Kontrola logu

Zpráva

shorty1963 · #31 Příspěvek od **shorty1963** » 07 pro 2010 13:51

Ještě posílám poslední log z Combofix - spuštěný v normálním režimu. Myslím, že problém je pořád stejný.

ComboFix 10-12-06.03 - KratkyJ 07.12.2010 13:33:34.11.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3070.1525 [GMT 1:00]
Spuštěný z: c:\users\KratkyJ\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\64dlls.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\intel64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\Kernel32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\localsys64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\ntos.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\oembios.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra73.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\swin32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twex.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twext.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\wsnpoema.exe
c:\windows\regedit.com
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-07 do 2010-12-07 )))))))))))))))))))))))))))))))
.

2010-12-07 12:43 . 2010-12-07 12:43 -------- d-----w- c:\users\KratkyJ\AppData\Local\temp
2010-12-07 12:43 . 2010-12-07 12:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-12-07 12:43 . 2010-12-07 12:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-07 11:41 . 2010-12-07 11:41 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\smkits
2010-12-07 10:26 . 2010-12-07 10:26 -------- d--h--w- c:\windows\PIF
2010-12-07 07:00 . 2010-12-07 07:00 -------- d---a-w- c:\windows\rundll16.exe
2010-12-07 07:00 . 2010-12-07 07:00 -------- d---a-w- c:\windows\logo1_.exe
2010-12-05 14:05 . 2008-01-21 02:25 134656 ----a-w- c:\windows\R.COM
2010-12-05 14:05 . 2008-01-21 02:25 163840 ----a-w- c:\windows\system32\T.COM
2010-12-05 09:08 . 2010-12-05 09:08 24448 ----a-w- c:\windows\system32\drivers\rkhdrv40.sys
2010-12-05 09:08 . 2009-06-18 11:55 18816 ------w- c:\windows\system32\SAVRKBootTasks.sys
2010-12-03 06:03 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{7F346C85-7D5D-48AC-AD26-D86C3522D7EA}\mpengine.dll
2010-11-29 10:47 . 2010-11-29 10:47 -------- d-----w- c:\users\KratkyJ\AppData\Local\Symantec
2010-11-29 10:46 . 2010-11-29 11:05 167936 ----a-w- c:\windows\system32\drivers\wpshelper.sys
2010-11-29 10:45 . 2010-11-25 10:54 97096 ----a-w- c:\windows\system32\drivers\SysPlant.sys
2010-11-29 10:45 . 2010-11-29 10:45 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-29 10:43 . 2010-11-29 10:46 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-11-29 10:43 . 2010-11-29 10:45 -------- d-----w- c:\program files\Symantec
2010-11-26 12:45 . 2010-11-26 12:45 53248 ----a-r- c:\users\KratkyJ\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-11-26 12:44 . 2010-11-26 12:44 -------- d-----w- c:\program files\Logitech
2010-11-26 12:39 . 2010-08-25 14:41 263272 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-11-26 12:39 . 2009-12-03 16:27 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-11-26 12:37 . 2010-11-26 12:37 -------- d-----w- c:\windows\system32\RTCOM
2010-11-26 12:35 . 2006-02-07 14:40 204800 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2010-11-26 12:35 . 2006-02-07 14:45 757760 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2010-11-26 12:35 . 2006-02-07 14:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2010-11-26 12:35 . 2006-02-07 14:40 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2010-11-26 12:35 . 2005-11-13 22:19 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2010-11-26 12:35 . 2010-11-26 12:35 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2010-11-26 12:35 . 2010-11-26 12:35 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2010-11-26 12:19 . 2010-11-26 12:19 -------- d-----w- C:\NVIDIA
2010-11-26 11:58 . 2010-11-26 11:58 -------- d-----w- c:\program files\Driver-Soft
2010-11-24 05:00 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-21 07:48 . 2010-11-21 07:48 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\BitComet
2010-11-21 07:44 . 2010-11-21 07:44 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\Zbshareware Lab
2010-11-10 05:58 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-07 07:05 . 2010-12-07 07:03 23159038 ----a-w- c:\windows\REGBK44.ZIP
2010-11-30 05:20 . 2010-11-30 05:18 22997742 ----a-w- c:\windows\REGBK43.ZIP
2010-11-29 16:42 . 2009-06-04 20:21 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 16:42 . 2009-06-04 20:21 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-26 12:45 . 2010-05-09 15:06 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-11-26 12:36 . 2008-09-18 07:39 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-10-19 09:41 . 2009-10-03 06:24 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 09:14 . 2010-10-31 12:34 6959616 ----a-w- c:\windows\system32\drivers\NETwNv32.sys
2010-10-16 18:55 . 2010-11-26 12:20 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-10-16 18:55 . 2010-07-25 16:26 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-10-16 18:55 . 2008-06-08 23:23 1719912 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 18:55 . 2008-06-08 23:23 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2010-10-16 11:42 . 2010-10-16 11:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe
2010-10-16 11:42 . 2010-10-16 11:42 279144 ----a-w- c:\windows\system32\nvhotkey.dll
2010-10-16 11:42 . 2010-10-16 11:42 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-10-16 11:42 . 2010-10-16 11:42 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-16 11:42 . 2010-10-16 11:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 11:42 . 2010-10-16 11:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll
2010-10-15 15:00 . 2010-10-15 14:57 21659212 ----a-w- c:\windows\REGBK42.ZIP
2010-10-04 21:02 . 2008-09-18 07:22 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-22 22:21 . 2010-10-23 06:13 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-13 13:56 . 2010-10-13 05:02 8147456 ----a-w- c:\windows\system32\wmploc.DLL
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"Client Access Service"="c:\program files\IBM\Client Access\cwbsvstr.exe" [2005-06-09 20530]
"Client Access Check Version"="c:\program files\IBM\Client Access\cwbckver.exe" [2005-06-09 45106]
"Client Access Express Welcome"="c:\program files\IBM\Client Access\cwbwlwiz.exe" [2005-06-09 20480]
"Client Access PC5250 Sound"="c:\program files\IBM\Client Access\Emulator\pcssnd.exe" [2005-06-09 40960]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-11-25 115560]
"NetTime"="c:\program files\NetTime\NetTime.exe" [2003-01-30 3791032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Users^KratkyJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
path=c:\users\KratkyJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
backup=c:\windows\pss\Logitech . Registrace produktu.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2010-10-28 23:32 1352272 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2010-01-08 18:56 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-11-02 18:28 9808488 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2010-11-25 23888]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2010-01-13 6628352]
R3 rkhdrv40;Rootkit Unhooker Driver; [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [2009-06-18 18816]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2009-10-26 972648]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-11-29 363344]
S2 NetTimeSvc;NetTime;c:\program files\NetTime\NeTmSvNT.exe [2003-01-30 452096]
S2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSI357.tmp [2010-01-22 189696]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 DCamUSBET;USB2.0 1.3M UVC WebCam;c:\windows\system32\DRIVERS\etDevice.sys [2008-10-20 138920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-12-03 102448]
S3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\DRIVERS\etFilter.sys [2008-10-20 21544]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2009-03-23 26624]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-08-24 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-08-24 10448]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-29 20952]
S3 NETwNv32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETwNv32.sys [2010-10-18 6959616]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-09-07 123496]
S3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\DRIVERS\etScan.sys [2008-10-20 13224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 15:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-12-07 c:\windows\Tasks\User_Feed_Synchronization-{5BE08792-9337-42D5-8B1C-76BA4E5D1B15}.job
- c:\windows\system32\msfeedssync.exe [2010-10-13 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://kompas.hzap.local/
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Trusted Zone: ntsd01
Trusted Zone: pproi
DPF: {0D221D00-A6ED-477C-8A91-41F3B660A832} - hxxp://ntsd01/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=biaoeojn20c52q45j1yrl5ev&ControlID=97c13acdd6a9479ca40b6e09030bda69&Culture=1029&UICulture=9&ReportStack=1&OpType=PrintCab
DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxp://ntsd01/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=dmm1sk45nfmtibmthlcb3mi0&ControlID=0292a48b3b4246c3a458c906515d254c&Culture=1029&UICulture=9&ReportStack=1&OpType=PrintCab
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-07 13:45
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSI357.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-12-07 13:46:50
ComboFix-quarantined-files.txt 2010-12-07 12:46

