Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

vir policie čr

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

vir policie čr

#1 Příspěvek od parisek »

dobrý den mam v pc vir policie čr. zkoušel jsem kaspersky rescue 10 a ten nic nenasel.
nouzový rezim nejde zpustit restartuje se co stim. ted mam nabootovanej ubuntu z externího disku.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119532
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: vir policie čr

#2 Příspěvek od Rudy »

Zdravím!
Jaký máte operační systém?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#3 Příspěvek od parisek »

dobrý den mam win xp a ěd jedu na ubuntu 13.10 32bit
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119532
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: vir policie čr

#4 Příspěvek od Rudy »

OK.Restartujte a při novém startu těsně po skončení úvodních postů tiskněte klávesu >F8<. V menu, které se objeví, šipkami zvýrazněte >Nouzový režim s příkazovým řádkem MSDOS< a odentrujte. Do přík. řádku zadejte:
%Systemroot%/system32/restore/rstrui.exe
Odentrujte a vyberte datum bodu obnovy před nákazou. Opět >Enter< a vyčjkejte, až obnova proběhne. Restartujte pak do normálního, nebo (v příápadě problémů) do nouzového režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#5 Příspěvek od parisek »

kdyz dam nouzovi rezim s ms-dos tak se to restartuje
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#6 Příspěvek od parisek »

nevadí klidně vstupujte

SATA
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#7 Příspěvek od parisek »

tak konečně se to povedlo doufám že to bude ono
Přílohy
Extras.zip
(105.13 KiB) Staženo 53 x
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#8 Příspěvek od parisek »

jak v tom prostredi spustim internet? nejak to nefacha
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#9 Příspěvek od parisek »

ani flashku to nečte
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#10 Příspěvek od parisek »

jsem tam
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#11 Příspěvek od parisek »

mam pripojit datový kabel?
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#12 Příspěvek od parisek »

ComboFix 13-12-21.01 - Administrator 22.12.2013 15:20:40.1.2 - x86 NETWORK
Spuštěný z: c:\documents and settings\Administrator.HP66811255121\Dokumenty\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-22 do 2013-12-22 )))))))))))))))))))))))))))))))
.
.
2013-12-22 17:08 . 2013-12-22 17:57 512 ----a-w- C:\Physical0MBR.bin
2013-12-22 14:13 . 2013-12-22 14:13 -------- d---a-w- c:\program files\SafePCRepair_89EI
2013-12-22 06:43 . 2013-12-22 14:10 -------- d-----w- c:\documents and settings\Administrator.HP66811255121
2013-12-21 22:36 . 2013-12-22 07:42 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-16 18:35 . 2013-08-15 16:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-16 18:35 . 2013-08-15 16:39 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-16 18:35 . 2013-08-15 16:39 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-16 18:35 . 2012-05-09 17:20 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-16 18:35 . 2012-05-09 17:20 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-16 18:35 . 2012-05-09 17:20 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-16 18:35 . 2012-05-09 17:20 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-16 18:35 . 2012-05-09 17:20 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-12-16 18:35 . 2012-05-09 17:20 43152 ----a-w- c:\windows\avastSS.scr
2013-12-16 18:35 . 2012-05-09 17:20 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-11 16:18 . 2012-05-10 18:56 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 16:18 . 2012-05-10 18:56 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2013-05-20 09:21 231712 ----a-w- c:\program files\BS_Player\prxtbBS_2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_2.dll" [2013-05-20 231712]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-16 18:35 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"Zástupce stránky vlastností sběrnice High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-03-08 13924864]
"PTHOSTTR"="c:\program files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2005-10-04 86016]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"LayoutM"="KLayMgr.exe" [2004-08-16 45056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-06-06 1564872]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-16 3568312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-12-16 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-12-16 403440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-12-16 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-12-16 70384]
S1 aswKbd;aswKbd; [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 19:07 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 16:19]
.
2013-12-22 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-18 06:45]
.
2013-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-09 17:20]
.
2013-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-09 17:20]
.
2013-12-22 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2012-06-06 20:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.hp.com
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-hpqSRMon - (no file)
AddRemove-Software Setup - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-22 15:26
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-600682357-420316650-2637938586-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c7,cb,b9,16,9d,38,95,4f,a1,c2,9b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c7,cb,b9,16,9d,38,95,4f,a1,c2,9b,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-12-22 15:27:45
ComboFix-quarantined-files.txt 2013-12-22 14:27
.
Před spuštěním: Volných bajtů: 23 451 348 992
Po spuštění: Volných bajtů: 23 581 138 944
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 3D83C9FF63A20487487B368995EF35C0
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#13 Příspěvek od parisek »

vše v poradku ale vsehny fotky atd mi zmizeli.
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#14 Příspěvek od parisek »

nic cele xp je jako kdyz to zapnu poprve a jsou tam jen ty zakladni a jden nebo dva skeny
Nahoru
parisek
Návštěvník
Návštěvník
Příspěvky: 80
Registrován: 22 pro 2013 09:23

