROFILE%\Data Aplikácií\*.*
%ALLUSERSPROFILE%\Data Aplikácií\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\system32|bak;true;false;false /fp
%PROGRAMFILES%|bak;true;false;false /fp

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
bcdedit /v >C:\boot.txt /c
type C:\boot.txt >> test1.txt /c



CREATERESTOREPOINT

- Klik na Run Scan
- po chvíli šrotování by se mìl otevøít textový soubor, jehož obsah zkopíruj do svého pøíspìvku nebo vlož v podobì zip/rar souboru do pøílohy. Jinak je uložen C:\otl.txt
Koupím trochu času, cenu respektuji.
Nahoru
manatte
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 20 črc 2011 22:59

Re: vytížení pc na 100%

#20 Příspěvek od manatte »

OTL logfile created on: 7/18/2012 8:14:53 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Ceská republika | Language: CSY | Date Format: d.M.yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45.00 Gb Total Space | 12.28 Gb Free Space | 27.28% Space Free | Partition Type: NTFS
Drive D: | 45.21 Gb Total Space | 2.73 Gb Free Space | 6.03% Space Free | Partition Type: FAT32
Drive E: | 3.76 Gb Total Space | 3.76 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2012/02/20 02:00:10 | 000,482,992 | ---- | M] (Crawler.com) [Auto] -- C:\Program Files\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2012/01/04 08:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/11/28 14:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/02/03 05:19:07 | 000,077,944 | ---- | M] (Autodesk) [On_Demand] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2006/03/09 11:35:20 | 000,049,152 | ---- | M] ( ) [Auto] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe -- (Autodesk EDM Server)
SRV - [2006/03/09 08:23:56 | 000,040,960 | ---- | M] (Autodesk Inc) [Auto] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe -- (Autodesk Data Management Job Dispatch)
SRV - [2004/08/16 10:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/11/28 13:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 13:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 13:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 13:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 13:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 13:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 13:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/06/21 06:24:06 | 000,032,768 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011/02/03 04:58:30 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/04/05 11:38:00 | 000,132,352 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) Broadcom NetLink (TM)
DRV - [2005/03/24 11:54:08 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2005/03/04 11:37:26 | 000,008,704 | ---- | M] (Avocent/OSA Technologies Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2005/01/14 10:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2004/12/07 17:06:00 | 000,874,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/10/29 13:48:00 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004/07/19 08:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2004/06/25 09:31:00 | 000,276,480 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA)
DRV - [2004/06/25 09:29:00 | 000,034,048 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD)
DRV - [2004/06/10 10:00:00 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004/06/10 09:58:00 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/06/10 09:58:00 | 000,684,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.2.183.23\npGoogleOneClick8.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)



O1 HOSTS File: ([2012/07/17 12:29:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [EPM-DM] C:\Acer\ePM\EPM-DM.exe (Acer Inc)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [SafeQ Client] C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe ()
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštení\Akcelerátor spuštení AutoCADu.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštení\Service Manager.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 158.196.149.9 158.196.162.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\Physical0MBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/07/17 15:46:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Cookies
[2012/07/17 12:25:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/07/16 12:57:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/07/16 12:57:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/07/16 12:57:56 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/07/16 12:57:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/07/16 12:56:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/16 12:55:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/07/16 12:46:46 | 004,579,127 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2012/07/15 08:18:18 | 000,000,000 | ---D | C] -- C:\rsit
[2012/07/15 04:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\dvdcss
[2012/07/15 04:03:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012/06/24 12:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Trojkamen

========== Files - Modified Within 30 Days ==========

[2012/07/18 20:15:29 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin
[2012/07/18 12:46:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/18 12:46:08 | 2145,505,280 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/17 12:29:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/07/17 12:07:20 | 000,462,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/17 12:07:20 | 000,459,794 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012/07/17 12:07:20 | 000,092,496 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012/07/17 12:07:20 | 000,080,606 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/16 12:46:57 | 004,579,127 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
[2012/07/16 12:41:04 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Word.lnk
[2012/07/16 12:28:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/15 09:24:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/07/15 07:24:32 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/15 05:08:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012/07/15 05:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2012/07/03 07:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/07/18 20:15:29 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin
[2012/07/16 12:57:56 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/07/16 12:57:56 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/07/16 12:57:56 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/07/16 12:57:56 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/07/16 12:57:56 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/07/15 09:24:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/07/15 05:08:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012/04/04 16:22:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/20 16:21:04 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011/09/20 15:48:54 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2011/06/23 11:29:18 | 000,000,370 | ---- | C] () -- C:\WINDOWS\capture.ini
[2011/04/29 05:32:04 | 000,000,034 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2011/04/05 08:53:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2011/04/05 08:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\People
[2011/04/05 08:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Pedal Hard
[2011/04/05 08:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\PDEs
[2011/04/05 08:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PageLibraries
[2011/04/05 08:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\Overdrive
[2011/04/05 08:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\Organs
[2011/04/05 08:45:39 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2011/04/05 08:45:39 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2011/04/05 08:45:39 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2011/04/05 08:45:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Podcasting
[2011/04/05 08:45:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Plug-Ins
[2011/04/05 08:45:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Plants
[2011/03/30 05:36:37 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2011/03/24 13:58:09 | 000,000,298 | ---- | C] () -- C:\WINDOWS\setting1.ini
[2011/03/24 13:58:04 | 000,000,079 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2011/03/24 13:57:21 | 002,355,200 | ---- | C] () -- C:\WINDOWS\System32\SAFEQVS.DLL
[2011/03/24 13:57:21 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\SafeQCairoLib.DLL
[2011/03/24 13:57:21 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SAFEQUI.DLL
[2011/03/24 13:57:00 | 000,000,603 | ---- | C] () -- C:\WINDOWS\setting.ini
[2011/03/04 06:04:06 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\fusioncache.dat
[2011/03/04 05:53:29 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\fusioncache.dat
[2011/03/04 05:40:16 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
[2011/02/16 12:23:14 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/02/03 18:16:15 | 000,896,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011/02/03 07:19:36 | 000,113,152 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/03 04:35:01 | 000,002,236 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/02 19:54:33 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/02 19:52:56 | 000,384,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/02 19:07:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/02 19:00:32 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/10/14 06:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/10/14 06:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/10/14 06:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/10/14 06:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/10/14 06:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/10/14 06:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/10/14 06:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/10/14 06:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/10/14 06:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2004/08/17 09:58:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 08:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001/10/25 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/10/25 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/10/25 08:00:00 | 000,462,690 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/10/25 08:00:00 | 000,459,794 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001/10/25 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/10/25 08:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001/10/25 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/10/25 08:00:00 | 000,092,496 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001/10/25 08:00:00 | 000,080,606 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/10/25 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/10/25 08:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001/10/25 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/10/25 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/10/25 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011/03/04 05:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Autodesk
[2011/02/03 05:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2011/04/25 18:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011/04/18 11:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Jpeg Resampler
[2011/04/29 05:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LangSoft
[2011/04/05 08:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nikon
[2012/02/24 11:54:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nokia
[2012/02/24 12:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2011/02/03 04:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\QipGuard
[2012/03/20 16:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2011/04/27 09:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Zoner
[2011/02/03 04:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011/03/04 06:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2011/02/03 04:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011/04/05 08:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2011/04/29 05:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2011/04/06 03:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2012/02/24 11:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2012/03/12 15:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2012/02/24 11:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012/07/18 11:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2011/04/05 08:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2011/02/24 10:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2011/08/19 11:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >



< MD5 for: ACPI.SYS >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:acpi.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:acpi.sys
[2008/04/14 02:35:42 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008/04/14 02:35:42 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
[2004/08/17 09:43:12 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys

< MD5 for: AFD.SYS >
[2008/04/13 19:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2008/04/13 19:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\system32\drivers\afd.sys
[2004/08/03 17:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtServicePackUninstall$\afd.sys

< MD5 for: AGP440.SYS >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008/04/13 19:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008/04/13 19:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/04/14 03:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008/04/14 03:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008/04/14 03:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004/08/17 09:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 19:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 19:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/03 16:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CHANGER.SYS >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008/04/13 19:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: CMD.EXE >
[2004/08/17 09:49:24 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=4E5BE66CD70D52637589E9C3E2C1696D -- C:\WINDOWS\$NtServicePackUninstall$\cmd.exe
[2008/04/14 03:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\ServicePackFiles\i386\cmd.exe
[2008/04/14 03:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\cmd.exe