Před spuštěním: Volných bajtů: 28 153 139 200
Po spuštění: Volných bajtů: 28 136 517 632

- - End Of File - - F34979A9EB750D82584239C78F27A3DE

#32 Příspěvek od **Rudy** » 07 pro 2010 19:19

Ještě zkusíme OTL:

Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.

shorty1963 · #33 Příspěvek od **shorty1963** » 07 pro 2010 19:52

Díky moc za radu, provedu zítra, momentálně nemám ten Notebook doma.
Hledal jsem něco na Googlu s tímto problémem a našel jsem následující ten sám problém - nebo aspoň stejné soubory co maže Combofix. Snad je tam uveden i ten Trojan: Trojan.Agent.H.
Posílám odkaz na tu stránku, nechci radit, třeba Vám to pomůže při hledání mého problému.

http://translate.google.cz/translate?hl ... 6prmd%3Div

#34 Příspěvek od **Rudy** » 07 pro 2010 20:28

Tohle ComboFixem jednak nesmažete a jednak rootkity jím nelze ani najít. OTL je polsední možnost, která může věc zachránit.

shorty1963 · #35 Příspěvek od **shorty1963** » 07 pro 2010 20:40

Dobře, pořeším zítra podle návodu, snad to pomůže. Zatím díky.

#36 Příspěvek od **Rudy** » 07 pro 2010 22:11

Zatím není zač!

shorty1963 · #37 Příspěvek od **shorty1963** » 08 pro 2010 10:08

Posílám oba logy.

OTL logfile created on: 8.12.2010 9:46:01 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\KratkyJ\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 133.87 Gb Total Space | 29.55 Gb Free Space | 22.07% Space Free | Partition Type: NTFS
Drive D: | 89.25 Gb Total Space | 19.52 Gb Free Space | 21.88% Space Free | Partition Type: NTFS

Computer Name: KRATKYJVN | User Name: KratkyJ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010.12.07 06:01:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\KratkyJ\Desktop\OTL.exe
PRC - [2010.11.29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010.11.25 11:54:53 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010.11.25 11:54:52 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010.11.25 11:54:51 | 001,881,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010.11.25 11:54:51 | 001,459,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010.11.25 11:54:50 | 001,831,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010.10.29 16:02:56 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.29 16:02:55 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.09.29 08:57:46 | 000,616,448 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.09.22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.06.22 13:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.05.14 09:32:30 | 001,479,680 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2010.05.11 10:16:34 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2010.01.22 11:44:45 | 000,189,696 | ---- | M] (Solid Documents, LLC) -- C:\Windows\Installer\MSI357.tmp
PRC - [2010.01.08 19:55:54 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.10.27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.10.26 15:28:00 | 000,972,648 | ---- | M] (Kerio Technologies Inc.) -- C:\Program Files\Kerio\VPN Client\kvpncsvc.exe
PRC - [2009.04.11 07:28:11 | 001,143,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.24 12:35:46 | 000,053,248 | ---- | M] (IBM Corp) -- C:\notes\ntmulti.exe
PRC - [2009.03.24 12:35:46 | 000,010,240 | ---- | M] (IBM Corp) -- C:\notes\ntaskldr.exe
PRC - [2009.03.24 12:35:40 | 001,114,112 | ---- | M] (IBM Corp) -- C:\notes\nlnotes.exe
PRC - [2009.02.27 06:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009.02.27 05:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.06.17 21:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.06.13 14:22:14 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.02.01 13:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.01.23 14:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2007.12.11 15:13:22 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007.12.04 09:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.28 16:39:36 | 000,229,376 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.11.16 20:33:06 | 000,172,032 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynAsus.exe
PRC - [2007.11.04 18:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.02 20:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.15 10:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.07 23:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.07.05 15:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2006.09.11 03:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2003.01.30 22:35:45 | 000,452,096 | ---- | M] (Subjective Software) -- C:\Program Files\NetTime\NeTmSvNT.exe
PRC - [2003.01.30 22:35:42 | 003,791,032 | ---- | M] (Subjective Software) -- C:\Program Files\NetTime\NetTime.exe