Re: vir policie čr

#15 Příspěvek od parisek »

OTL logfile created on: 12/22/2013 12:56:32 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 85.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 20.22 Gb Free Space | 27.13% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2013/12/18 11:10:04 | 000,188,904 | ---- | M] (Initex) [Auto] -- C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss -- (winmgmt)
SRV - [2013/12/16 13:35:30 | 000,050,344 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/11 11:19:00 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/18 12:54:28 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/12/16 13:35:35 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/12/16 13:35:35 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/12/16 13:35:35 | 000,178,304 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/12/16 13:35:35 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/12/16 13:35:35 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/12/16 13:35:35 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/12/16 13:35:35 | 000,049,944 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/12/16 13:35:35 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2005/04/08 00:25:34 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/03/04 17:04:00 | 002,538,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/03/04 08:21:36 | 000,065,664 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2005/01/07 13:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/03 19:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 19:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 19:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 19:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 19:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 19:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 19:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 19:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 19:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 19:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 19:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 19:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 19:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 19:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 19:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2002/04/04 00:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator.HP66811255121_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
IE - HKU\Administrator.HP66811255121_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2012/07/25 11:50:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/12/16 13:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/11/18 12:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/18 12:54:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2006/03/02 02:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O2 - BHO: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\d2a60f10-d905-42a4-886f-f2fa1754091f.exe (AVAST Software)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LayoutM] C:\WINDOWS\KLayMgr.exe (Chicony)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] C:\WINDOWS\System32\hdashcut.exe (Windows (R) Server 2003 DDK provider)
O4 - Startup: C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění\qerj0hb.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator.HP66811255121_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss (Initex)