< MD5 for: CRYPTSVC.DLL >
[2004/08/17 09:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008/04/14 03:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008/04/14 03:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008/04/14 03:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2004/08/17 09:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008/04/14 03:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/14 03:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008/04/14 03:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008/04/14 03:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004/08/17 09:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/14 03:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008/04/14 03:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008/04/14 03:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/17 09:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: FASTFAT.SYS >
[2004/08/03 17:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008/04/13 19:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008/04/13 19:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008/04/13 19:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008/04/13 19:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004/08/03 16:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: I8042PRT.SYS >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:i8042prt.sys
[2004/08/17 09:44:12 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=0F42DE9909B5DBF2C48DD1A79D491AF5 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys
[2008/04/14 02:51:16 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
[2008/04/14 02:51:16 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys

< MD5 for: ISAPNP.SYS >
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001/10/25 08:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001/10/25 08:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008/04/14 02:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008/04/14 02:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdclass.sys
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:kbdclass.sys
[2008/04/14 02:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\erdnt\cache\kbdclass.sys
[2008/04/14 02:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys
[2008/04/14 02:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2004/08/17 09:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6F877BF8DC01A550CD666F3BEDB2213C -- C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys

< MD5 for: LSASS.EXE >
[2004/08/17 09:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008/04/14 03:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008/04/14 03:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008/04/14 03:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008/04/13 19:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008/04/13 19:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 19:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004/08/03 17:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004/08/17 09:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/14 03:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008/04/14 03:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008/04/13 19:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\erdnt\cache\ntfs.sys
[2008/04/13 19:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008/04/13 19:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 18:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2004/08/03 17:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntkrnlpa.exe
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ntkrnlpa.exe
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:ntkrnlpa.exe
[2008/04/14 03:06:34 | 002,067,968 | ---- | M] (Microsoft Corporation) MD5=4DEE41C45E803DB91A72FD1BA69C05EE -- C:\WINDOWS\erdnt\cache\ntkrnlpa.exe
[2008/04/14 03:06:34 | 002,067,968 | ---- | M] (Microsoft Corporation) MD5=4DEE41C45E803DB91A72FD1BA69C05EE -- C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
[2008/04/14 03:06:34 | 002,067,968 | ---- | M] (Microsoft Corporation) MD5=4DEE41C45E803DB91A72FD1BA69C05EE -- C:\WINDOWS\system32\ntkrnlpa.exe
[2004/08/17 09:57:28 | 002,059,008 | ---- | M] (Microsoft Corporation) MD5=E86DD06F2B8F919DDF23F78A3BF2AA23 -- C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2004/08/17 09:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntoskrnl.exe
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:ntoskrnl.exe
[2008/04/14 04:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:ntoskrnl.exe
[2004/08/17 09:45:38 | 002,183,168 | ---- | M] (Microsoft Corporation) MD5=12C80E46DCEC9B82473D1B1B9DA1F16B -- C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
[2008/04/14 03:07:10 | 002,191,104 | ---- | M] (Microsoft Corporation) MD5=C1536014AC1CB1D5397E31D9735E6571 -- C:\WINDOWS\erdnt\cache\ntoskrnl.exe
[2008/04/14 03:07:10 | 002,191,104 | ---- | M] (Microsoft Corporation) MD5=C1536014AC1CB1D5397E31D9735E6571 -- C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
[2008/04/14 03:07:10 | 002,191,104 | ---- | M] (Microsoft Corporation) MD5=C1536014AC1CB1D5397E31D9735E6571 -- C:\WINDOWS\system32\ntoskrnl.exe

< MD5 for: REGEDIT.EXE >
[2004/08/17 09:49:28 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2008/04/14 03:52:44 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\erdnt\cache\regedit.exe
[2008/04/14 03:52:44 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\regedit.exe
[2008/04/14 03:52:44 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe

< MD5 for: SCECLI.DLL >
[2004/08/17 09:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 03:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008/04/14 03:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2004/08/17 09:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2008/04/14 03:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\erdnt\cache\services.exe
[2008/04/14 03:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008/04/14 03:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\system32\services.exe

< MD5 for: SMSS.EXE >
[2004/08/17 09:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004/08/17 10:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008/04/14 03:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008/04/14 03:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2004/08/17 09:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2008/04/14 03:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\erdnt\cache\spoolsv.exe
[2008/04/14 03:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2008/04/14 03:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2012/07/03 07:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/04/14 03:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/14 03:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 03:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004/08/17 09:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/04/13 19:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008/04/13 19:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/04/13 19:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004/08/03 17:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

< MD5 for: USER32.DLL >
[2004/08/17 09:49:20 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1B4CCC59980DA34E75F20E42B283B027 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008/04/14 03:52:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\erdnt\cache\user32.dll
[2008/04/14 03:52:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/14 03:52:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\system32\user32.dll

< MD5 for: USERINIT.EXE >
[2008/04/14 03:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008/04/14 03:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 03:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004/08/17 09:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WDF01000.SYS >
[2009/07/14 05:35:16 | 000,444,136 | ---- | M] (Microsoft Corporation) MD5=D918617B46457B9AC28027722E30F647 -- C:\WINDOWS\system32\drivers\wdf01000.sys

< MD5 for: WIN32K.SYS >
[2008/04/14 02:45:36 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2008/04/14 02:45:36 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\system32\win32k.sys
[2004/08/17 09:44:44 | 001,835,904 | ---- | M] (Microsoft Corporation) MD5=F935B816A5B3D08E519D9EEBD65A6672 -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys

< MD5 for: WINLOGON.EXE >
[2004/08/17 09:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/07/03 07:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 03:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008/04/14 03:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 03:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WINSRV.DLL >
[2008/04/14 03:52:06 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
[2008/04/14 03:52:06 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\system32\winsrv.dll
[2004/08/17 09:49:22 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=E4E57FBA176F2752527B1D53A663D2D7 -- C:\WINDOWS\$NtServicePackUninstall$\winsrv.dll

< MD5 for: WS2_32.DLL >
[2004/08/17 09:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008/04/14 03:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008/04/14 03:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008/04/14 03:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2008/04/14 03:52:56 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=279C5962E62940A62C7DC4EEA707CD5D -- C:\WINDOWS\ServicePackFiles\i386\wscript.exe
[2008/04/14 03:52:56 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=279C5962E62940A62C7DC4EEA707CD5D -- C:\WINDOWS\system32\wscript.exe
[2004/08/17 09:49:30 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=8570AC76924CE5444AB664462DE8FFE5 -- C:\WINDOWS\$NtServicePackUninstall$\wscript.exe