========== Modules (SafeList) ==========

MOD - [2010.12.07 06:01:25 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\KratkyJ\Desktop\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.11.29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.11.25 11:54:53 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010.11.25 11:54:53 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010.11.25 11:54:51 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010.11.25 11:54:51 | 000,349,512 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010.11.25 11:54:50 | 001,831,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010.10.28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.10.16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.09.29 08:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.09.22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.09.22 15:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.17 10:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010.01.22 11:44:45 | 000,189,696 | ---- | M] (Solid Documents, LLC) [Auto | Running] -- C:\Windows\Installer\MSI357.tmp -- (SCPDFReadSpool)
SRV - [2010.01.08 19:55:54 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.10.26 15:28:00 | 000,972,648 | ---- | M] (Kerio Technologies Inc.) [Auto | Running] -- C:\Program Files\Kerio\VPN Client\kvpncsvc.exe -- (KVPNCSvc)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.03.24 12:35:46 | 000,053,248 | ---- | M] (IBM Corp) [Auto | Running] -- C:\notes\ntmulti.exe -- (Multi-user Cleanup Service)
SRV - [2009.02.27 06:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009.02.27 05:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2008.03.18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.02 20:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.08.07 23:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2005.06.09 04:30:00 | 000,057,344 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\Windows\cwbrxd.exe -- (Cwbrxd)
SRV - [2003.01.30 22:35:45 | 000,452,096 | ---- | M] (Subjective Software) [Auto | Running] -- C:\Program Files\NetTime\NeTmSvNT.exe -- (NetTimeSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\KratkyJ\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010.12.08 06:58:06 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101207.039\NAVEX15.SYS -- (NAVEX15)
DRV - [2010.12.08 06:58:06 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20101207.039\NAVENG.SYS -- (NAVENG)
DRV - [2010.12.07 05:57:40 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.12.05 10:08:55 | 000,024,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rkhdrv40.sys -- (rkhdrv40)
DRV - [2010.12.03 06:56:17 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.11.29 12:05:58 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2010.11.29 11:45:21 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.11.25 11:54:56 | 000,043,336 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2010.11.25 11:54:53 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010.11.25 11:54:53 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010.11.25 11:54:53 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010.11.25 11:54:52 | 000,097,096 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)
DRV - [2010.11.25 11:54:52 | 000,067,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2010.11.25 11:54:47 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2010.11.25 11:54:47 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2010.11.25 11:54:46 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010.11.25 11:54:45 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2010.11.02 19:29:14 | 003,228,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.10.18 10:14:22 | 006,959,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNv32.sys -- (NETwNv32) ___ Ovladač adaptéru řady Intel(R)
DRV - [2010.10.16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.09.22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010.09.07 21:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010.08.25 15:41:36 | 000,263,272 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.08.24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010.08.24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.08.24 18:30:40 | 000,040,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2010.08.24 18:30:40 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2010.03.18 10:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.01.13 17:29:54 | 006,628,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Ovladač adaptéru Intel(R)
DRV - [2010.01.08 19:34:12 | 000,331,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.06.25 15:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009.06.25 15:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009.06.25 15:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009.06.18 12:55:41 | 000,018,816 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\SAVRKBootTasks.sys -- (SAVRKBootTasks)
DRV - [2009.03.23 10:25:54 | 000,026,624 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kvnet.sys -- (kvnet)
DRV - [2008.11.03 15:03:28 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.10.20 16:00:02 | 000,013,224 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2008.10.20 15:59:08 | 000,021,544 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2008.10.20 15:58:54 | 000,138,920 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2008.09.04 11:23:57 | 000,099,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.21 13:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008.03.21 05:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.03.17 01:42:22 | 000,081,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.03.17 01:42:20 | 000,100,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2008.03.17 01:42:16 | 000,017,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2008.01.29 03:46:58 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2008.01.21 03:23:51 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:51 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:51 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:51 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:51 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:50 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:50 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:50 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:49 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:49 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:49 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:48 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:48 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:47 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:47 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:46 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:45 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:26 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:26 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:26 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.12.18 16:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007.11.16 21:09:46 | 000,195,760 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.07.24 10:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.16 20:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2007.02.16 01:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006.12.14 23:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 08:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2005.11.04 10:06:52 | 000,048,640 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://kompas.hzap.local/
IE - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.08.04 09:59:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.29 16:02:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.07 15:26:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010.12.05 14:10:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.17 10:16:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.08.24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2008.11.14 15:43:46 | 000,778,240 | ---- | M] (ParallelGraphics) -- C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
[2010.09.17 17:13:57 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.17 17:13:57 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.17 17:13:57 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.17 17:13:57 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.17 17:13:57 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.12.07 13:43:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe ()
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Client Access Express Welcome] C:\Program Files\IBM\Client Access\cwbwlwiz.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Check Version] C:\Program Files\IBM\Client Access\cwbckver.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access PC5250 Sound] C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\IBM\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [NetTime] C:\Program Files\NetTime\NetTime.exe (Subjective Software)
O4 - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll (BitComet)
O15 - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\..Trusted Domains: ntsd01 ([]http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-3634038287-2164415200-2504289352-1000\..Trusted Domains: pproi ([]http in Důvěryhodné servery)
O16 - DPF: {0D221D00-A6ED-477C-8A91-41F3B660A832} http://ntsd01/ReportServer/Reserved.Rep ... e=PrintCab (RSClientPrint 2005 Class)
O16 - DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} http://ntsd01/ReportServer/Reserved.Rep ... e=PrintCab (RSClientPrint 2005 Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinsta ... s-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.41
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\KratkyJ\Dokumenty\ASUS\LifeFrame\Image\image201009130003.jpg
O24 - Desktop BackupWallPaper: C:\Users\KratkyJ\Dokumenty\ASUS\LifeFrame\Image\image201009130003.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave2 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010.12.07 15:01:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.12.07 13:46:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.12.07 13:46:52 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.12.07 13:46:51 | 000,000,000 | ---D | C] -- C:\Users\KratkyJ\AppData\Local\temp
[2010.12.07 11:26:24 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010.12.07 08:00:04 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2010.12.07 08:00:04 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2010.12.05 15:05:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\T.COM
[2010.12.05 15:05:45 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\R.COM
[2010.12.05 10:08:30 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SAVRKBootTasks.sys
[2010.11.29 11:47:01 | 000,000,000 | ---D | C] -- C:\Users\KratkyJ\AppData\Local\Symantec
[2010.11.29 11:46:48 | 000,167,936 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\wpshelper.sys
[2010.11.29 11:45:27 | 000,097,096 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SysPlant.sys
[2010.11.29 11:45:08 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010.11.29 11:44:02 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capicom.dll
[2010.11.29 11:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010.11.29 11:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.11.29 11:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010.11.26 13:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010.11.26 13:39:21 | 000,263,272 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010.11.26 13:37:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.11.26 13:36:10 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.11.26 13:36:10 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.11.26 13:36:10 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.11.26 13:36:10 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.11.26 13:36:10 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.11.26 13:36:10 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.11.26 13:36:09 | 003,633,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.26 13:36:09 | 003,228,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.26 13:36:09 | 001,889,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.26 13:36:09 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.11.26 13:36:09 | 000,461,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.26 13:36:09 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2010.11.26 13:36:09 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2010.11.26 13:36:09 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2010.11.26 13:36:09 | 000,068,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.26 13:36:08 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.11.26 13:36:08 | 001,703,568 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2010.11.26 13:36:08 | 001,336,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.11.26 13:36:08 | 000,561,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.11.26 13:36:08 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.11.26 13:36:08 | 000,339,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2010.11.26 13:36:08 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.11.26 13:36:08 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.11.26 13:36:08 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.11.26 13:36:08 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.11.26 13:36:08 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.11.26 13:36:08 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.11.26 13:36:08 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.11.26 13:36:08 | 000,094,352 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2010.11.26 13:36:08 | 000,078,992 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2010.11.26 13:36:08 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.11.26 13:36:08 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.11.26 13:36:08 | 000,059,536 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2010.11.26 13:36:06 | 001,558,432 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.11.26 13:36:06 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.11.26 13:36:06 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.11.26 13:36:06 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.11.26 13:36:06 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.11.26 13:36:06 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.11.26 13:36:06 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.11.26 13:36:06 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.11.26 13:36:06 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.11.26 13:36:06 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.11.26 13:36:06 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.11.26 13:36:06 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.11.26 13:36:06 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.11.26 13:36:06 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.11.26 13:36:06 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.11.26 13:36:02 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.11.26 13:20:04 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll
[2010.11.26 13:20:04 | 000,123,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2010.11.26 13:20:04 | 000,065,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapo32v.dll
[2010.11.26 13:20:04 | 000,026,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2010.11.26 13:20:02 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.11.26 13:20:01 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.11.26 13:20:01 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.11.26 13:20:01 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.11.26 13:20:01 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.11.26 13:20:01 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2010.11.26 13:20:01 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2010.11.26 13:20:01 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.11.26 13:20:01 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.11.26 13:20:00 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.11.26 13:19:02 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.11.26 13:01:36 | 000,000,000 | ---D | C] -- C:\Users\KratkyJ\Documents\DriverGenius
[2010.11.26 12:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2010.11.25 11:54:56 | 000,353,608 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\sysfer.dll
[2010.11.25 11:54:56 | 000,107,848 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\SymVPN.dll
[2010.11.25 11:54:56 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2010.11.25 11:54:56 | 000,087,368 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\FwsVpn.dll
[2010.11.25 11:54:56 | 000,043,336 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\WPSDRVnt.sys
[2010.11.25 11:54:53 | 000,320,944 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspl.sys
[2010.11.25 11:54:53 | 000,283,184 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\srtsp.sys
[2010.11.25 11:54:53 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspx.sys
[2010.11.25 11:54:52 | 000,067,472 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\Teefer2.sys
[2010.11.25 11:54:47 | 000,188,080 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symtdi.sys
[2010.11.25 11:54:47 | 000,038,448 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symndisv.sys
[2010.11.25 11:54:47 | 000,026,416 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symredrv.sys
[2010.11.25 11:54:46 | 000,145,968 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symfw.sys
[2010.11.25 11:54:46 | 000,039,856 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symids.sys
[2010.11.25 11:54:46 | 000,012,720 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\symdns.sys
[2010.11.25 11:54:45 | 000,023,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\COH_Mon.sys
[2010.10.31 13:34:32 | 006,959,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETwNv32.sys
[2010.10.29 19:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.10.28 08:53:58 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.10.28 08:53:29 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.10.27 05:58:01 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.27 05:57:59 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.27 05:57:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.23 07:14:05 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2010.10.23 07:13:52 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32

shorty1963 · #38 Příspěvek od **shorty1963** » 08 pro 2010 10:09

\drivers\fssfltr.sys
[2010.10.23 07:11:58 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.10.23 07:11:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.10.23 07:11:58 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.10.23 06:57:44 | 000,000,000 | ---D | C] -- C:\Users\KratkyJ\AppData\Local\Windows Live
[2010.10.23 06:57:20 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2010.10.22 19:40:29 | 000,000,000 | ---D | C] -- C:\Users\KratkyJ\AppData\Local\Innovative Solutions
[2010.10.16 12:42:46 | 001,881,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.10.16 12:42:46 | 000,279,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll
[2010.10.16 12:42:46 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010.10.16 12:42:42 | 003,420,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.10.16 12:42:38 | 002,079,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010.10.15 18:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.2
[2010.10.13 06:03:26 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.13 06:03:19 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.13 06:02:59 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.13 06:02:52 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.13 06:02:51 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.13 06:02:42 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.13 06:02:42 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.13 06:02:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.13 06:02:41 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.13 06:02:40 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.13 06:02:40 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.13 06:02:40 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.13 06:02:40 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.13 06:02:40 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.13 06:02:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.13 06:02:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.13 06:02:40 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.13 06:02:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.13 06:02:39 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.13 06:02:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.13 06:02:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.13 06:02:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.13 06:02:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.13 06:02:24 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.13 06:02:22 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.09.29 05:57:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.22 23:32:56 | 000,301,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.09.15 05:58:58 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2008.11.03 15:03:28 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 90 Days ==========