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WinMgmt - C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss (Initex)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinMgmt - C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss (Initex)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
PhysicalDisk0 MBR saved to C:\Physical0MBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/12/22 01:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Adobe
[2013/12/22 01:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\AVAST Software
[2013/12/22 01:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\AskToolbar
[2013/12/22 01:43:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.HP66811255121\IETldCache
[2013/12/22 01:43:31 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft
[2013/12/22 01:43:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací
[2013/12/22 01:43:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Dokumenty\Obrázky
[2013/12/22 01:43:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Dokumenty\Hudba
[2013/12/22 01:43:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Dokumenty
[2013/12/22 01:43:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.HP66811255121\Cookies
[2013/12/22 01:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\Microsoft
[2013/12/22 01:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Identities
[2013/12/22 01:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\ApplicationHistory
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Příslušenství
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Oblíbené položky
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start
[2013/12/22 01:43:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Okolní tiskárny
[2013/12/22 01:43:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Okolní síť
[2013/12/22 01:43:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings
[2013/12/22 01:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Plocha
[2013/12/22 01:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2013/12/22 01:43:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\SendTo
[2013/12/22 01:43:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Recent
[2013/12/22 01:43:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Šablony
[2013/12/21 17:36:05 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2013/12/18 11:10:04 | 000,188,904 | ---- | C] (Initex) -- C:\Documents and Settings\All Users\Data aplikací\bh0jreq.jss
[2013/12/16 13:35:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/22 12:57:04 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin
[2013/12/22 06:40:56 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/22 06:40:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/22 06:40:36 | 1601,617,920 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/22 05:27:45 | 095,025,368 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.fee
[2013/12/22 05:26:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/12/22 05:16:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/22 05:11:06 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/22 05:10:44 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/12/22 05:09:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.odd
[2013/12/22 02:35:44 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
[2013/12/22 01:45:46 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk
[2013/12/22 01:45:43 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 01:44:12 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění\qerj0hb.lnk
[2013/12/21 18:28:34 | 000,000,057 | ---- | M] () -- C:\.directory
[2013/12/18 14:06:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/18 11:13:24 | 000,000,387 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.reg
[2013/12/18 11:10:04 | 000,188,904 | ---- | M] (Initex) -- C:\Documents and Settings\All Users\Data aplikací\bh0jreq.jss
[2013/12/16 13:35:52 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013/12/16 13:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
[2013/12/16 13:35:35 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/12/16 13:35:35 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/12/16 13:35:35 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/12/16 13:35:35 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/12/16 13:35:35 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/12/16 13:35:35 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/12/16 13:35:35 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/12/16 13:35:35 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/12/16 13:35:34 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/12/16 13:35:34 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/12/16 13:32:03 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/12/11 11:18:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/11 11:18:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/12/05 14:10:21 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/22 12:08:20 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin
[2013/12/22 06:39:51 | 1601,617,920 | -HS- | C] () -- C:\hiberfil.sys
[2013/12/22 01:45:46 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Internet Explorer.lnk
[2013/12/22 01:45:43 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 01:44:36 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Windows Media Player.lnk
[2013/12/22 01:44:12 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění\qerj0hb.lnk
[2013/12/22 01:43:33 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk
[2013/12/22 01:43:33 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\fusioncache.dat
[2013/12/22 01:43:33 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Zobrazit plochu.scf
[2013/12/22 01:43:32 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2013/12/22 01:43:32 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Outlook Express.lnk
[2013/12/21 18:28:34 | 000,000,057 | ---- | C] () -- C:\.directory
[2013/12/18 11:10:55 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.reg
[2013/12/18 11:10:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.odd
[2013/12/18 11:10:10 | 095,025,368 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.fee
[2013/08/15 11:39:10 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/15 11:39:10 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/07/25 11:07:42 | 000,185,579 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2012/07/25 11:07:41 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2012/05/21 14:09:13 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/05/21 14:09:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2012/05/21 14:08:58 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/05/21 14:08:57 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/05/21 14:08:55 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/02/02 15:34:33 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2012/02/02 15:34:01 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2012/02/02 15:33:56 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2012/02/02 15:33:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2012/02/02 15:31:17 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2012/02/02 15:18:07 | 000,000,794 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2012/02/02 07:04:06 | 000,000,133 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\fusioncache.dat
[2012/02/02 06:59:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2012/02/02 06:56:33 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012/02/02 06:52:10 | 000,001,996 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2012/02/02 06:52:08 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2012/02/02 06:52:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/05/16 11:01:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/05/04 17:29:02 | 000,441,260 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/05/04 17:29:02 | 000,437,832 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006/05/04 17:29:02 | 000,082,552 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006/05/04 17:29:02 | 000,071,196 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/05/04 17:24:52 | 000,123,728 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/05/04 17:17:14 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/05/04 17:12:10 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/10/18 09:54:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/07/17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/10/24 13:29:46 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001/10/24 13:29:46 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001/08/17 23:30:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/17 23:30:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/17 23:15:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/07/22 00:36:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/07/22 00:36:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

========== LOP Check ==========

[2013/12/22 01:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\AVAST Software
[2012/05/14 10:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ask
[2013/12/16 13:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012/06/11 00:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2013/09/18 14:38:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013/12/22 05:10:44 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013/12/22 05:26:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Custom Scans ==========


< DRIVES >


========== Restore Points Found ==========
[2013/12/18 13:22:10 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP186\snapshot
[2013/12/16 13:32:46 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP185\snapshot
[2013/12/12 11:12:11 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP184\snapshot
[2013/12/11 00:15:57 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP183\snapshot
[2013/12/09 11:37:09 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP182\snapshot
[2013/12/05 14:13:41 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP181\snapshot
[2013/12/04 13:07:03 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP180\snapshot
[2013/12/03 11:15:23 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP179\snapshot
[2013/11/25 12:26:29 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP178\snapshot
[2013/11/18 13:02:12 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP177\snapshot
[2013/11/14 14:00:14 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP176\snapshot
[2013/11/14 12:46:54 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP175\snapshot
[2013/11/13 12:24:58 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP174\snapshot
[2013/11/12 11:10:29 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP173\snapshot
[2013/11/08 03:34:33 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP172\snapshot
[2013/11/06 14:19:06 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP171\snapshot
[2013/11/04 14:27:53 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP170\snapshot
[2013/11/04 14:27:01 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP169\snapshot
[2013/11/04 13:48:45 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP168\snapshot