< %systemroot%\system32\drivers\*.sys /md5 >
[2008/04/13 19:16:20 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=C1536905AD2067812A238BCE998F4BFF -- C:\WINDOWS\system32\drivers\1394bus.sys
[2011/11/28 13:48:49 | 000,030,808 | ---- | M] (AVAST Software) MD5=B6DE0336F9F4B687B4FF57939F7B657A -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2008/04/14 02:35:42 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
[2001/10/25 08:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=AFDFF022A01F0B11C776F0860C3B282F -- C:\WINDOWS\system32\drivers\acpiec.sys
[2008/04/13 17:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys
[2008/04/13 19:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\system32\drivers\afd.sys
[2008/04/13 19:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2008/04/13 19:06:40 | 000,044,928 | ---- | M] (Microsoft Corporation) MD5=03A7E0922ACFE1B07D5DB2EEB0773063 -- C:\WINDOWS\system32\drivers\agpcpq.sys
[2008/04/13 19:06:40 | 000,042,752 | ---- | M] (Microsoft Corporation) MD5=CB08AED0DE2DD889A8A820CD8082D83C -- C:\WINDOWS\system32\drivers\alim1541.sys
[2008/04/13 19:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) MD5=95B4FB835E28AA1336CEEB07FD5B9398 -- C:\WINDOWS\system32\drivers\amdagp.sys
[2008/04/14 02:38:34 | 000,041,216 | ---- | M] (Microsoft Corporation) MD5=AA2D3A86F7B551AA227B17EFAEAB7D22 -- C:\WINDOWS\system32\drivers\amdk6.sys
[2008/04/14 02:38:34 | 000,041,600 | ---- | M] (Microsoft Corporation) MD5=3980814F8027D27EA003E2E3D9D4F604 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2008/04/13 19:21:26 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=B5B8A80875C1DEDEDA8B02765642C32F -- C:\WINDOWS\system32\drivers\arp1394.sys
[2011/11/28 13:51:50 | 000,020,568 | ---- | M] (AVAST Software) MD5=054DF24C92B55427E0757CFFF160E4F2 -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2011/11/28 13:51:59 | 000,105,176 | ---- | M] (AVAST Software) MD5=05A9CF1C69B553260C4927E33F0BF3EC -- C:\WINDOWS\system32\drivers\aswmon.sys
[2011/11/28 13:52:02 | 000,111,320 | ---- | M] (AVAST Software) MD5=EF0E9AD83380724BD6FBBB51D2D0F5B8 -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2011/11/28 13:52:19 | 000,034,392 | ---- | M] (AVAST Software) MD5=352D5A48EBAB35A7693B048679304831 -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2011/11/28 13:53:53 | 000,435,032 | ---- | M] (AVAST Software) MD5=8D34D2B24297E27D93E847319ABFDEC4 -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2011/11/28 13:53:35 | 000,314,456 | ---- | M] (AVAST Software) MD5=010012597333DA1F46C3243F33F8409E -- C:\WINDOWS\system32\drivers\aswSP.sys
[2011/11/28 13:52:16 | 000,052,952 | ---- | M] (AVAST Software) MD5=F9F84364416658E9786235904D448D37 -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2008/04/13 19:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=B153AFFAC761E7F5FCFA822B9C4E97BC -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2008/04/13 19:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 17:04:18 | 000,056,623 | ---- | M] (ATI Technologies Inc.) MD5=D649C57DA6FA762C64013747E5D7D2D6 -- C:\WINDOWS\system32\drivers\ati1btxx.sys
[2008/04/13 17:04:18 | 000,011,615 | ---- | M] (ATI Technologies Inc.) MD5=60B6AA2DC1521DA343F781B70EB7895A -- C:\WINDOWS\system32\drivers\ati1mdxx.sys
[2008/04/13 17:04:18 | 000,012,047 | ---- | M] (ATI Technologies Inc.) MD5=6FDC61E8E8E17F6ECC2D9A10FA8DF347 -- C:\WINDOWS\system32\drivers\ati1pdxx.sys
[2008/04/13 17:04:18 | 000,030,671 | ---- | M] (ATI Technologies Inc.) MD5=9D318099BF3876A4AF4BC75966D27603 -- C:\WINDOWS\system32\drivers\ati1raxx.sys
[2008/04/13 17:04:18 | 000,063,663 | ---- | M] (ATI Technologies Inc.) MD5=BCAF267B10620F8C93F6E87AB726E145 -- C:\WINDOWS\system32\drivers\ati1rvxx.sys
[2008/04/13 17:04:18 | 000,026,367 | ---- | M] (ATI Technologies Inc.) MD5=DAC7D785CF62F5BD41441E9D6F5A6EFE -- C:\WINDOWS\system32\drivers\ati1snxx.sys
[2008/04/13 17:04:18 | 000,021,343 | ---- | M] (ATI Technologies Inc.) MD5=F7706DAE7D101F1B19CE552D772EBFCE -- C:\WINDOWS\system32\drivers\ati1ttxx.sys
[2008/04/13 17:04:18 | 000,036,463 | ---- | M] (ATI Technologies Inc.) MD5=6F714B4720DD80FFA9F8D2731594EA4C -- C:\WINDOWS\system32\drivers\ati1tuxx.sys
[2008/04/13 17:04:20 | 000,029,455 | ---- | M] (ATI Technologies Inc.) MD5=67FFBC158DD4D27BA3FC92C6ACD87F73 -- C:\WINDOWS\system32\drivers\ati1xbxx.sys
[2008/04/13 17:04:20 | 000,034,735 | ---- | M] (ATI Technologies Inc.) MD5=0D8CAB1F08F7D3C4DE228B49E12E596A -- C:\WINDOWS\system32\drivers\ati1xsxx.sys
[2008/04/14 02:40:46 | 000,326,912 | ---- | M] (ATI Technologies Inc.) MD5=6C6416058635B6FA00263D22A1740E37 -- C:\WINDOWS\system32\drivers\ati2mtaa.sys
[2004/12/07 17:06:00 | 000,874,496 | ---- | M] (ATI Technologies Inc.) MD5=375EAC7DA270DA658501EE766F960201 -- C:\WINDOWS\system32\drivers\ati2mtag.sys
[2008/04/13 17:04:18 | 000,057,856 | ---- | M] (ATI Technologies Inc.) MD5=993E7BD6438FE989E328C6B4BCA246A9 -- C:\WINDOWS\system32\drivers\atinbtxx.sys
[2008/04/13 17:04:18 | 000,013,824 | ---- | M] (ATI Technologies Inc.) MD5=ED4C2BF8403F4437987C0BA09CF48716 -- C:\WINDOWS\system32\drivers\atinmdxx.sys
[2008/04/13 17:04:18 | 000,014,336 | ---- | M] (ATI Technologies Inc.) MD5=E90AC2B14E98F1A4372E5891B4278784 -- C:\WINDOWS\system32\drivers\atinpdxx.sys
[2008/04/13 17:04:18 | 000,052,224 | ---- | M] (ATI Technologies Inc.) MD5=DA36687D701C833430605A298731410B -- C:\WINDOWS\system32\drivers\atinraxx.sys
[2008/04/13 17:04:18 | 000,104,960 | ---- | M] (ATI Technologies Inc.) MD5=A7A01B907DB63898D40B0A14248FF9A2 -- C:\WINDOWS\system32\drivers\atinrvxx.sys
[2008/04/13 17:04:18 | 000,028,672 | ---- | M] (ATI Technologies Inc.) MD5=CEDDEE2E0591894D19654D458FD3B9BE -- C:\WINDOWS\system32\drivers\atinsnxx.sys
[2008/04/13 17:04:18 | 000,013,824 | ---- | M] (ATI Technologies Inc.) MD5=D80A8F6C0A717446496C3A06D33B0D9C -- C:\WINDOWS\system32\drivers\atinttxx.sys
[2008/04/13 17:04:18 | 000,073,216 | ---- | M] (ATI Technologies Inc.) MD5=EDD66332608D27F4FD5069BCD0BC5164 -- C:\WINDOWS\system32\drivers\atintuxx.sys
[2008/04/13 17:04:20 | 000,031,744 | ---- | M] (ATI Technologies Inc.) MD5=3E7D485CBD0B0D9F6EA2AD9442411831 -- C:\WINDOWS\system32\drivers\atinxbxx.sys
[2008/04/13 17:04:20 | 000,063,488 | ---- | M] (ATI Technologies Inc.) MD5=77B575D7AAB35D5908AE6CE681608D62 -- C:\WINDOWS\system32\drivers\atinxsxx.sys
[2008/04/13 19:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=9916C1225104BA14794209CFA8012159 -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2001/10/25 08:00:00 | 000,031,360 | ---- | M] (Microsoft Corporation) MD5=39A0A59180F19946374275745B21AEBA -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2008/04/13 19:21:32 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=AE76348A2605FB197FA8FF1D6F547836 -- C:\WINDOWS\system32\drivers\atmlane.sys
[2001/10/25 08:00:00 | 000,352,256 | ---- | M] (Microsoft Corporation) MD5=E7EF69B38D17BA01F914AE8F66216A38 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001/08/17 17:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=D9F724AA26C010A217C97606B160ED68 -- C:\WINDOWS\system32\drivers\audstub.sys
[2005/04/05 11:38:00 | 000,132,352 | R--- | M] (Broadcom Corporation) MD5=48BF91CFFBCDD12A710207F2A08FEC4D -- C:\WINDOWS\system32\drivers\b57xp32.sys
[2008/04/13 19:06:34 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=0D93976F7801B7FCD8135CC77257BBD0 -- C:\WINDOWS\system32\drivers\battc.sys
[2001/10/25 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[2008/04/13 19:23:24 | 000,071,552 | ---- | M] (Microsoft Corporation) MD5=F934D1B230F84E1D19DD00AC5A7A83ED -- C:\WINDOWS\system32\drivers\bridge.sys
[2008/04/13 19:16:34 | 000,017,024 | ---- | M] (Microsoft Corporation) MD5=B279426E3C0C344893ED78A613A73BDE -- C:\WINDOWS\system32\drivers\bthenum.sys
[2008/04/13 19:16:34 | 000,037,888 | ---- | M] (Microsoft Corporation) MD5=FCA6F069597B62D42495191ACE3FC6C1 -- C:\WINDOWS\system32\drivers\bthmodem.sys
[2008/04/13 19:21:36 | 000,101,120 | ---- | M] (Microsoft Corporation) MD5=80602B8746D3738F5886CE3D67EF06B6 -- C:\WINDOWS\system32\drivers\bthpan.sys
[2008/04/14 02:45:10 | 000,272,896 | ---- | M] (Microsoft Corporation) MD5=164F186E09F26BA47B89E4DB9B0AAF1E -- C:\WINDOWS\system32\drivers\bthport.sys
[2008/04/13 19:16:32 | 000,036,480 | ---- | M] (Microsoft Corporation) MD5=BB68CEBFFD181E18A26112D1B9F90F3D -- C:\WINDOWS\system32\drivers\bthprint.sys
[2008/04/13 19:16:30 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=61364CD71EF63B0F038B7E9DF00F1EFA -- C:\WINDOWS\system32\drivers\bthusb.sys
[2004/06/25 09:29:00 | 000,034,048 | ---- | M] (Conexant Systems Inc.) MD5=BAA90D983F77759FC70C65A1CE3D3566 -- C:\WINDOWS\system32\drivers\camcaud.sys
[2004/06/25 09:31:00 | 000,276,480 | ---- | M] (Conexant Systems Inc.) MD5=90D9C324DF48BB8E3024E79F5C181784 -- C:\WINDOWS\system32\drivers\camchal.sys
[2001/10/25 08:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) MD5=90A673FC8E12A79AFBED2576F6A7AAF9 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2001/10/25 08:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) MD5=C1B486A7658353D33A10CC15211A873B -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2008/04/13 19:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=C885B02847F5D2FD45A24E219ED93B32 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2008/04/13 19:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2001/10/25 08:00:00 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) MD5=30274D9BC25A43BF14891E710216EBC4 -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2008/04/13 19:46:24 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=FE47DD8FE6D7768FF94EBEC6C74B2719 -- C:\WINDOWS\system32\drivers\classpnp.sys
[2008/04/13 19:06:38 | 000,013,952 | ---- | M] (Microsoft Corporation) MD5=0F6C187D38D98F8DF904589A5F94D411 -- C:\WINDOWS\system32\drivers\cmbatt.sys
[2008/04/13 19:06:38 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=6E4C9F21F0FAE8940661144F41B13203 -- C:\WINDOWS\system32\drivers\compbatt.sys
[2001/10/25 08:00:00 | 000,011,776 | ---- | M] (Compaq Computer Corporation) MD5=9624293E55AD405415862B504CA95B73 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2008/04/14 02:56:50 | 000,040,576 | ---- | M] (Microsoft Corporation) MD5=57FFB078B71F5B5E7A3DFF40F0F47711 -- C:\WINDOWS\system32\drivers\crusoe.sys
[2008/04/13 19:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 19:10:46 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=E65E2353A5D74EA89971CB918EEEB2F6 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2008/04/14 03:00:50 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) MD5=DB5FD2BF5B07DC54BFCB3664FF05BD7C -- C:\WINDOWS\system32\drivers\dmboot.sys
[2008/04/14 03:01:04 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) MD5=FFF1720AF51171F32F1EAD5CF71F2810 -- C:\WINDOWS\system32\drivers\dmio.sys
[2001/10/25 08:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) MD5=E9317282A63CA4D188C0DF5E09C6AC5F -- C:\WINDOWS\system32\drivers\dmload.sys
[2008/04/13 19:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) MD5=8A208DFCF89792A484E76C40E5F50B45 -- C:\WINDOWS\system32\drivers\dmusic.sys
[2008/04/13 19:15:16 | 000,060,160 | ---- | M] (Microsoft Corporation) MD5=6CB08593487F5701D2D2254E693EAFCE -- C:\WINDOWS\system32\drivers\drmk.sys
[2008/04/13 19:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=8F5FCFF8E8848AFAC920905FBD9D33C8 -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2011/02/03 04:58:30 | 000,218,688 | ---- | M] (DT Soft Ltd) MD5=555E54AC2F601A8821CEF58961653991 -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
[2001/10/25 08:00:00 | 000,010,496 | ---- | M] (Microsoft Corporation) MD5=FE97D0343ACFDEBDD578FC67CC91FA87 -- C:\WINDOWS\system32\drivers\dxapi.sys
[2008/04/13 19:08:30 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=AC7280566A7BB85CB3291F04DDC1198E -- C:\WINDOWS\system32\drivers\dxg.sys
[2001/10/25 08:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation)
Nahoru
manatte
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 20 črc 2011 22:59