[2010.12.08 08:52:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.08 08:52:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.08 07:11:56 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5BE08792-9337-42D5-8B1C-76BA4E5D1B15}.job
[2010.12.08 06:50:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.08 06:50:27 | 3220,201,472 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.07 15:30:53 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.12.07 13:43:51 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.12.07 08:05:24 | 023,159,038 | ---- | M] () -- C:\Windows\REGBK44.ZIP
[2010.12.07 08:00:04 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2010.12.06 16:13:54 | 000,029,149 | ---- | M] () -- C:\Users\KratkyJ\Documents\pinfect.zip
[2010.12.05 19:51:28 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101207-124353.backup
[2010.12.05 14:20:32 | 000,381,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.05 10:08:55 | 000,024,448 | ---- | M] () -- C:\Windows\System32\drivers\rkhdrv40.sys
[2010.12.04 19:40:00 | 000,610,718 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.12.04 19:40:00 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.04 19:40:00 | 000,119,286 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.12.04 19:40:00 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.04 12:14:54 | 000,000,230 | -HS- | M] () -- C:\Windows\setup_9.0.0.722_12.07.2010_11-58drv.spi
[2010.12.03 11:37:15 | 002,335,270 | ---- | M] () -- C:\Windows\System32\12129AE.mht
[2010.11.30 10:08:01 | 000,425,927 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.10934292
[2010.11.30 06:20:55 | 022,997,742 | ---- | M] () -- C:\Windows\REGBK43.ZIP
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.29 12:05:58 | 000,167,936 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\wpshelper.sys
[2010.11.29 11:45:21 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010.11.29 11:45:21 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010.11.29 11:45:21 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010.11.26 17:32:23 | 000,134,144 | ---- | M] () -- C:\Users\KratkyJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.26 13:45:18 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
[2010.11.26 13:36:13 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.11.25 11:54:56 | 000,353,608 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\sysfer.dll
[2010.11.25 11:54:56 | 000,107,848 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\SymVPN.dll
[2010.11.25 11:54:56 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2010.11.25 11:54:56 | 000,087,368 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\FwsVpn.dll
[2010.11.25 11:54:56 | 000,043,336 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\WPSDRVnt.sys
[2010.11.25 11:54:53 | 000,320,944 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspl.sys
[2010.11.25 11:54:53 | 000,283,184 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtsp.sys
[2010.11.25 11:54:53 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\srtspx.sys
[2010.11.25 11:54:53 | 000,007,442 | ---- | M] () -- C:\Windows\System32\drivers\srtspx.cat
[2010.11.25 11:54:53 | 000,007,442 | ---- | M] () -- C:\Windows\System32\drivers\srtspl.cat
[2010.11.25 11:54:53 | 000,007,438 | ---- | M] () -- C:\Windows\System32\drivers\srtsp.cat
[2010.11.25 11:54:53 | 000,001,430 | ---- | M] () -- C:\Windows\System32\drivers\srtspl.inf
[2010.11.25 11:54:53 | 000,001,421 | ---- | M] () -- C:\Windows\System32\drivers\srtspx.inf
[2010.11.25 11:54:53 | 000,001,415 | ---- | M] () -- C:\Windows\System32\drivers\srtsp.inf
[2010.11.25 11:54:52 | 000,097,096 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SysPlant.sys
[2010.11.25 11:54:52 | 000,067,472 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\Teefer2.sys
[2010.11.25 11:54:47 | 000,188,080 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symtdi.sys
[2010.11.25 11:54:47 | 000,038,448 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symndisv.sys
[2010.11.25 11:54:47 | 000,026,416 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symredrv.sys
[2010.11.25 11:54:47 | 000,009,892 | ---- | M] () -- C:\Windows\System32\drivers\SymRedir.cat
[2010.11.25 11:54:47 | 000,001,356 | ---- | M] () -- C:\Windows\System32\drivers\SymRedir.inf
[2010.11.25 11:54:46 | 000,145,968 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symfw.sys
[2010.11.25 11:54:46 | 000,039,856 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symids.sys
[2010.11.25 11:54:46 | 000,012,720 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\symdns.sys
[2010.11.25 11:54:45 | 000,023,888 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\COH_Mon.sys
[2010.11.25 11:54:45 | 000,010,537 | ---- | M] () -- C:\Windows\System32\drivers\coh_mon.cat
[2010.11.25 11:54:45 | 000,000,706 | ---- | M] () -- C:\Windows\System32\drivers\COH_Mon.inf
[2010.11.07 10:26:29 | 000,000,736 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101130-100801.backup
[2010.11.02 19:29:26 | 001,084,008 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.11.02 19:29:14 | 003,228,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.02 19:29:14 | 001,889,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.02 19:29:02 | 000,068,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.02 19:28:52 | 003,633,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.02 19:28:52 | 000,461,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.02 19:28:28 | 000,561,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.11.02 19:28:28 | 000,406,120 | ---- | M] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.11.02 19:28:16 | 001,132,648 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.11.02 19:28:16 | 000,962,664 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.11.02 19:28:16 | 000,429,160 | ---- | M] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.11.02 19:28:16 | 000,291,432 | ---- | M] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.11.02 19:28:06 | 000,224,360 | ---- | M] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.11.02 19:28:06 | 000,107,112 | ---- | M] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.11.02 19:28:06 | 000,107,112 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.11.02 19:28:06 | 000,106,600 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.11.02 19:27:54 | 000,901,224 | ---- | M] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.11.02 19:27:54 | 000,448,616 | ---- | M] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.11.02 19:27:54 | 000,236,648 | ---- | M] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.10.28 10:46:00 | 001,251,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.10.26 13:02:26 | 001,558,432 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.10.26 09:15:58 | 001,703,568 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2010.10.26 09:15:58 | 000,339,600 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2010.10.26 09:15:58 | 000,094,352 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2010.10.26 09:15:58 | 000,059,536 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2010.10.26 09:15:56 | 000,078,992 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2010.10.24 14:40:50 | 000,423,221 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.71084511
[2010.10.22 18:54:45 | 000,000,736 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101024-154050.backup
[2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.10.18 10:14:22 | 006,959,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETwNv32.sys
[2010.10.17 09:00:12 | 000,422,411 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.31974477
[2010.10.16 19:55:00 | 014,899,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.10.16 19:55:00 | 013,019,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.10.16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.10.16 19:55:00 | 010,023,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.10.16 19:55:00 | 005,473,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.10.16 19:55:00 | 004,837,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.10.16 19:55:00 | 002,912,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.10.16 19:55:00 | 002,666,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.10.16 19:55:00 | 001,719,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.10.16 19:55:00 | 000,888,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2010.10.16 19:55:00 | 000,813,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2010.10.16 19:55:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.10.16 19:55:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.10.16 19:55:00 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010.10.16 12:42:46 | 001,881,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.10.16 12:42:46 | 000,279,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll
[2010.10.16 12:42:46 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010.10.16 12:42:42 | 003,420,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.10.16 12:42:38 | 002,079,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010.10.15 16:00:21 | 000,000,736 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101017-100012.backup
[2010.10.15 16:00:08 | 021,659,212 | ---- | M] () -- C:\Windows\REGBK42.ZIP
[2010.10.04 22:02:56 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010.10.04 16:12:30 | 001,725,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.10.04 16:12:24 | 001,336,664 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.10.03 13:45:56 | 000,259,928 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.09.27 09:34:58 | 000,232,792 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.09.22 23:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.09.22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.09.18 15:58:57 | 000,419,522 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.19176579
[2010.09.13 14:56:41 | 008,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL

========== Files Created - No Company Name ==========

[2010.12.07 11:32:55 | 3220,201,472 | -HS- | C] () -- C:\hiberfil.sys
[2010.12.07 08:03:05 | 023,159,038 | ---- | C] () -- C:\Windows\REGBK44.ZIP
[2010.12.05 10:08:55 | 000,024,448 | ---- | C] () -- C:\Windows\System32\drivers\rkhdrv40.sys
[2010.12.04 12:14:54 | 000,000,230 | -HS- | C] () -- C:\Windows\setup_9.0.0.722_12.07.2010_11-58drv.spi
[2010.12.03 11:37:14 | 002,335,270 | ---- | C] () -- C:\Windows\System32\12129AE.mht
[2010.11.30 06:18:35 | 022,997,742 | ---- | C] () -- C:\Windows\REGBK43.ZIP
[2010.11.29 11:45:08 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010.11.29 11:45:08 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010.11.26 13:39:21 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.11.26 13:20:01 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.11.25 11:54:53 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\srtspx.cat
[2010.11.25 11:54:53 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\srtspl.cat
[2010.11.25 11:54:53 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\srtsp.cat
[2010.11.25 11:54:53 | 000,001,430 | ---- | C] () -- C:\Windows\System32\drivers\srtspl.inf
[2010.11.25 11:54:53 | 000,001,421 | ---- | C] () -- C:\Windows\System32\drivers\srtspx.inf
[2010.11.25 11:54:53 | 000,001,415 | ---- | C] () -- C:\Windows\System32\drivers\srtsp.inf
[2010.11.25 11:54:47 | 000,009,892 | ---- | C] () -- C:\Windows\System32\drivers\SymRedir.cat
[2010.11.25 11:54:47 | 000,001,356 | ---- | C] () -- C:\Windows\System32\drivers\SymRedir.inf
[2010.11.25 11:54:45 | 000,010,537 | ---- | C] () -- C:\Windows\System32\drivers\coh_mon.cat
[2010.11.25 11:54:45 | 000,000,706 | ---- | C] () -- C:\Windows\System32\drivers\COH_Mon.inf
[2010.10.15 15:57:57 | 021,659,212 | ---- | C] () -- C:\Windows\REGBK42.ZIP
[2010.01.21 19:46:41 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.01.21 19:46:34 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.01.21 19:46:34 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.01.21 19:46:31 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010.01.21 19:46:23 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.12.24 19:09:02 | 000,233,472 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.12.05 16:26:46 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.11.15 15:55:21 | 000,001,201 | ---- | C] () -- C:\Windows\wininit.ini
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.12 17:31:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.02 18:41:24 | 000,002,935 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.04.05 09:00:06 | 000,544,256 | ---- | C] () -- C:\Windows\System32\janGraphics.dll
[2009.03.08 17:26:08 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2009.02.22 12:04:51 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.02.11 12:43:42 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2009.02.11 12:43:42 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2008.11.30 18:40:51 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008.11.23 13:12:03 | 000,021,248 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll
[2008.11.23 13:12:03 | 000,013,568 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll
[2008.11.23 11:58:02 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.09.25 18:30:37 | 000,045,056 | ---- | C] () -- C:\Windows\TRNOEH.DLL
[2008.09.25 18:30:10 | 000,000,033 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2008.09.25 18:29:14 | 000,002,753 | ---- | C] () -- C:\Windows\UN32P.INI
[2008.09.24 14:15:40 | 000,000,248 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.09.23 07:19:24 | 000,000,121 | ---- | C] () -- C:\Windows\odbcinst.ini
[2008.09.22 08:43:01 | 000,000,251 | ---- | C] () -- C:\Windows\System32\drivers\hlldrvr.sys
[2008.09.22 08:42:07 | 000,172,032 | ---- | C] () -- C:\Windows\System32\cwbrw.dll
[2008.09.22 08:42:07 | 000,024,576 | ---- | C] () -- C:\Windows\System32\cwbsv.dll
[2008.09.22 08:42:07 | 000,020,480 | ---- | C] () -- C:\Windows\System32\cwbwiz.dll
[2008.09.22 08:42:07 | 000,020,480 | ---- | C] () -- C:\Windows\System32\cwbsy.dll
[2008.09.22 08:42:07 | 000,020,480 | ---- | C] () -- C:\Windows\System32\cwbnl.dll
[2008.09.22 08:42:07 | 000,020,480 | ---- | C] () -- C:\Windows\System32\cwbco.dll
[2008.09.22 08:42:07 | 000,016,384 | ---- | C] () -- C:\Windows\System32\cwbnldlg.dll
[2008.09.22 08:42:07 | 000,016,384 | ---- | C] () -- C:\Windows\System32\cwbad.dll
[2008.09.19 16:34:25 | 000,134,144 | ---- | C] () -- C:\Users\KratkyJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.19 09:56:23 | 000,241,664 | ---- | C] () -- C:\Windows\System32\hppapr04.DLL
[2008.09.18 08:44:28 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.09.18 08:14:14 | 000,000,680 | ---- | C] () -- C:\Users\KratkyJ\AppData\Local\d3d9caps.dat
[2008.07.02 12:50:35 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOAZXA_L.DLL
[2008.07.02 12:47:38 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOAZXJ_L.DLL
[2008.07.02 12:46:42 | 000,098,304 | ---- | C] () -- C:\Windows\System32\KMTIGBC.dll
[2008.07.02 12:46:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\KMTIGSN.dll
[2008.07.02 12:46:42 | 000,049,152 | ---- | C] () -- C:\Windows\System32\KMTIGBD.dll
[2008.04.17 13:00:34 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007.12.28 08:22:04 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.04.03 15:30:00 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2000.03.29 21:00:00 | 000,125,440 | ---- | C] () -- C:\Windows\System32\UNZDLL.DLL
[1999.08.11 14:28:02 | 000,101,888 | ---- | C] () -- C:\Windows\System32\LIBBZ2.DLL
[1999.05.21 20:10:00 | 000,129,024 | ---- | C] () -- C:\Windows\System32\ZIPDLL.DLL
[1998.05.06 20:10:00 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll

========== LOP Check ==========

[2010.12.07 15:30:54 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.08 07:11:56 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5BE08792-9337-42D5-8B1C-76BA4E5D1B15}.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM" = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler -- [2006.09.11 03:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2010.05.14 09:32:30 | 001,479,680 | ---- | M] (Nokia)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.21 03:25:56 | 000,202,240 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.09.19 14:22:32 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Adobe
[2010.07.26 07:23:09 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Apple Computer
[2010.11.21 08:48:24 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\BitComet
[2008.09.25 17:07:36 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\CyberLink
[2010.07.26 05:52:27 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\dvdcss
[2008.09.29 16:31:23 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\f2fIntermediate
[2010.05.22 19:11:09 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Facebook
[2008.09.23 14:35:42 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\FinePrint
[2010.07.30 14:05:22 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\GHISLER
[2010.02.07 08:47:52 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Google
[2010.12.04 21:51:20 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\ICQ
[2008.09.18 08:15:50 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Identities
[2010.06.01 10:03:21 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\InstallShield
[2009.08.15 09:52:14 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Intel
[2010.08.23 07:01:46 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\IrfanView
[2009.02.13 08:48:43 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\JLC's Software
[2009.11.17 14:26:22 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Kerio
[2010.08.23 07:01:46 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\LangSoft
[2010.05.09 16:07:31 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Leadertech
[2010.05.02 17:18:48 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Logishrd
[2010.05.09 16:07:38 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Logitech
[2010.07.04 07:22:45 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Macromedia
[2009.04.13 16:14:15 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Malwarebytes
[2010.05.28 06:21:46 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Media Player Classic
[2010.11.26 13:45:49 | 000,000,000 | --SD | M] -- C:\Users\KratkyJ\AppData\Roaming\Microsoft
[2008.09.19 17:22:16 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Mozilla
[2010.01.08 17:20:36 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Nokia
[2009.11.22 19:23:33 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Nokia Ovi Suite
[2009.12.24 18:32:12 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\PC Suite
[2008.09.27 16:08:49 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\PeerNetworking
[2010.08.14 19:37:41 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Real
[2010.12.08 08:49:51 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\smkits
[2010.10.21 13:23:48 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\SolidDocuments
[2008.09.23 09:29:12 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Sun
[2009.07.29 19:49:29 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Thinstall
[2009.07.04 19:37:42 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\TweakNow RegCleaner
[2010.04.17 14:44:47 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\U3
[2010.11.07 15:29:40 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\vlc
[2010.10.03 18:51:43 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Winamp
[2010.11.21 08:44:43 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Zbshareware Lab
[2010.11.07 10:03:54 | 000,000,000 | ---D | M] -- C:\Users\KratkyJ\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010.11.26 13:45:49 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\KratkyJ\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2007.12.30 05:01:18 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Users\KratkyJ\AppData\Roaming\Mozilla\Firefox\Profiles\iq10jbgw.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.30 05:01:18 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Users\KratkyJ\AppData\Roaming\Mozilla\Firefox\Profiles\iq10jbgw.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
[2006.12.14 09:00:02 | 000,110,592 | ---- | M] () -- C:\Users\KratkyJ\AppData\Roaming\U3\temp\cleanup.exe
[2007.02.12 16:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Users\KratkyJ\AppData\Roaming\U3\temp\Launchpad Removal.exe
[2010.11.07 09:57:12 | 007,383,104 | ---- | M] (ZONER software ) -- C:\Users\KratkyJ\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe
[2010.11.07 09:26:33 | 012,452,064 | ---- | M] (ZONER software ) -- C:\Users\KratkyJ\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build02.exe

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp3.cab:AGP440.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp3.cab:AGP440.sys
[2008.01.21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp2.cab:atapi.sys
[2002.09.20 21:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp1.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp3.cab:atapi.sys
[2002.09.20 19:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp1.cab:atapi.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp3.cab:atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:25:09 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\AUTOCHK.EXE
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\AUTOCHK.EXE
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\AUTOCHK.EXE

< MD5 for: CDROM.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp2.cab:cdrom.sys
[2002.09.20 21:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp1.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp3.cab:cdrom.sys
[2002.09.20 19:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp1.cab:cdrom.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp3.cab:cdrom.sys
[2008.01.21 03:23:28 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 03:23:28 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008.01.21 03:24:57 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2007.01.12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp2.cab:hal.dll
[2002.09.20 21:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp1.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp3.cab:hal.dll
[2002.09.20 19:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp1.cab:hal.dll
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp3.cab:hal.dll
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp3.cab:Changer.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2009.08.07 12:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_cb5f32fe\iaStor.sys
[2009.08.07 12:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\DriverStore\Temp\iaahci.inf_cb5f32fe\iaStor.sys
[2008.05.07 10:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys
[2009.06.04 23:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_0813ee45\iaStor.sys
[2010.01.08 19:34:12 | 000,331,288 | ---- | M] (Intel Corporation) MD5=D9D3F168A2FD4C2380D98821A3FF3357 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2010.01.08 19:34:12 | 000,331,288 | ---- | M] (Intel Corporation) MD5=D9D3F168A2FD4C2380D98821A3FF3357 -- C:\Windows\System32\drivers\iaStor.sys
[2010.01.08 19:34:12 | 000,331,288 | ---- | M] (Intel Corporation) MD5=D9D3F168A2FD4C2380D98821A3FF3357 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_f4e00050\iaStor.sys
[2010.01.08 19:45:26 | 000,409,112 | ---- | M] (Intel Corporation) MD5=DC0B4553D089E2BD07AEBD9EA30BEAFB -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\sp3.cab:isapnp.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\sp3.cab:isapnp.sys
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 03:23:26 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 03:23:26 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 03:23:26 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 03:23:26 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 03:23:26 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\ERDNT\cache\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 03:24:43 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 03:24:43 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 03:24:43 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 03:24:15 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[1994.09.04 08:07:02 | 000,107,812 | R--- | M] () MD5=EDE3814D47F3F103771DBC1590D6B177 -- C:\Users\KratkyJ\Downloads\Nové-Ivet-PC\Nová složka\e45xv110\WINNT31\NDIS.SYS

< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:31 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 03:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 03:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 03:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 03:25:18 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.21 03:24:14 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2004.08.17 15:49:28 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\Users\KratkyJ\Downloads\Instal\Windows\Win XP SP2 cz\WINXPSP2CZ-PiSO\I386\SYSTEM32\SMSS.EXE
[2008.04.14 07:52:52 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP pro SP3\Windows XP pro SP3\I386\SYSTEM32\SMSS.EXE
[2008.04.14 07:52:52 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\Users\KratkyJ\Downloads\Instal\Windows\Windows XP professional SP3 32 bit CZ + key ISO\Windows XP professional SP3 32 bit. CZ\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.01.21 03:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.01.21 03:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 03:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

shorty1963 · #39 Příspěvek od **shorty1963** » 08 pro 2010 10:10

< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\ERDNT\cache\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 03:25:29 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 03:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 03:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:25:17 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 03:25:16 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\ERDNT\cache\ws2_32.dll
[2008.01.21 03:25:16 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.21 03:25:16 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010.11.25 11:54:56 | 000,087,368 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\FwsVpn.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2010.11.25 11:54:56 | 000,107,848 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\SymVPN.dll
[2010.11.25 11:54:56 | 000,353,608 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\sysfer.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.25 11:54:52 | 000,097,096 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\SysPlant.sys
[2010.11.25 11:54:52 | 000,067,472 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\Teefer2.sys
[2010.11.25 11:54:56 | 000,043,336 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\WPSDRVnt.sys
[2010.11.29 12:05:58 | 000,167,936 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\drivers\wpshelper.sys

< %systemroot%\System32\config\*.sav >
[2008.01.21 04:20:25 | 017,223,680 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:20:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:20:25 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 12:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 12:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010.11.25 11:54:56 | 000,087,368 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\FwsVpn.dll
[2009.04.11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2010.11.25 11:54:56 | 000,107,848 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\SymVPN.dll
[2010.11.25 11:54:56 | 000,353,608 | ---- | M] (Symantec Corporation) Unable to obtain MD5 -- C:\Windows\System32\sysfer.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.12.05 10:08:55 | 000,024,448 | ---- | M] () -- C:\Windows\System32\drivers\rkhdrv40.sys

< %systemroot%\system32\*.* /3 >
[2010.12.08 08:52:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.08 08:52:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.05 14:20:32 | 000,381,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Alternate Data Streams ==========

@Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:DF462FF6
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

shorty1963 · #40 Příspěvek od **shorty1963** » 08 pro 2010 10:10

OTL Extras logfile created on: 8.12.2010 9:46:01 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\KratkyJ\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 133.87 Gb Total Space | 29.55 Gb Free Space | 22.07% Space Free | Partition Type: NTFS
Drive D: | 89.25 Gb Total Space | 19.52 Gb Free Space | 21.88% Space Free | Partition Type: NTFS