< MD5 for: ACPI.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:acpi.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2008/04/13 21:05:40 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\acpi.sys
[2004/08/17 17:43:12 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\system32\drivers\acpi.sys

< MD5 for: AFD.SYS >
[2008/04/13 14:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\afd.sys
[2008/08/14 05:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008/08/14 04:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\system32\dllcache\afd.sys
[2008/08/14 04:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\system32\drivers\afd.sys
[2004/08/04 01:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2008/08/14 04:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2008/08/14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2008/06/20 05:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2008/06/20 06:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008/06/20 05:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
[2008/06/20 06:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys

< MD5 for: AGP440.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys

< MD5 for: ATAPI.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/04/13 22:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2006/03/02 07:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\i386\AUTOCHK.EXE
[2006/03/02 07:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/04/13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2004/08/04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CHANGER.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008/04/13 13:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys

< MD5 for: CMD.EXE >
[2004/08/17 17:49:24 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=4E5BE66CD70D52637589E9C3E2C1696D -- C:\WINDOWS\system32\cmd.exe
[2008/04/13 22:22:15 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cmd.exe

< MD5 for: CRYPTSVC.DLL >
[2004/08/17 17:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2008/04/13 22:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2004/08/17 17:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\csrss.exe
[2008/04/13 22:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008/04/13 22:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2004/08/17 17:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 22:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004/08/17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe

< MD5 for: FASTFAT.SYS >
[2004/08/04 01:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008/04/13 14:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\fastfat.sys

< MD5 for: HAL.DLL >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:hal.dll
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008/04/13 13:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004/08/03 16:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: I8042PRT.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:i8042prt.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2004/08/17 17:44:12 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=0F42DE9909B5DBF2C48DD1A79D491AF5 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2008/04/13 21:21:15 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\i8042prt.sys

< MD5 for: ISAPNP.SYS >
[2001/10/24 05:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001/10/24 05:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001/10/24 13:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys
[2008/04/13 21:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:kbdclass.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2008/04/13 21:29:06 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\kbdclass.sys
[2004/08/17 17:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6F877BF8DC01A550CD666F3BEDB2213C -- C:\WINDOWS\system32\drivers\kbdclass.sys

< MD5 for: LSASS.EXE >
[2004/08/17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2008/04/13 22:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe

< MD5 for: NDIS.SYS >
[2008/04/13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2004/08/04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/02/06 13:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/17 17:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008/04/13 22:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll

< MD5 for: NTFS.SYS >
[2008/04/13 14:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntfs.sys
[2006/03/02 07:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\i386\NTFS.SYS
[2006/03/02 07:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\drivers\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:ntkrnlpa.exe
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntkrnlpa.exe
[2010/02/16 14:34:49 | 002,060,544 | ---- | M] (Microsoft Corporation) MD5=27DE458FE1E1A618836ADB61873BC9E8 -- C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
[2010/02/16 14:34:49 | 002,060,544 | ---- | M] (Microsoft Corporation) MD5=27DE458FE1E1A618836ADB61873BC9E8 -- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
[2009/02/09 06:52:22 | 002,017,792 | ---- | M] (Microsoft Corporation) MD5=2A10C3D1EFA71B00EADF711EEE9F94B5 -- C:\WINDOWS\$NtUninstallKB979683$\ntkrnlpa.exe
[2008/04/13 21:36:32 | 002,067,968 | ---- | M] (Microsoft Corporation) MD5=4DEE41C45E803DB91A72FD1BA69C05EE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntkrnlpa.exe
[2010/02/16 14:09:02 | 002,068,992 | ---- | M] (Microsoft Corporation) MD5=6C31566C176BC28C7D73BC6332642A58 -- C:\WINDOWS\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[2004/08/17 09:45:32 | 002,017,280 | ---- | M] (Microsoft Corporation) MD5=7715EDDD01EDFEF9EF335D29C6DFE212 -- C:\WINDOWS\$NtUninstallKB956572$\ntkrnlpa.exe
[2010/02/17 07:26:56 | 002,065,920 | ---- | M] (Microsoft Corporation) MD5=7F87EDF3C7C626D336533D2580940A00 -- C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[2009/02/09 06:44:58 | 002,065,152 | ---- | M] (Microsoft Corporation) MD5=BB64DC108F8C4EE4D4B7998AA19E5FA7 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[2010/02/16 14:34:37 | 002,018,816 | ---- | M] (Microsoft Corporation) MD5=D28D685746FCC801DB0E8474FB835B03 -- C:\WINDOWS\system32\ntkrnlpa.exe
[2009/02/10 12:09:12 | 002,068,224 | ---- | M] (Microsoft Corporation) MD5=D721665942F74CA7FF4162A0761CBB0A -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[2010/02/16 14:02:20 | 002,069,120 | ---- | M] (Microsoft Corporation) MD5=DCC3D91A3DEDBBA9ECFFA6028D872CF5 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[2009/02/09 06:19:06 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=FF8A3F180A224AA27EBAB937CA027F4D -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:ntoskrnl.exe
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntoskrnl.exe
[2010/02/16 14:34:37 | 002,139,136 | ---- | M] (Microsoft Corporation) MD5=0AA7367A01044B4114F5B58DE132C385 -- C:\WINDOWS\system32\ntoskrnl.exe
[2010/02/17 07:09:02 | 002,192,128 | ---- | M] (Microsoft Corporation) MD5=4E8268B816B2D27E711A688D6FD0E319 -- C:\WINDOWS\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[2010/02/16 14:02:19 | 002,192,256 | ---- | M] (Microsoft Corporation) MD5=6B2312D847BA95F4E858CB4C3B5F51E1 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2004/08/17 09:45:30 | 002,150,400 | ---- | M] (Microsoft Corporation) MD5=84FEF6BE553ACC66729F5D4113F53310 -- C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe
[2009/02/10 12:18:42 | 002,191,360 | ---- | M] (Microsoft Corporation) MD5=97480EBFE1D4B547657BAD75AAAB1325 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2010/02/16 14:26:52 | 002,189,056 | ---- | M] (Microsoft Corporation) MD5=AEDD2FE6BEC6FB4E3B25DB1E15C97560 -- C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[2008/04/13 21:37:08 | 002,191,104 | ---- | M] (Microsoft Corporation) MD5=C1536014AC1CB1D5397E31D9735E6571 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntoskrnl.exe
[2009/02/09 06:44:53 | 002,188,288 | ---- | M] (Microsoft Corporation) MD5=C424407DDD99223BF3248044CBBE91F6 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[2009/02/09 06:52:15 | 002,138,112 | ---- | M] (Microsoft Corporation) MD5=E4CB0FFB4C55DB2268B93F4A17EACBF2 -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2010/02/16 14:34:49 | 002,183,552 | ---- | M] (Microsoft Corporation) MD5=F24D47F956B2527F8771E38AFE750743 -- C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
[2010/02/16 14:34:49 | 002,183,552 | ---- | M] (Microsoft Corporation) MD5=F24D47F956B2527F8771E38AFE750743 -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2009/02/09 06:26:15 | 002,191,232 | ---- | M] (Microsoft Corporation) MD5=F48662F55CD8DDD4DBBBCB69DE197725 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe

< MD5 for: REGEDIT.EXE >
[2006/03/02 07:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\i386\REGEDIT.EXE
[2006/03/02 07:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\WINDOWS\regedit.exe
[2008/04/13 22:22:42 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\regedit.exe

< MD5 for: SCECLI.DLL >
[2004/08/17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 22:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/02/09 04:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/09 06:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/09 05:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/09 05:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\services.exe
[2004/08/17 17:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/09 06:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2008/04/13 22:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\services.exe

< MD5 for: SMSS.EXE >
[2004/08/17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2008/04/13 22:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2006/03/02 07:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\i386\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2004/08/17 17:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\spoolsv.exe
[2008/04/13 22:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 22:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2004/08/17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: SYMMPI.SYS >
[2002/04/04 00:32:06 | 000,028,416 | R--- | M] (LSI Logic) MD5=F2B7E8416F508368AC6730E2AE1C614F -- C:\WINDOWS\system32\drivers\symmpi.sys

< MD5 for: TCPIP.SYS >
[2008/06/20 05:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 05:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 05:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008/04/13 14:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004/08/04 01:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/06/20 06:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USER32.DLL >
[2004/08/17 17:49:20 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1B4CCC59980DA34E75F20E42B283B027 -- C:\WINDOWS\system32\user32.dll
[2008/04/13 22:22:04 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\user32.dll