Re: vytížení pc na 100%

#21 Příspěvek od manatte »

MD5=A73F5D6705B1D820C19B18782E176EFD -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) MD5=CE37E3D51912E59C80C6D84337C0B4CD -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys
[2009/02/17 13:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) MD5=178CC9403816C082D22A1D47FA1F9C85 -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys
[2001/08/17 17:46:40 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=80D1B490B60E74E002DC116EC5D41748 -- C:\WINDOWS\system32\drivers\enum1394.sys
[2004/07/19 08:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) MD5=D68564FCFBDFC04280CDBBB37CF7EF7F -- C:\WINDOWS\system32\drivers\epm-psd.sys
[2005/03/24 11:54:08 | 000,078,208 | ---- | M] (Acer Value Labs, USA) MD5=B2D71BA438701B5F0368B958BEA2DC62 -- C:\WINDOWS\system32\drivers\epm-shd.sys
[2008/04/13 19:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008/04/13 19:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) MD5=92CDD60B6730B9F50F6A1A0C1F8CDC81 -- C:\WINDOWS\system32\drivers\fdc.sys
[2008/04/14 02:43:24 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=AC366695A0796560AA37215AD5762AAF -- C:\WINDOWS\system32\drivers\fips.sys
[2008/04/13 19:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=9D27E7B80BFCDF1CDD9B555862D5E7F0 -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2008/04/13 19:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) MD5=B2CF4B0786F8212CB92ED2B50C6DB6B0 -- C:\WINDOWS\system32\drivers\fltmgr.sys
[2001/10/25 08:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) MD5=9996A605D10E8C7DAA29A380EAEF51AE -- C:\WINDOWS\system32\drivers\fsvga.sys
[2001/10/25 08:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) MD5=3E1E2BD4F39B0E2B7DC4F4D2BCC2779A -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2001/10/25 08:00:00 | 000,125,184 | ---- | M] (Microsoft Corporation) MD5=4E664D8541DB4A66B73A24257E322E1F -- C:\WINDOWS\system32\drivers\ftdisk.sys
[2008/04/13 19:06:42 | 000,046,464 | ---- | M] (Microsoft Corporation) MD5=3A74C423CF6BCCA6982715878F450A3B -- C:\WINDOWS\system32\drivers\gagp30kx.sys
[2009/05/18 07:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
[2008/04/13 17:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) MD5=573C7D0A32852B48F3058CFD8026F511 -- C:\WINDOWS\system32\drivers\hdaudbus.sys
[2008/04/14 02:49:08 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=0D349DC78C6EE16E655557E325A67D9C -- C:\WINDOWS\system32\drivers\hidbth.sys
[2008/04/13 19:15:28 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=1AF592532532A402ED7C060F6954004F -- C:\WINDOWS\system32\drivers\hidclass.sys
[2008/04/13 19:15:28 | 000,019,200 | ---- | M] (Microsoft Corporation) MD5=BB1A6FB7D35A91E599973FA74A619056 -- C:\WINDOWS\system32\drivers\hidir.sys
[2008/04/13 19:15:24 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=96ECCF28FDBF1B2CC12725818A63628D -- C:\WINDOWS\system32\drivers\hidparse.sys
[2008/04/13 19:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) MD5=CCF82C5EC8A7326C3066DE870C06DAF1 -- C:\WINDOWS\system32\drivers\hidusb.sys
[2008/04/13 18:53:50 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) MD5=970178E8E003EB1481293830069624B9 -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
[2008/04/13 18:53:52 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) MD5=1225EBEA76AAC3C84DF6C54FE5E5D8BE -- C:\WINDOWS\system32\drivers\hsfcxts2.sys
[2008/04/13 18:53:54 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) MD5=EBB354438A4C5A3327FB97306260714A -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
[2004/06/10 10:00:00 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) MD5=FAC3B0A7EC158C4582D23EDA4C5A56E9 -- C:\WINDOWS\system32\drivers\HSFHWICH.sys
[2004/06/10 09:58:00 | 000,684,800 | ---- | M] (Conexant Systems, Inc.) MD5=2E84A40836B2A8DC523CB530C7262AC3 -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys
[2004/06/10 09:58:00 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) MD5=E5ADD2AFECBF514F5CCA730EDFDFB49E -- C:\WINDOWS\system32\drivers\HSF_DP.sys
[2008/04/13 19:23:54 | 000,264,832 | ---- | M] (Microsoft Corporation) MD5=F6AACF5BCE2893E0C1754AFEB672E5C9 -- C:\WINDOWS\system32\drivers\http.sys
[2008/04/14 02:51:16 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2008/04/13 19:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) MD5=083A052659F5310DD8B6A6CB05EDCF8E -- C:\WINDOWS\system32\drivers\imapi.sys
[2008/04/14 02:55:54 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=57D928E548B38502ABBA7A77A6EB7312 -- C:\WINDOWS\system32\drivers\intelide.sys
[2008/04/14 02:55:56 | 000,040,192 | ---- | M] (Microsoft Corporation) MD5=27B290D632AF2CF3CF40BFDDB7370985 -- C:\WINDOWS\system32\drivers\intelppm.sys
[2008/04/13 19:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) MD5=3BB22519A194418D5FEC05D800A19AD0 -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2001/10/25 08:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=731F22BA402EE4B62748ADAF6363C182 -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2008/04/13 19:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) MD5=B87AB476DCF76E72010632B5550955F5 -- C:\WINDOWS\system32\drivers\ipinip.sys
[2008/04/13 19:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) MD5=CC748EA12C6EFFDE940EE98098BF96BB -- C:\WINDOWS\system32\drivers\ipnat.sys
[2008/04/13 19:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2008/04/13 19:15:36 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=B43B36B382AEA10861F7C7A37F9D4AE2 -- C:\WINDOWS\system32\drivers\irbus.sys
[2008/04/13 19:24:38 | 000,088,192 | ---- | M] (Microsoft Corporation) MD5=ACA5E7B54409F9CB5EED97ED0C81120E -- C:\WINDOWS\system32\drivers\irda.sys
[2008/04/13 19:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=C93C9FF7B04D772627A3646D89F7BF89 -- C:\WINDOWS\system32\drivers\irenum.sys
[2008/04/14 02:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008/04/14 02:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008/04/14 01:59:08 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=86C8F23616C6C6E5B2776901C17B945B -- C:\WINDOWS\system32\drivers\kbdhid.sys
[2008/04/13 19:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) MD5=692BCF44383D056AED41B045A323D378 -- C:\WINDOWS\system32\drivers\kmixer.sys
[2008/04/13 19:46:38 | 000,141,056 | ---- | M] (Microsoft Corporation) MD5=0753515F78DF7F271A5E61C20BCD36A1 -- C:\WINDOWS\system32\drivers\ks.sys
[2008/04/13 19:01:44 | 000,092,288 | ---- | M] (Microsoft Corporation) MD5=1705745D900DABF2D89F90EBADDC7517 -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2012/07/03 07:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) MD5=6DFE7F2E8E8A337263AA5C92A215F161 -- C:\WINDOWS\system32\drivers\mbam.sys
[2001/10/25 08:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D1F8BE91ED4DDB671D42E473E3FE71AB -- C:\WINDOWS\system32\drivers\mcd.sys
[2004/03/17 06:04:00 | 000,013,059 | ---- | M] (Conexant) MD5=3C318B9CD391371BED62126581EE9961 -- C:\WINDOWS\system32\drivers\mdmxsdk.sys
[2008/04/13 19:06:42 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=A7DA20AB18A1BDAE28B0F349E57DA0D1 -- C:\WINDOWS\system32\drivers\mf.sys
[2001/10/25 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4AE068242760A1FB6E1A44BF4E16AFA6 -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2008/04/14 02:36:20 | 000,030,080 | ---- | M] (Microsoft Corporation) MD5=44032B0C6D9954D3FD26438330B99EE7 -- C:\WINDOWS\system32\drivers\modem.sys
[2008/04/14 02:36:34 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=4CB582831DBDE63CE43B45D771218374 -- C:\WINDOWS\system32\drivers\mouclass.sys
[2001/10/25 08:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) MD5=BB269EBA740737AB749B214D568B6812 -- C:\WINDOWS\system32\drivers\mouhid.sys
[2008/04/13 19:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2008/04/13 19:09:46 | 000,092,544 | ---- | M] (Microsoft Corporation) MD5=70C14F5CCA5CF73F8A645C73A01D8726 -- C:\WINDOWS\system32\drivers\mqac.sys
[2008/04/13 19:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) MD5=11D42BB6206F33FBB3BA0288D3EF81BD -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2008/04/13 19:47:02 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2008/04/13 19:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=C941EA2454BA8350021D774DAF0F1027 -- C:\WINDOWS\system32\drivers\msfs.sys
[2008/04/13 19:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) MD5=0A02C63C8B144BD8C86B103DEE7C86A2 -- C:\WINDOWS\system32\drivers\msgpc.sys
[2008/04/13 19:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) MD5=D1575E71568F4D9E14CA56B7B0453BF1 -- C:\WINDOWS\system32\drivers\mskssrv.sys
[2008/04/13 19:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) MD5=325BB26842FC7CCC1FCCE2C457317F3E -- C:\WINDOWS\system32\drivers\mspclock.sys
[2008/04/13 19:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) MD5=BAD59648BA099DA4A17680B39730CB3D -- C:\WINDOWS\system32\drivers\mspqm.sys
[2008/04/13 19:06:48 | 000,015,488 | ---- | M] (Microsoft Corporation) MD5=AF5F4F3F14A8EA2C26DE30F7A1E17136 -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2008/04/13 18:53:42 | 000,126,686 | ---- | M] (Smart Link) MD5=C53775780148884AC87C455489A0C070 -- C:\WINDOWS\system32\drivers\mtlmnt5.sys
[2008/04/13 18:53:40 | 001,309,184 | ---- | M] (Smart Link) MD5=54886A652BF5685192141DF304E923FD -- C:\WINDOWS\system32\drivers\mtlstrm.sys
[2008/04/13 17:04:28 | 000,452,736 | ---- | M] (Matrox Graphics Inc.) MD5=6DDA78A0BE692B61B668FAB860F276CF -- C:\WINDOWS\system32\drivers\mtxparhm.sys
[2008/04/13 19:47:06 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=2F625D11385B1A94360BFC70AAEFDEE1 -- C:\WINDOWS\system32\drivers\mup.sys
[2008/04/13 19:13:56 | 000,012,672 | ---- | M] (Microsoft Corporation) MD5=B538DCD9816EA35FA4F637CFC261AAA8 -- C:\WINDOWS\system32\drivers\mutohpen.sys
[2008/04/13 19:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2008/04/13 19:27:28 | 000,010,112 | ---- | M] (Microsoft Corporation) MD5=1AB3D00C991AB086E69DB84B6C0ED78F -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2008/04/13 19:26:00 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=F927A4434C5028758A842943EF1A3849 -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2008/04/13 19:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) MD5=EDC1531A49C80614B2CFDA43CA8659AB -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2008/04/13 19:27:30 | 000,040,576 | ---- | M] (Microsoft Corporation) MD5=6215023940CFD3702B46ABC304E1D45A -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2008/04/13 19:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -- C:\WINDOWS\system32\drivers\netbios.sys
[2008/04/13 19:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys
[2008/04/13 19:21:26 | 000,061,824 | ---- | M] (Microsoft Corporation) MD5=E9E47CFB2D461FA0FC75B7A74C6383EA -- C:\WINDOWS\system32\drivers\nic1394.sys
[2001/10/25 08:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=BE984D604D91C217355CDD3737AAD25D -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2008/04/13 19:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) MD5=1E421A6BCF2203CC61B821ADA9DE878B -- C:\WINDOWS\system32\drivers\nmnt.sys
[2008/04/13 19:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) MD5=3182D64AE053D6FB034F44B6DEF8034A -- C:\WINDOWS\system32\drivers\npfs.sys
[2008/04/13 19:24:38 | 000,028,672 | ---- | M] (National Semiconductor Corporation) MD5=2ADC0CA9945C65284B3D19BC18765974 -- C:\WINDOWS\system32\drivers\nscirda.sys
[2008/04/13 19:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2008/04/13 18:53:42 | 000,180,360 | ---- | M] (Smart Link) MD5=576B34CEAE5B7E5D9FD2775E93B3DB53 -- C:\WINDOWS\system32\drivers\ntmtlfax.sys
[2001/10/25 08:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=73C1E1F395918BC2C6DD67AF7591A3AD -- C:\WINDOWS\system32\drivers\null.sys
[2008/04/13 17:04:32 | 001,897,408 | ---- | M] (NVIDIA Corporation) MD5=2B298519EDBFCF451D43E0F1E8F1006D -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2001/10/25 08:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) MD5=B305F3FAD35083837EF46A0BBCE2FC57 -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2001/10/25 08:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) MD5=C99B3415198D1AAB7227F2C88FD664B9 -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2008/04/13 19:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) MD5=8B8B1BE2DBA4025DA6786C645F77F123 -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2001/10/25 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) MD5=56D34A67C05E94E16377C60609741FF8 -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2001/10/25 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) MD5=C0BB7D1615E1ACBDC99757F6CEAF8CF0 -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2008/04/13 19:04:14 | 000,163,584 | ---- | M] (Microsoft Corporation) MD5=36B9B950E3D2E100970A48D8BAD86740 -- C:\WINDOWS\system32\drivers\nwrdr.sys
[2008/04/13 19:16:20 | 000,061,696 | ---- | M] (Microsoft Corporation) MD5=CA33832DF41AFB202EE7AEB05145922F -- C:\WINDOWS\system32\drivers\ohci1394.sys
[2001/10/25 08:00:00 | 000,003,456 | ---- | M] (Microsoft Corporation) MD5=4BB30DDC53EBC76895E38694580CDFE9 -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2005/02/24 05:16:42 | 000,010,890 | ---- | M] (OSA Technologies) MD5=240B6C0C50F98A2A7B829ACCD5158B1B -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys
[2005/03/04 11:37:26 | 000,008,704 | ---- | M] (Avocent/OSA Technologies Inc.) MD5=B270A30AE97524E7EDB5ECA7B2AFB846 -- C:\WINDOWS\system32\drivers\osaio.sys
[2005/01/14 10:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) MD5=3245BEE5176697FAF0744A2E1288DC77 -- C:\WINDOWS\system32\drivers\osanbm.sys
[2008/04/14 03:10:18 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=3FC38E7FBE91DB40C34731195F4116C2 -- C:\WINDOWS\system32\drivers\p3.sys
[2008/04/14 03:10:22 | 000,080,000 | ---- | M] (Microsoft Corporation) MD5=46F8DB73B4A53E543F8E371DC7C75BAE -- C:\WINDOWS\system32\drivers\parport.sys
[2008/04/13 19:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) MD5=BEB3BA25197665D82EC7065B724171C6 -- C:\WINDOWS\system32\drivers\partmgr.sys
[2001/10/25 08:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) MD5=1FAE19D0457176318BBA4A8795656EBC -- C:\WINDOWS\system32\drivers\parvdm.sys
[2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) MD5=FD2041E9BA03DB7764B2248F02475079 -- C:\WINDOWS\system32\drivers\pccsmcfd.sys
[2008/04/14 03:10:38 | 000,068,736 | ---- | M] (Microsoft Corporation) MD5=6CE351D149CB4BEFC702951E471E1730 -- C:\WINDOWS\system32\drivers\pci.sys
[2001/10/25 08:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=2DA4EC85E0EA7A45C6B2A05820492D5A -- C:\WINDOWS\system32\drivers\pciide.sys
[2008/04/13 19:10:30 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=52E60F29221D0D1AC16737E8DBF7C3E9 -- C:\WINDOWS\system32\drivers\pciidex.sys
[2008/04/14 03:10:46 | 000,120,064 | ---- | M] (Microsoft Corporation) MD5=4FC31E6C19A5CE5198B1ABFF94CAE758 -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2008/04/13 19:49:42 | 000,146,048 | ---- | M] (Microsoft Corporation) MD5=E82A496C3961EFC6828B508C310CE98F -- C:\WINDOWS\system32\drivers\portcls.sys
[2008/04/14 02:41:00 | 000,039,680 | ---- | M] (Microsoft Corporation) MD5=7EB15DCE4EC3A0220BD796A15C18186E -- C:\WINDOWS\system32\drivers\processr.sys
[2008/04/13 19:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=09298EC810B07E5D582CB3A3F9255424 -- C:\WINDOWS\system32\drivers\psched.sys
[2001/10/25 08:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) MD5=80D317BD1C3DBC5D4FE7B1678C60CADD -- C:\WINDOWS\system32\drivers\ptilink.sys
[2001/10/25 08:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
[2001/08/17 17:51:32 | 000,019,584 | ---- | M] (Microsoft Corporation) MD5=0207D26DDF796A193CCD9F83047BB5FC -- C:\WINDOWS\system32\drivers\rasirda.sys
[2008/04/13 19:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) MD5=11B4A627BC9614B885C4969BFA5FF8A6 -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2008/04/13 19:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=5BC962F2654137C9909C3D4603587DEE -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2008/04/13 19:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) MD5=EFEEC01B1D3CF84F16DDD24D9D9D8F99 -- C:\WINDOWS\system32\drivers\raspptp.sys
[2001/10/25 08:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) MD5=FDBB1D60066FCFBB7452FD8F9829B242 -- C:\WINDOWS\system32\drivers\raspti.sys
[2001/10/25 08:00:00 | 000,034,432 | ---- | M] (Microsoft Corporation) MD5=01524CD237223B18ADBB48F70083F101 -- C:\WINDOWS\system32\drivers\rawwan.sys
[2008/04/13 19:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) MD5=7AD224AD1A1437FE28D89CF22B17780A -- C:\WINDOWS\system32\drivers\rdbss.sys
[2001/10/25 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2008/04/13 19:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) MD5=15CABD0F7C00C47C70124907916AF3F1 -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2008/04/14 03:53:30 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2008/04/13 18:53:44 | 000,013,776 | ---- | M] (Smart Link) MD5=E9AAA0092D74A9D371659C4C38882E12 -- C:\WINDOWS\system32\drivers\recagent.sys
[2008/04/14 02:44:54 | 000,058,496 | ---- | M] (Microsoft Corporation) MD5=611BFD220305BE3A85AE876EA47D4AA5 -- C:\WINDOWS\system32\drivers\redbook.sys
[2008/04/13 19:16:34 | 000,059,136 | ---- | M] (Microsoft Corporation) MD5=851C30DF2807FCFA21E4C681A7D6440E -- C:\WINDOWS\system32\drivers\rfcomm.sys
[2001/10/25 08:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=A56FE08EC7473E8580A390BB1081CDD7 -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2001/10/25 08:00:00 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=0A854DF84C77A0BE205BFEAB2AE4F0EC -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008/04/13 19:25:10 | 000,202,624 | ---- | M] (Microsoft Corporation) MD5=ECFF394D65671EFDE5A872EB9EF4F2D5 -- C:\WINDOWS\system32\drivers\rmcast.sys
[2008/04/13 19:26:50 | 000,030,592 | ---- | M] (Microsoft Corporation) MD5=601844CBCF617FF8C868130CA5B2039D -- C:\WINDOWS\system32\drivers\rndismp.sys
[2008/04/13 19:26:50 | 000,030,592 | ---- | M] (Microsoft Corporation) MD5=726548542AFECA56257FF01EB13BB6D7 -- C:\WINDOWS\system32\drivers\rndismpx.sys
[2001/10/25 08:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=D8B0B4ADE32574B2D9C5CC34DC0DBBE7 -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2008/04/13 17:04:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) MD5=0DBCC071A268E0340A2BA6BDD98BACE4 -- C:\WINDOWS\system32\drivers\s3gnbm.sys
[2008/04/13 19:10:32 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=76C465F570E90C28942D52CCB2580A10 -- C:\WINDOWS\system32\drivers\scsiport.sys
[2008/04/13 19:06:46 | 000,079,232 | ---- | M] (Microsoft Corporation) MD5=8D04819A3CE51B9EB47E5689B44D43C4 -- C:\WINDOWS\system32\drivers\sdbus.sys
[2008/04/13 17:09:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\WINDOWS\system32\drivers\secdrv.sys
[2008/04/13 19:10:14 | 000,015,744 | ---- | M] (Microsoft Corporation) MD5=0F29512CCD6BEAD730039FB4BD2C85CE -- C:\WINDOWS\system32\drivers\serenum.sys
[2008/04/14 02:51:10 | 000,064,256 | ---- | M] (Microsoft Corporation) MD5=B842729337C9B921615C40D3C1A1AF96 -- C:\WINDOWS\system32\drivers\serial.sys
[2008/04/13 19:10:48 | 000,011,904 | ---- | M] (Microsoft Corporation) MD5=0FA803C64DF0914B41F807EA276BF2A6 -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2008/04/13 19:10:50 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=D66D22D76878BF3483A6BE30183FB648 -- C:\WINDOWS\system32\drivers\sffp_mmc.sys
[2008/04/13 19:10:48 | 000,011,008 | ---- | M] (Microsoft Corporation) MD5=C17C331E435ED8737525C86A7557B3AC -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2008/04/13 19:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2008/04/13 19:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) MD5=6B33D0EBD30DB32E27D1D78FE946A754 -- C:\WINDOWS\system32\drivers\sisagp.sys
[2008/04/13 18:53:44 | 000,129,535 | ---- | M] (Smart Link) MD5=D9673011648A71ED1E1F77B831BC85E6 -- C:\WINDOWS\system32\drivers\slnt7554.sys
[2008/04/13 18:53:46 | 000,404,990 | ---- | M] (Smart Link) MD5=2C1779C0FEB1F4A6033600305EBA623A -- C:\WINDOWS\system32\drivers\slntamr.sys
[2008/04/13 18:53:48 | 000,095,424 | ---- | M] (Smart Link) MD5=F9B8E30E82EE95CF3E1D3E495599B99C -- C:\WINDOWS\system32\drivers\slnthal.sys
[2008/04/13 18:53:48 | 000,013,240 | ---- | M] (Smart Link) MD5=DB56BB2C55723815CF549D7FC50CFCEB -- C:\WINDOWS\system32\drivers\slwdmsup.sys
[2008/04/13 19:06:36 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=895BE38A993B9BD5ABBE570D63D88A2E -- C:\WINDOWS\system32\drivers\smbali.sys
[2001/10/25 08:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=017DAECF0ED3AA731313433601EC40FA -- C:\WINDOWS\system32\drivers\smclib.sys
[2008/04/13 19:16:08 | 000,025,344 | ---- | M] (Microsoft Corporation) MD5=489703624DAC94ED943C2ABDA022A1CD -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2008/04/13 19:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
[2011/06/21 06:24:06 | 000,032,768 | ---- | M] () MD5=7B426B8E809EDF081D771EF429345528 -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
[2008/04/14 03:11:28 | 000,073,344 | ---- | M] (Microsoft Corporation) MD5=94610C8653635E4459316A0050D55CE7 -- C:\WINDOWS\system32\drivers\sr.sys
[2008/04/13 19:45:12 | 000,334,848 | ---- | M] (Microsoft Corporation) MD5=5252605079810904E31C332E241CD59B -- C:\WINDOWS\system32\drivers\srv.sys
[2008/04/13 19:15:16 | 000,049,408 | ---- | M] (Microsoft Corporation) MD5=3E5D89099DED9E86E5639F411693218F -- C:\WINDOWS\system32\drivers\stream.sys
[2008/04/13 19:09:54 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=3941D127AEF12E93ADDF6FE6EE027E0F -- C:\WINDOWS\system32\drivers\swenum.sys
[2008/04/13 19:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2008/04/13 19:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=8B83F3ED0F1688B4958F77CD6D2BF290 -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2008/04/13 19:10:52 | 000,014,976 | ---- | M] (Microsoft Corporation) MD5=FD6093E3DECD925F1CFFC8A0DD539D72 -- C:\WINDOWS\system32\drivers\tape.sys
[2008/04/13 19:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/04/13 19:30:04 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=AA7A55536096D646DC7AB0AC5641E9E8 -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2008/04/13 19:30:06 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=0539D5E53587F82D1B4FD74C5BE205CF -- C:\WINDOWS\system32\drivers\tdi.sys
[2008/04/14 03:53:28 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008/04/14 03:53:28 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2008/04/14 03:53:26 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys
[2001/10/25 08:00:00 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=699450901C5CCFD82357CBC531CEDD23 -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2001/10/25 08:00:00 | 000,021,376 | ---- | M] (Toshiba Corporation) MD5=D74A8EC75305F1D3CFDE7C7FC1BD62A9 -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2008/04/13 19:26:02 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=8F861EDA21C05857EB8197300A92501C -- C:\WINDOWS\system32\drivers\tunmp.sys
[2008/04/13 19:06:42 | 000,044,672 | ---- | M] (Microsoft Corporation) MD5=D85938F272D1BCF3DB3A31FC0A048928 -- C:\WINDOWS\system32\drivers\uagp35.sys
[2008/04/13 19:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=5787B80C2E3C5E2F56C2A233D91FA2C9 -- C:\WINDOWS\system32\drivers\udfs.sys
[2008/04/13 19:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) MD5=402DDC88356B1BAC0EE3DD1580C76A31 -- C:\WINDOWS\system32\drivers\update.sys
[2008/04/13 19:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=BEE793D4A059CAEA55D6AC20E19B3A8F -- C:\WINDOWS\system32\drivers\usb8023.sys
[2008/04/13 19:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=B6CC50279D6CD28E090A5D33244ADC9A -- C:\WINDOWS\system32\drivers\usb8023x.sys
[2011/05/10 02:06:08 | 000,042,496 | ---- | M] (Apple, Inc.) MD5=83CAFCB53201BBAC04D822F32438E244 -- C:\WINDOWS\system32\drivers\usbaapl.sys
[2008/04/13 19:15:42 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=1C1A47B40C23358245AA8D0443B6935E -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2008/04/13 19:15:42 | 000,025,728 | ---- | M] (Microsoft Corporation) MD5=CE97845D2E3F0D274B8BAC1ED07C6149 -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2001/10/25 08:00:00 | 000,004,736 | ---- | M] (Microsoft Corporation) MD5=596EB39B50D6EBD9B734DC4AE0544693 -- C:\WINDOWS\system32\drivers\usbd.sys
[2008/04/13 19:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=65DCF09D0E37D4C6B11B5B0B76D470A7 -- C:\WINDOWS\system32\drivers\usbehci.sys
[2008/04/13 19:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) MD5=1AB3CDDE553B6E064D2E754EFE20285C -- C:\WINDOWS\system32\drivers\usbhub.sys
[2008/04/13 19:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=290913DC4F1125E5A82DE52579A44C43 -- C:\WINDOWS\system32\drivers\usbintel.sys
[2008/04/13 19:15:38 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=791912E524CC2CC6F50B5F2B52D1EB71 -- C:\WINDOWS\system32\drivers\usbport.sys
[2008/04/13 18:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2008/04/13 19:15:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=1C888B000C2F9492F4B15B5B6B84873E -- C:\WINDOWS\system32\drivers\usbser.sys
[2008/04/13 19:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys
[2008/04/13 19:15:36 | 000,020,608 | ---- | M] (Microsoft Corporation) MD5=26496F9DEE2D787FC3E61AD54821FFE6 -- C:\WINDOWS\system32\drivers\usbuhci.sys
[2008/04/13 19:16:22 | 000,121,984 | ---- | M] (Microsoft Corporation) MD5=63BBFCA7F390F4C49ED4B96BFB1633E0 -- C:\WINDOWS\system32\drivers\usbvideo.sys
[2001/10/25 08:00:00 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) MD5=55E01061C74A8CEFFF58DC36114A8D3F -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2008/04/13 19:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=0D3A8FAFCEACD8B7625CD549757A7DF1 -- C:\WINDOWS\system32\drivers\vga.sys
[2008/04/13 19:06:42 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=754292CE5848B3738281B4F3607EAEF4 -- C:\WINDOWS\system32\drivers\viaagp.sys
[2008/04/13 19:14:42 | 000,081,664 | ---- | M] (Microsoft Corporation) MD5=E28726B72C46821A28830E077D39A55B -- C:\WINDOWS\system32\drivers\videoprt.sys
[2008/04/14 02:42:06 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=28A4B296B47782173C346E376CB374D1 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2004/10/29 13:48:00 | 003,222,784 | ---- | M] (Intel® Corporation) MD5=C89DA341FCC883A3D79DC11727484FC2 -- C:\WINDOWS\system32\drivers\w29n51.sys
[2008/04/13 19:13:56 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=ACED8C149B30F8496C237BCBA3727B48 -- C:\WINDOWS\system32\drivers\wacompen.sys
[2008/04/13 17:04:28 | 000,011,807 | ---- | M] (Intel(R) Corporation) MD5=0308AEF61941E4AF478FA1A0F83812F5 -- C:\WINDOWS\system32\drivers\wadv07nt.sys
[2008/04/13 17:04:28 | 000,011,295 | ---- | M] (Intel(R) Corporation) MD5=714038A8AA5DE08E12062202CD7EAEB5 -- C:\WINDOWS\system32\drivers\wadv08nt.sys
[2008/04/13 17:04:28 | 000,011,871 | ---- | M] (Intel(R) Corporation) MD5=7BB3AA595E4507A788DE1CDC63F4C8C4 -- C:\WINDOWS\system32\drivers\wadv09nt.sys
[2008/04/13 17:04:30 | 000,011,935 | ---- | M] (Intel(R) Corporation) MD5=36E6C405B6143D09687F4056FD9A0D10 -- C:\WINDOWS\system32\drivers\wadv11nt.sys
[2008/04/13 19:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) MD5=E20B95BAEDB550F32DD489265C1DA1F6 -- C:\WINDOWS\system32\drivers\wanarp.sys
[2008/04/13 17:04:30 | 000,022,271 | ---- | M] (Intel(R) Corporation) MD5=352FA0E98BC461CE1CE5D41F64DB558D -- C:\WINDOWS\system32\drivers\watv06nt.sys
[2008/04/13 17:04:30 | 000,025,471 | ---- | M] (Intel(R) Corporation) MD5=791CC45DE6E50445BE72E8AD6401FF45 -- C:\WINDOWS\system32\drivers\watv10nt.sys
[2009/07/14 05:35:16 | 000,444,136 | ---- | M] (Microsoft Corporation) MD5=D918617B46457B9AC28027722E30F647 -- C:\WINDOWS\system32\drivers\wdf01000.sys
[2009/07/14 05:35:16 | 000,037,608 | ---- | M] (Microsoft Corporation) MD5=399C974DDA25FD3E59F22BAB787F662B -- C:\WINDOWS\system32\drivers\wdfldr.sys
[2008/04/13 19:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) MD5=6768ACF64B18196494413695F0C3A00F -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2001/10/25 08:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=2F31B7F954BED437F2C75026C65CAF7B -- C:\WINDOWS\system32\drivers\wmilib.sys
[2006/10/18 15:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) MD5=CF4DEF1BF66F06964DC0D91844239104 -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2001/10/25 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2006/09/28 13:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) MD5=F15FEAFFFBB3644CCC80C5DA584E6311 -- C:\WINDOWS\system32\drivers\WudfPf.sys
[2006/09/28 14:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=28B524262BCE6DE1F7EF9F510BA3985B -- C:\WINDOWS\system32\drivers\WudfRd.sys


< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2007/11/30 02:49:36 | 000,054,272 | ---- | M] (RICOH COMPANY, LTD.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\E323PP32.DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 08:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2007/11/30 02:49:36 | 000,054,272 | ---- | M] (RICOH COMPANY, LTD.) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\E323PP32.DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
[2008/07/06 08:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[2008/04/14 03:51:38 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/14 03:51:38 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/14 03:51:38 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/14 03:51:38 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/14 03:51:38 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/14 03:51:38 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/14 03:51:38 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2006/12/29 15:21:08 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008/04/14 03:51:38 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/14 03:51:38 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/14 03:51:38 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/14 03:51:38 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/14 03:51:38 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/14 03:51:40 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007/04/02 16:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2001/10/25 08:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001/10/25 08:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2004/05/27 09:09:00 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\HSFProf.cty
[2012/02/24 11:56:20 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/02/24 11:56:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2006/12/29 15:02:50 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008/04/14 03:51:56 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/14 03:52:06 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
[2004/11/09 11:31:00 | 000,000,013 | ---- | M] () -- C:\WINDOWS\system32\drivers\verfile.tic

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2012/07/17 12:07:20 | 000,092,496 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012/07/17 12:07:20 | 000,080,606 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012/07/17 12:07:20 | 000,459,794 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012/07/17 12:07:20 | 000,462,690 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012/07/17 12:07:20 | 001,110,810 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012/07/16 12:28:06 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/14 03:51:40 | 000,147,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2008/04/14 03:51:50 | 000,275,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/14 03:51:52 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2008/04/14 03:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shdocvw.dll
[2008/04/14 03:51:56 | 008,465,408 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

< %systemroot%\system32\config\*.sav >
[2011/02/02 19:47:56 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011/02/02 19:47:56 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011/02/02 19:47:56 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job >

< %systemroot%\*.* /U /s >

< %systemroot%\*. /rp /s >

Invalid Environment Variable: %ALLUSERSPROFILE%\Data Aplikací\*.*

Invalid Environment Variable: %ALLUSERSPROFILE%\Data Aplikací\*.exe

Invalid Environment Variable: %ALLUSERSPROFILE%\Nabídka Start\*.lnk

Invalid Environment Variable: %ALLUSERSPROFILE%\Data Aplikácií\*.*

Invalid Environment Variable: %ALLUSERSPROFILE%\Data Aplikácií\*.exe

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

Invalid Environment Variable: %ALLUSERSPROFILE%\Start Menu\*.lnk

Invalid Environment Variable: %APPDATA%\*.

Invalid Environment Variable: %APPDATA%\*.*

Invalid Environment Variable: %APPDATA%\*.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >


< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008/04/14 03:52:28 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=414AFE6E8CCDE984E16D5ED08624CEC6 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >



< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16


< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/07/15 09:24:54 | 000,000,512 | ---- | M] () MD5=37BE4FAC8A4D53B28FD69152A09AED26 -- C:\PhysicalMBR.bin

< bcdedit /v >C:\boot.txt /c >

< type C:\boot.txt >> test1.txt /c >




< CREATERESTOREPOINT >


========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction
< End of report >
Nahoru
manatte
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 20 črc 2011 22:59

Re: vytížení pc na 100%

#22 Příspěvek od manatte »

Dobrý den. Byl to boj, ale log máte výše. Musel jsem ho rozdělit na dva.
Nahoru
Uživatelský avatar
Danstahr
Přítel fóra
Přítel fóra
Příspěvky: 1069
Registrován: 28 říj 2006 20:23
Bydliště: Londýn
Kontaktovat uživatele:
Kontaktovat uživatele Danstahr

Re: vytížení pc na 100%

#23 Příspěvek od Danstahr »

Zdravím a omlouvám se za zpoždění, včera mi to zase zlobilo...

:arrow: Následující soubory otestujte na VirusTotal, v případě potřeby potvrďte nový sken :
  • C:\WINDOWS\system32\drivers\atapi.sys
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\user32.dll
    C:\WINDOWS\system32\wscript.exe
    C:\WINDOWS\system32\winsrv.dll
    C:\WINDOWS\system32\win32k.sys
    C:\WINDOWS\system32\ntkrnlpa.exe
    C:\WINDOWS\system32\ntoskrnl.exe
Koupím trochu času, cenu respektuji.
Nahoru
manatte
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 20 črc 2011 22:59

Re: vytížení pc na 100%

#24 Příspěvek od manatte »

Dobrý den.
U souboru:
C:\WINDOWS\system32\wscript.exe mi to našl toto: Win32.Autorun

Jinak nic.
Nahoru
Uživatelský avatar
Danstahr
Přítel fóra
Přítel fóra
Příspěvky: 1069
Registrován: 28 říj 2006 20:23
Bydliště: Londýn
Kontaktovat uživatele:
Kontaktovat uživatele Danstahr

Re: vytížení pc na 100%

#25 Příspěvek od Danstahr »

:arrow: Zkoušel jste to z OTLpe, nebo normálně ze systému? Poku ze systému, zkuste to prosím ještě jednou po nabootování z dříáve vytvořené flashky. Nějak nemůžu vymáknout, co nám tam pořád tahá havěť...
Koupím trochu času, cenu respektuji.
Nahoru
manatte
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 20 črc 2011 22:59

Re: vytížení pc na 100%

#26 Příspěvek od manatte »

Bylo to ze systému, když tam mám to OTLpe nejde mi net. Ale ještě to zkusím. Bohužel teď jsem na týden mimo, ale určitě vyzkouším hned jak budu u toho. Už jsem si říkal, jestli by nepomohl komplet formát a přeinstalovat systém.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: vytížení pc na 100%

#27 Příspěvek od motji »

Zdravím,
jak to tu vypadá? :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: vytížení pc na 100%

#28 Příspěvek od motji »

Dobrý den,
pro neaktivitu je toto téma uzamknuto.
Pokud ho budete chtít odemknout, kontaktujte mě na email nebo některého z mých kolegů.
Děkujeme za pochopení :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“