Computer Name: KRATKYJVN | User Name: KratkyJ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EE88099-B724-4FA4-8CDD-F18DB4CBCAC2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{133C7421-57CA-4690-9310-8C675548F777}" = lport=139 | protocol=6 | dir=in | app=system |
"{1EC3D4C3-40D5-4E41-A4B3-A88B28F8F878}" = lport=8393 | protocol=17 | dir=in | name=bitcomet 8393 udp |
"{20701FF1-A10B-46F4-AB6E-A14FE61BA2C4}" = rport=137 | protocol=17 | dir=out | app=system |
"{2B770C00-263D-4DC5-AD2B-910D381218CE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3046D6A1-5334-4B01-8FBE-4766D755328C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E2FF17D-79A4-4CE3-81F3-91B2CB498FA0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{49B9D6DB-5E23-4A72-AA5A-AE2E8A5449E6}" = rport=139 | protocol=6 | dir=out | app=system |
"{5224EA2A-B9C2-44A9-A682-CD35C3A392F9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{59FC7E71-7939-490D-BD8F-702166751BAD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{742D593B-BF4C-4BEC-A2A6-543D67C60876}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{78A93E7B-8D0E-4808-8422-059DC529122C}" = rport=445 | protocol=6 | dir=out | app=system |
"{7CAE2B70-04FA-4C9D-B72A-F3BE2C4012A7}" = lport=138 | protocol=17 | dir=in | app=system |
"{9113821C-6FFD-4D75-B394-D6F305496EE7}" = lport=8393 | protocol=17 | dir=in | name=bitcomet 8393 udp |
"{93B5EC55-1D73-4EB6-8335-B2186BC6567D}" = lport=8393 | protocol=6 | dir=in | name=bitcomet 8393 tcp |
"{BAADB080-4F40-4CAE-BB31-C777EED69FAB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BD5DD554-7E73-44D8-8C46-7E554EDFE1E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8E787C3-C2C7-4B57-928C-9CE37D348847}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{CF2AC033-0BE2-4417-B247-26591313B6A4}" = lport=8393 | protocol=6 | dir=in | name=bitcomet 8393 tcp |
"{D4FF5060-33FB-49F1-8D2A-A346E77AAD97}" = lport=137 | protocol=17 | dir=in | app=system |
"{DBE02FEA-6E14-4258-97DF-F49AC3C4FFE5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=sdílení souborů a tiskáren (služba zařazování tisku – rpc-epmap) |
"{E6C0F5E5-4A41-4677-9B31-901749891CF8}" = rport=138 | protocol=17 | dir=out | app=system |
"{F5385357-F457-499D-AB38-A8CBFD510695}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FBEAFED9-80B2-486D-AFE5-652E3448BD0B}" = lport=445 | protocol=6 | dir=in | app=system |
"{FEFC07A8-7012-4F25-9A05-9F09DE89460C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E94CB3-EF75-4E9A-9EAA-099C9C1D7807}" = protocol=17 | dir=in | app=c:\users\kratkyj\appdata\roaming\facebook\facebook.exe |
"{06311B6F-890E-4E4B-885A-15365F5F745F}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{0C26F81E-FD8E-4EC1-84FE-C0CD6351E430}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E7DF1C9-32FB-48DD-8F3E-3A68B3DBA5BD}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{18525E81-996D-4FD0-822E-8354B2F60FE9}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{1AC3C587-47AA-4A44-9C8B-701E78DA42DF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1E6EE5F5-AC63-4C6F-B22B-F425E8A49BF2}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{25AE154D-41B5-4458-A2FC-D5B697FD203F}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{2BA7D847-BE2F-41C2-A80B-6292B02A2CFE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{2D4F7F3D-629A-4B8D-AD82-C8756354D3C9}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{323FC0F5-76F4-4C6B-8BCB-62059BE8380B}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{35E8D651-41EB-46D4-B324-08D8A7A5D137}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{3715EB44-21F9-437D-B9B8-43FC842C66BD}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{39813483-4DC2-4476-AC66-DCB00DDAC468}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3A3F3654-A81C-4433-ABF9-B33783C9B2F6}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{3F671D7B-4537-4C17-B387-E070C76FD5DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3FDCE20E-307B-490C-85D5-AE3903831716}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{44FFA1D2-0B76-4014-A10F-C10079031EB0}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{4BA4BF77-5E4C-4A69-AC3F-15F319EE94DC}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{57DD51D6-E463-4D5F-90B4-ED662FC318B1}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{5F882F59-568E-40E7-ABB1-77F83913DB5D}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{683A9491-AE71-40ED-B3A9-8B4DA420AA20}" = protocol=1 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-out) |
"{6E3D2925-9CE5-4EA0-916F-37AEB68EE913}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{75642C0C-534D-4EE3-94EC-45F486556B7C}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{85FCDB64-43EB-4041-A5F8-81C45C7FEF01}" = protocol=58 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-in) |
"{8FCB37E5-C409-421B-A6AC-6CDE0201E188}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{9687A823-A574-45A2-BF57-624EDE8A8EAB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{AA880808-4D5F-4431-9B55-E41F3DE1D690}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{B6CF66E9-7E08-4000-9CFE-161AE87817FA}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{BE1E8EAF-A5E9-441E-8425-A717FE999F8A}" = protocol=58 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-out) |
"{C2E9EF87-0961-4274-BAB1-674A4846831D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{C4C00C61-A54A-4D7B-AF64-90F309145D28}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{D1DA6898-82C6-47A6-873D-832BCD488697}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D27376DC-9B62-425A-8572-E108E719D3FB}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D3C95CBD-B572-4B37-837D-BCD0FC314C38}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D3F88633-5F18-449B-8D31-63AE4437FCDC}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D8268AE3-9481-4949-AF59-2F286D81BF79}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{DF6C6FB4-E08A-4571-AA3A-2A74C1CC7EF7}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{E8285517-46F9-4578-BB51-652C1BC47EFB}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F0A09218-79FB-4AC6-BE39-1208362B5BD2}" = protocol=6 | dir=in | app=c:\users\kratkyj\appdata\roaming\facebook\facebook.exe |
"{F1F1A100-7BC6-4AD8-A760-DC9C1F4ED376}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{F4C8EBE1-CA66-4F9D-83D8-83FCFDFE2C72}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{F5B73C7D-D2B2-4461-8634-D61D21617E54}" = protocol=1 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-in) |
"{FDB9A319-A2E3-4EFE-9C65-8054A00A6E8F}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{2BB10757-5766-4C39-A584-E8E044721384}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{52EF6D4A-E71E-45E3-8486-C85D966916C8}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{6BA417EF-6A9B-4423-9419-F314BCB5EACC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{6E13E89E-B4AF-44F8-B7FE-E281FD65C251}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{75F596E9-A1E3-4844-A599-93538AC29F40}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{81039A42-9FA3-49AD-8A6C-5F670E252B4A}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{8FA3E85E-D0F7-4F1D-B372-3A152DF004A8}C:\program files\mapview\map_view.exe" = protocol=6 | dir=in | app=c:\program files\mapview\map_view.exe |
"TCP Query User{90AB8B30-3283-40A7-B385-FF6AE685793F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{945C7390-D6BA-4BF6-9419-7C6C7C02CD77}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{94FDCBAF-531A-419C-9D2B-6A9464F20F10}C:\program files\jlc's software\internet tv\internet tv.exe" = protocol=6 | dir=in | app=c:\program files\jlc's software\internet tv\internet tv.exe |
"TCP Query User{9A1B18C7-357B-48FD-8138-B8CD65DF14C8}C:\users\kratkyj\downloads\vdtv_1_0_0_40\vdtv\vdtv.exe" = protocol=6 | dir=in | app=c:\users\kratkyj\downloads\vdtv_1_0_0_40\vdtv\vdtv.exe |
"TCP Query User{9B9A6906-D2CB-411E-B732-1B2DCD6F6C47}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{A38AD6B8-5C7A-4880-A1EC-0E3F05CB447B}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{A4968E5F-D494-4FEC-AE41-41AA3C809EB8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{D9E98337-70C7-4542-952D-B8AA23750372}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{DA51416E-299A-41AA-9F01-17B7061BC44B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DD2D2F43-D580-4847-BD27-DAB4F9DFBC50}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{E9218E85-002A-44A2-8139-A7AC79873607}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{01D9E0CD-73C3-47A6-82C7-3161D396FCA0}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{1CB339A0-8E81-4C9B-8FFC-0F8D7097C946}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{24BCF73D-8A18-4BFC-8C2A-E6E22D073646}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{299DD93E-15CC-46F2-881A-A8CF5FAED3F9}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{360197C4-DF3C-4062-B526-27A61548B24C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{3DB5551E-6F20-4DD3-95C7-84286A49F671}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{524AB3FD-DFEA-4B28-97DB-A197BFFC3426}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{618E2C90-9401-4ADF-945E-AF8910BFBEF5}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{6F23EA46-59AB-4741-A161-91B673772396}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{74D6CB04-E503-4FF4-8EB6-E89F9E712597}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{A196EE57-B566-4BA6-A278-453C36AD742B}C:\users\kratkyj\downloads\vdtv_1_0_0_40\vdtv\vdtv.exe" = protocol=17 | dir=in | app=c:\users\kratkyj\downloads\vdtv_1_0_0_40\vdtv\vdtv.exe |
"UDP Query User{AB4EB8AE-A0BE-4B02-A76C-3C2D78686EE1}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{BD134945-1C7F-4EB8-AFB5-980EC773551D}C:\program files\jlc's software\internet tv\internet tv.exe" = protocol=17 | dir=in | app=c:\program files\jlc's software\internet tv\internet tv.exe |
"UDP Query User{C81FDAAD-32DE-4C3A-8E2F-D21779C20D25}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{D19C5245-1D13-4110-A98A-8D1BADBA90A3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D365A366-E023-46F7-9141-67DC6EE2328F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DC52B8AC-15C3-46CD-BA0D-DE98140739AF}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{EF9A8F1C-D0AD-45B1-98D5-F5B77C7C30A5}C:\program files\mapview\map_view.exe" = protocol=17 | dir=in | app=c:\program files\mapview\map_view.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero Burning ROM Help
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}" = Symantec Endpoint Protection
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{56BFAA6E-2BCC-4AED-9233-84731E66B205}" = Solid Converter PDF
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5EF37456-E8FF-4E9E-8CAC-9FD66A40E46E}" = Lotus Notes 7.0.4 cs
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{650E2ABD-270A-499C-BA9F-09180DDDDA16}" = Nokia Software Updater
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E15BBA7-CFFD-4983-9189-C4D86D3DDD0C}_is1" = Smarty Uninstaller Pro
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7D228E96-4124-4DDB-A4B3-C89FBCABC77F}" = Cortona3D Viewer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{85243696-5e58-4357-9cf8-3498c609941d}" = NeroLiveGadget Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}" = Dolby Control Center
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E72D7025-339A-431E-8CF4-41807660911B}" = PowerArchiver 2010 Czech
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EDAD3775-9BBB-4483-AC6E-DCB6BB18A9FC}" = Kerio VPN Client
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}" = Software Intel(R) PROSet/Wireless WiFi
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"BitComet" = BitComet 1.24
"CCleaner" = CCleaner
"ClientAccessExpress" = IBM iSeries Access for Windows
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CodeStuff Starter" = CodeStuff Starter
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.6.1
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NetTime_is1" = NetTime 2.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"pdfFactory Pro" = pdfFactory Pro
"PROHYBRIDR" = 2007 Microsoft Office system
"Recuva" = Recuva
"SP6" = Logitech SetPoint 6.20
"SuperCleaner" = SuperCleaner
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Ultra MKV Converter_is1" = Ultra MKV Converter 3.2.0610
"Ultra Video Converter_is1" = Ultra Video Converter 4.4.1222
"USB Disk Security_is1" = USB Disk Security
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"VLC media player" = VLC media player 1.1.2
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7.12.2010 10:23:23 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 7.12.2010 10:23:39 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 7.12.2010 10:27:37 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 7.12.2010 10:29:37 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 8.12.2010 1:51:06 | Computer Name = KratkyJvn | Source = WinMgmt | ID = 10
Description =