< MD5 for: USERINIT.EXE >
[2008/04/13 22:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2004/08/17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WIN32K.SYS >
[2005/01/14 12:39:16 | 001,836,160 | ---- | M] (Microsoft Corporation) MD5=0A8206089EAF3FF903670BD566BA9822 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2008/04/13 21:15:34 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\win32k.sys
[2010/05/02 03:03:50 | 001,860,352 | ---- | M] (Microsoft Corporation) MD5=8402F80D7FCA8CD3A4BCF027773CAD34 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2010/05/02 03:09:42 | 001,851,264 | ---- | M] (Microsoft Corporation) MD5=8DFA2A74176D58E671C7FD9F8966DE99 -- C:\WINDOWS\$hf_mig$\KB979559\SP3GDR\win32k.sys
[2010/05/02 02:58:05 | 001,859,968 | ---- | M] (Microsoft Corporation) MD5=DC54910D95B0046F3567F38613DD35A9 -- C:\WINDOWS\system32\dllcache\win32k.sys
[2010/05/02 02:58:05 | 001,859,968 | ---- | M] (Microsoft Corporation) MD5=DC54910D95B0046F3567F38613DD35A9 -- C:\WINDOWS\system32\win32k.sys

< MD5 for: WINLOGON.EXE >
[2004/08/17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 22:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe

< MD5 for: WINSRV.DLL >
[2008/04/13 22:22:05 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winsrv.dll
[2004/08/17 17:49:22 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=E4E57FBA176F2752527B1D53A663D2D7 -- C:\WINDOWS\system32\winsrv.dll

< MD5 for: WS2_32.DLL >
[2004/08/17 17:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008/04/13 22:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2008/04/13 22:22:55 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=279C5962E62940A62C7DC4EEA707CD5D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\wscript.exe
[2004/08/17 17:49:30 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=8570AC76924CE5444AB664462DE8FFE5 -- C:\WINDOWS\system32\wscript.exe


< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >


< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >


< %systemroot%\system32\drivers\*.sys /md5 >
[2001/08/17 17:20:04 | 000,096,256 | ---- | M] (Intel Corporation) MD5=0F2D66D5F08EBE2F77BB904288DCF6F0 -- C:\WINDOWS\system32\drivers\ac97intc.sys
[2004/08/17 17:43:12 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\system32\drivers\acpi.sys
[2001/10/24 13:42:34 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=AFDFF022A01F0B11C776F0860C3B282F -- C:\WINDOWS\system32\drivers\acpiec.sys
[2001/08/18 00:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=9A11864873DA202C996558B2106B0BBC -- C:\WINDOWS\system32\drivers\adpu160m.sys
[2002/05/08 19:44:42 | 000,105,472 | ---- | M] (Adaptec, Inc.) MD5=0EA9B1F0C6C90A509C8603775366ADB7 -- C:\WINDOWS\system32\drivers\adpu320.sys
[2004/08/03 19:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\system32\drivers\aec.sys
[2008/08/14 04:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\system32\drivers\afd.sys
[2001/08/18 00:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) MD5=19DD0FB48B0C18892F70E2E7D61A1529 -- C:\WINDOWS\system32\drivers\aic78u2.sys
[2001/08/18 00:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) MD5=B7FE594A7468AA0132DEB03FB8E34326 -- C:\WINDOWS\system32\drivers\aic78xx.sys
[2006/03/02 04:00:00 | 000,040,832 | ---- | M] (Microsoft Corporation) MD5=F4E1072598A00A5FB74FC08BC97E33DE -- C:\WINDOWS\system32\drivers\amdk6.sys
[2006/03/02 04:00:00 | 000,041,216 | ---- | M] (Microsoft Corporation) MD5=2CC3BF45AC3180FE29C199BD95F09601 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2006/03/02 04:00:00 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=F0D692B0BFFB46E30EB3CEA168BBC49F -- C:\WINDOWS\system32\drivers\arp1394.sys
[2013/12/16 13:35:35 | 000,035,656 | ---- | M] (AVAST Software) MD5=74202D5A696A412733B387BD18400E4C -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) MD5=3FCA5C1A8F33CF9857220CC3A3076A3E -- C:\WINDOWS\system32\drivers\aswKbd.sys
[2013/12/16 13:35:35 | 000,070,384 | ---- | M] (AVAST Software) MD5=AA3397F034871DE76A74585774029580 -- C:\WINDOWS\system32\drivers\aswMonFlt.sys
[2013/12/16 13:35:35 | 000,054,832 | ---- | M] (AVAST Software) MD5=9F597676EDA29D6619C5E76F523892D7 -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2013/12/16 13:35:35 | 000,049,944 | ---- | M] () MD5=F385467DF95D0A73775CB3B076B8B969 -- C:\WINDOWS\system32\drivers\aswRvrt.sys
[2013/12/16 13:35:35 | 000,774,392 | ---- | M] (AVAST Software) MD5=BB27A67D7F465D2720D74B5223DD91E4 -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2013/12/16 13:35:35 | 000,403,440 | ---- | M] (AVAST Software) MD5=259E864BFB9268CD7CEFA5849A3B374B -- C:\WINDOWS\system32\drivers\aswSP.sys
[2013/12/16 13:35:35 | 000,057,672 | ---- | M] (AVAST Software) MD5=AB499F3325E62E157F8E8302065B1B30 -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2013/12/16 13:35:35 | 000,178,304 | ---- | M] () MD5=BADA8FD627F1D0E22308211C33F0BDB5 -- C:\WINDOWS\system32\drivers\aswVmm.sys
[2004/08/04 01:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=02000ABF34AF4C218C35D257024807D6 -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=EC88DA854AB7D7752EC8BE11A741BB7F -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2001/08/17 23:46:46 | 000,031,360 | ---- | M] (Microsoft Corporation) MD5=39A0A59180F19946374275745B21AEBA -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2004/08/04 00:58:36 | 000,055,936 | ---- | M] (Microsoft Corporation) MD5=0128E78FE835F074E469F03DB681CA9E -- C:\WINDOWS\system32\drivers\atmlane.sys
[2001/08/17 23:47:02 | 000,352,256 | ---- | M] (Microsoft Corporation) MD5=E7EF69B38D17BA01F914AE8F66216A38 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=D9F724AA26C010A217C97606B160ED68 -- C:\WINDOWS\system32\drivers\audstub.sys
[2005/04/08 00:25:34 | 000,132,352 | ---- | M] (Broadcom Corporation) MD5=48BF91CFFBCDD12A710207F2A08FEC4D -- C:\WINDOWS\system32\drivers\b57xp32.sys
[2005/03/04 08:21:36 | 000,065,664 | ---- | M] (Broadcom Corporation) MD5=7F72473390FEEE312A66AF045C8EF0F6 -- C:\WINDOWS\system32\drivers\baspxp32.sys
[2001/08/17 23:47:38 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[2004/08/04 00:59:58 | 000,071,552 | ---- | M] (Microsoft Corporation) MD5=E4E6A0922E3D983728C9AD4E8D466954 -- C:\WINDOWS\system32\drivers\bridge.sys
[2008/06/14 13:00:16 | 000,272,128 | ---- | M] (Microsoft Corporation) MD5=28D8EB74C2F2480518C59807A59CD1E2 -- C:\WINDOWS\system32\drivers\bthport.sys
[2001/08/17 23:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) MD5=90A673FC8E12A79AFBED2576F6A7AAF9 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2006/03/02 04:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) MD5=C1B486A7658353D33A10CC15211A873B -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2004/08/04 01:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=CD7D5152DF32B47F4E36F710B35AAE02 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2004/08/04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006/03/02 04:00:00 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) MD5=30274D9BC25A43BF14891E710216EBC4 -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2004/08/04 01:14:28 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=D86173B401470F06D9810F7962969DDF -- C:\WINDOWS\system32\drivers\classpnp.sys
[2006/03/02 04:00:00 | 000,011,776 | ---- | M] (Compaq Computer Corporation) MD5=9624293E55AD405415862B504CA95B73 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2006/03/02 04:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) MD5=80419D8E6DBDB8C25CBAFC8269243CF7 -- C:\WINDOWS\system32\drivers\crusoe.sys
[2004/08/04 00:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2004/08/04 00:59:54 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=D16C81677A9BE399C63CD2EA486472A5 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2004/08/17 17:45:04 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) MD5=E1968EDEC81C430108FEB23AB07BDB14 -- C:\WINDOWS\system32\drivers\dmboot.sys
[2004/08/17 17:45:06 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) MD5=1B1520A82E396E46B9AE9FA6B03FF6C6 -- C:\WINDOWS\system32\drivers\dmio.sys
[2001/08/17 23:58:20 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.)
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“