Error - 8.12.2010 1:58:31 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 8.12.2010 2:13:38 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 8.12.2010 2:13:53 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 8.12.2010 2:14:16 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

Error - 8.12.2010 2:14:16 | Computer Name = KratkyJvn | Source = Windows Search Service | ID = 3013
Description =

[ OSession Events ]
Error - 25.10.2008 5:25:54 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 25.2.2009 6:03:18 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10.5.2009 15:11:35 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3.7.2009 7:59:31 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25481
seconds with 2580 seconds of active time. This session ended with a crash.

Error - 25.2.2010 3:45:29 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10.4.2010 11:22:26 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 253
seconds with 180 seconds of active time. This session ended with a crash.

Error - 18.5.2010 2:50:21 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 628
seconds with 300 seconds of active time. This session ended with a crash.

Error - 6.7.2010 2:16:08 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 116
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.7.2010 1:00:30 | Computer Name = KratkyJvn | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7.12.2010 10:01:22 | Computer Name = KratkyJvn | Source = DCOM | ID = 10005
Description =

Error - 7.12.2010 10:01:22 | Computer Name = KratkyJvn | Source = Service Control Manager | ID = 7009
Description =

Error - 7.12.2010 10:01:22 | Computer Name = KratkyJvn | Source = Service Control Manager | ID = 7000
Description =

Error - 7.12.2010 10:18:33 | Computer Name = KratkyJvn | Source = Service Control Manager | ID = 7001
Description =

Error - 7.12.2010 10:18:45 | Computer Name = KratkyJvn | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 7.12.2010 10:25:03 | Computer Name = KratkyJvn | Source = DCOM | ID = 10005
Description =

Error - 7.12.2010 10:25:03 | Computer Name = KratkyJvn | Source = Service Control Manager | ID = 7009
Description =

Error - 7.12.2010 10:25:03 | Computer Name = KratkyJvn | Source = Service Control Manager | ID = 7000
Description =

Error - 8.12.2010 1:53:08 | Computer Name = KratkyJvn | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 8.12.2010 1:54:25 | Computer Name = KratkyJvn | Source = Service Control Manager | ID = 7001
Description =

< End of report >

#41 Příspěvek od **Rudy** » 08 pro 2010 18:23

Spusťte znovu OTL a do spodního okna zkopírujte:

:files
C:\Windows\System32\12129AE.mht
C:\Windows\Ascd_tmp.ini
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\64dlls.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\intel64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\Kernel32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\localsys64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\ntos.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\oembios.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra73.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\swin32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twex.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twext.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\wsnpoema.exe
c:\windows\regedit.com
c:\windows\system32\taskmgr.com

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

shorty1963 · #42 Příspěvek od **shorty1963** » 08 pro 2010 20:26

A mám dát log nebo nějaké čištění?

#43 Příspěvek od **Rudy** » 08 pro 2010 21:27

Pardon, zapoměl jsem dodat: Klikněte na vyčistit.

shorty1963 · #44 Příspěvek od **shorty1963** » 09 pro 2010 08:18

Provedl jsem podle návodu, OTL chtěl pak restartovat PC, po restartu naběhl normálně. Projel jsem pak Combofixem a hláška o Rootkitu a mazání těch samých souborů se objevila znovu. Mám dát log z něčeho?

#45 Příspěvek od **Rudy** » 09 pro 2010 18:33

Já už nevím, co na to pustit. V logu jsem nic jiného, než to, co jsem dal smazat, neviděl. Ty soubory v c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data opravdu jsou rootkity. Nikdy nebyl problém tyto typy souborů smazat ComboFixem, ale tady se obnovují a z žádného dostupného logu nemohu zjistit, co je obnovuje. AV máte Symantec (předpokládám, že funguje). Poslední, co se dá ještě zkusit je CureIT: http://www.stahuj.centrum.cz/utility_a_ ... eb-cureit/ .

VIRY.CZ

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu