Posim o kontrolu

Zpráva

#16 Příspěvek od **Márty84** » 22 črc 2013 20:14

A ten druhy?

ANGILO · #17 Příspěvek od **ANGILO** » 22 črc 2013 20:32

Neviem ho dokoncit, stale to zamrzne.

#18 Příspěvek od **Márty84** » 22 črc 2013 21:59

Dejte novy log z RSIT

ANGILO · #19 Příspěvek od **ANGILO** » 23 črc 2013 08:46

Logfile of random's system information tool 1.09 (written by random/random)
Run by norbi at 2013-07-23 09:37:51
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (9%) free of 27 GB
Total RAM: 446 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:39:41, on 23. 7. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Mobility Manager\MobilityManager.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Mobility Manager\jre\bin\javaw.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Documents and Settings\norbi\Plocha\RSIT.exe
C:\Program Files\trend micro\norbi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [MobilityManager] C:\Program Files\Mobility Manager\MobilityManager
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: FMMService - Flarion Technologies, Inc. - C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 6318 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\norbi\Data aplikací\Mozilla\Firefox\Profiles\yyzx923l.default

prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.11"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiSPower"=SiSPower.dll,ModeAgent []
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-10-12 315392]
"lxcrmon.exe"=C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-01-22 286720]
"MobilityManager"=C:\Program Files\Mobility Manager\MobilityManager []
"Trust Gaming mouse"=C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe [2006-12-28 1232896]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"LXCRCATS"=rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-10-07 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\groove.exe"="C:\Program Files\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-07-22 09:58:06 ----ASH---- C:\hiberfil.sys
2013-07-22 09:54:21 ----D---- C:\WINDOWS\snack
2013-07-22 09:51:28 ----A---- C:\WINDOWS\ntbtlog.txt
2013-07-21 21:46:15 ----A---- C:\AdwCleaner[S1].txt
2013-07-21 20:48:33 ----A---- C:\AdwCleaner[R1].txt
2013-07-21 15:48:22 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-07-21 15:48:16 ----D---- C:\Documents and Settings\norbi\Data aplikací\Malwarebytes
2013-07-21 15:47:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-07-21 15:46:27 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-07-21 14:16:12 ----D---- C:\Program Files\trend micro
2013-07-21 14:16:07 ----D---- C:\rsit
2013-07-21 13:40:25 ----A---- C:\WINDOWS\system32\muweb.dll
2013-07-21 13:40:25 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-07-19 19:15:04 ----SHD---- C:\Recycled
2013-07-19 16:27:54 ----SHD---- C:\FOUND.001
2013-07-19 14:29:14 ----SHD---- C:\FOUND.000
2013-07-19 11:53:03 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-07-19 11:47:20 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-07-19 10:51:28 ----D---- C:\Program Files\Microsoft Security Client
2013-07-19 10:51:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-07-19 10:48:21 ----D---- C:\WINDOWS\Prefetch
2013-07-19 10:03:04 ----N---- C:\WINDOWS\system32\msxml6r.dll
2013-07-19 10:03:03 ----N---- C:\WINDOWS\system32\msxml6.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\aaclient.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\credssp.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\azroles.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napstat.exe
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mssha.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\onex.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qutil.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagent.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slgen.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\setupn.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2013-07-19 10:02:17 ----N---- C:\WINDOWS\system32\slserv.exe
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wmphoto.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\system32\xmllite.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\slrundll.exe
2013-07-19 10:02:12 ----D---- C:\WINDOWS\system32\cs-cz
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\cs
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\bits
2013-07-19 10:02:11 ----D---- C:\WINDOWS\l2schemas
2013-07-19 09:55:54 ----D---- C:\WINDOWS\network diagnostic
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-07-19 09:55:51 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-07-19 09:55:51 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-07-19 09:49:57 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2013-07-19 09:49:51 ----D---- C:\WINDOWS\EHome
2013-07-13 16:14:55 ----D---- C:\Program Files\Yamicsoft
2013-07-13 16:12:12 ----RSD---- C:\WINDOWS\assembly
2013-07-13 16:10:44 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-12 22:46:55 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2013-07-12 22:46:52 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2013-07-12 22:46:51 ----A---- C:\WINDOWS\system32\ksuser.dll
2013-07-12 22:46:50 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2013-07-12 22:46:49 ----A---- C:\WINDOWS\system32\drivers\stream.sys
2013-07-12 22:46:14 ----A---- C:\WINDOWS\Alcrmv.exe
2013-07-12 22:46:12 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2013-07-12 22:46:10 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2013-07-12 22:45:59 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2013-07-12 22:45:58 ----A---- C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\mdmxsdk.dll
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\hsfci012.dll
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSFHWSIS.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSF_DP.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2013-07-12 22:44:14 ----D---- C:\Program Files\CONEXANT
2013-07-12 22:43:55 ----A---- C:\WINDOWS\system32\drivers\siside.sys
2013-07-12 22:43:49 ----A---- C:\WINDOWS\system32\drivers\sisnicxp.sys
2013-07-12 22:43:41 ----A---- C:\WINDOWS\difxapi.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSParse.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSInst.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgrv.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgl.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSBase.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\drivers\srvkp.sys
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\drivers\sisgrp.sys
2013-07-12 22:43:31 ----A---- C:\WINDOWS\system32\drivers\SISAGPX.SYS
2013-07-12 22:43:22 ----A---- C:\WINDOWS\system32\SiSPIns2.dll
2013-07-12 22:42:38 ----A---- C:\WINDOWS\system32\drivers\AmdK8.sys
2013-07-12 22:40:38 ----D---- C:\Documents and Settings\norbi\Data aplikací\DRPSu
2013-07-12 20:54:01 ----A---- C:\WINDOWS\system32\MRT.exe
2013-07-12 17:02:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-25 19:28:03 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-07-23 09:36:18 ----A---- C:\WINDOWS\system32\eRLog.ini
2013-07-23 09:36:02 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2013-07-19 12:13:02 ----A---- C:\WINDOWS\wincmd.ini
2013-07-19 10:13:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-09-28 278728]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-09-28 25416]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-07 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GMFilter Filter;GMFilter Filter; C:\WINDOWS\System32\Drivers\GMFilter.sys [2006-12-29 27648]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-12-11 6144]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
S0 ixquml;ixquml; C:\WINDOWS\System32\drivers\lrwa.sys []
S3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 ft1000;Flarion Flash OFDM wireless service; C:\WINDOWS\system32\DRIVERS\ft1000.sys [2007-07-09 62208]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FMMService;FMMService; C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE [2007-12-06 40960]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-03 495616]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-25 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#20 Příspěvek od **Márty84** » 23 črc 2013 10:40

Uvolnete nejake misto na disku.

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

ANGILO · #21 Příspěvek od **ANGILO** » 23 črc 2013 13:46

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 166884 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6953303 bytes

User: norbi
->Temp folder emptied: 1507 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 77037223 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
Session Manager Temp folder emptied: 8350 bytes
Session Manager Tmp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 497587 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 81,00 mb

[EMPTYFLASH]

User: Default User

User: All Users

User: NetworkService

User: LocalService

User: norbi
->Flash cache emptied: 0 bytes

User: Administrator

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 07232013_143844

Files moved on Reboot...

Registry entries deleted on Reboot...

#22 Příspěvek od **Márty84** » 23 črc 2013 15:10

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

ANGILO · #23 Příspěvek od **ANGILO** » 23 črc 2013 17:21

OTL logfile created on: 23. 7. 2013 16:59:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\norbi\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

446,48 Mb Total Physical Memory | 98,41 Mb Available Physical Memory | 22,04% Memory free
1,03 Gb Paging File | 0,51 Gb Available in Paging File | 49,51% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,22 Gb Total Space | 4,09 Gb Free Space | 15,60% Space Free | Partition Type: FAT32
Drive D: | 26,71 Gb Total Space | 18,82 Gb Free Space | 70,47% Space Free | Partition Type: FAT32

Computer Name: ACER | User Name: norbi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.23 16:56:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\norbi\Plocha\OTL.exe
PRC - [2013.06.25 19:30:06 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2008.06.24 15:23:56 | 000,114,688 | ---- | M] (Macrovision) -- C:\Program Files\Mobility Manager\MobilityManager.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.22 12:44:16 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mobility Manager\jre\bin\javaw.exe
PRC - [2007.12.06 21:00:14 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) -- C:\Program Files\Mobility Manager\FMMService.exe
PRC - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
PRC - [2007.02.20 13:34:10 | 001,967,664 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
PRC - [2006.12.28 09:20:50 | 001,232,896 | ---- | M] () -- C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
PRC - [2006.02.03 05:11:22 | 000,495,616 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcrcoms.exe
PRC - [2006.01.22 19:45:08 | 000,286,720 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2005.11.16 16:54:56 | 000,385,024 | ---- | M] (acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
PRC - [2005.10.12 15:16:04 | 000,315,392 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2005.03.04 13:13:04 | 000,032,768 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\Keyhook.exe
PRC - [2005.02.23 18:13:10 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005.01.04 16:52:52 | 000,331,776 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2004.10.07 23:44:24 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004.08.16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe

========== Modules (No Company Name) ==========

MOD - [2013.06.25 19:30:00 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2007.12.06 21:00:14 | 000,159,744 | ---- | M] () -- C:\Program Files\Mobility Manager\fOtaClient.dll
MOD - [2007.12.06 21:00:14 | 000,024,576 | ---- | M] () -- C:\Program Files\Mobility Manager\foamapi.dll
MOD - [2007.02.20 13:34:36 | 000,161,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll
MOD - [2007.02.20 13:34:32 | 000,475,696 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll
MOD - [2007.02.20 13:34:26 | 000,865,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll
MOD - [2007.02.20 13:34:20 | 000,024,112 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll
MOD - [2007.02.20 13:34:18 | 000,833,072 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll
MOD - [2006.12.28 09:20:50 | 001,232,896 | ---- | M] () -- C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
MOD - [2006.12.26 17:53:16 | 000,679,936 | ---- | M] () -- C:\WINDOWS\system32\XIndicator.dll
MOD - [2006.12.26 17:53:10 | 002,637,824 | ---- | M] () -- C:\WINDOWS\system32\XWheel.dll
MOD - [2006.02.02 10:24:56 | 000,012,288 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\fxctrstr.dll
MOD - [2006.02.02 10:12:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\LXPRMON.DLL
MOD - [2006.02.02 10:10:20 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
MOD - [2006.01.22 19:45:08 | 000,286,720 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
MOD - [2006.01.22 19:44:34 | 000,274,432 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrscw.dll
MOD - [2006.01.12 16:20:04 | 000,114,688 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxcrpp5c.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\qckdycm.dll -- (yqnhbr)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.06.25 19:30:00 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2007.12.06 21:00:14 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) [Auto | Running] -- C:\Program Files\Mobility Manager\FMMService.exe -- (FMMService)
SRV - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (KPF4)
SRV - [2006.02.03 05:11:22 | 000,495,616 | ---- | M] ( ) [On_Demand | Running] -- C:\WINDOWS\system32\lxcrcoms.exe -- (lxcr_device)
SRV - [2004.08.16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\lrwa.sys -- (ixquml)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.07.21 16:08:04 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.09.28 14:07:02 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.09.28 14:07:00 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.07.09 16:11:08 | 000,062,208 | ---- | M] (Flarion Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ft1000.sys -- (ft1000)
DRV - [2007.02.20 13:34:08 | 000,071,088 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007.02.20 13:34:02 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2006.12.29 16:49:38 | 000,027,648 | ---- | M] (Game) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GMFilter.sys -- (GMFilter Filter)
DRV - [2005.03.02 00:09:02 | 000,240,640 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005.02.25 19:45:32 | 000,013,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005.02.24 14:20:22 | 002,311,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2004.12.21 10:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004.11.05 01:43:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004.10.07 19:51:08 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.12.05 18:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.07.18 09:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

[2010.08.04 20:21:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\norbi\Data aplikací\Mozilla\Extensions
[2010.08.04 20:21:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\norbi\Data aplikací\Mozilla\Firefox\Profiles\yyzx923l.default\extensions
[2013.06.25 19:28:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.06.25 19:28:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013.07.23 14:39:30 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Panel nástrojů) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Panel nástrojů) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\..\Toolbar\WebBrowser: (Lexmark Panel nástrojů) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LXCRCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL ()
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [MobilityManager] C:\Program Files\Mobility Manager\MobilityManager.exe (Macrovision)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Trust Gaming mouse] C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D5F6825-E6B8-4BAC-A10B-89BF820AE9AF}: DhcpNameServer = 192.168.1.1 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\norbi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\norbi\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4a55d698-b49a-11dc-8853-00163620c72b}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{4a55d698-b49a-11dc-8853-00163620c72b}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Error creating restore point.

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: yqnhbr - C:\WINDOWS\system32\qckdycm.dll File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.07.23 16:56:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\norbi\Plocha\OTL.exe
[2013.07.23 14:38:44 | 000,000,000 | ---D | C] -- C:\_OTM
[2013.07.23 14:37:16 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\norbi\Plocha\OTM.exe
[2013.07.23 13:05:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\norbi\Recent
[2013.07.22 09:54:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\snack
[2013.07.22 08:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\norbi\Plocha\RK_Quarantine
[2013.07.21 15:48:22 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.07.21 15:48:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\norbi\Data aplikací\Malwarebytes
[2013.07.21 15:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.07.21 15:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.07.21 15:46:27 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.07.21 14:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.21 14:16:07 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.21 13:40:25 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013.07.21 13:40:25 | 000,017,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013.07.19 19:15:04 | 000,000,000 | -HSD | C] -- C:\Recycled
[2013.07.19 11:53:03 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013.07.19 11:52:48 | 000,000,000 | R--D | C] -- D:\DOKUMENTY\Obrázky
[2013.07.19 11:52:16 | 000,000,000 | R--D | C] -- D:\DOKUMENTY\Hudba
[2013.07.19 11:52:14 | 000,000,000 | R--D | C] -- D:\DOKUMENTY\Filmy
[2013.07.19 11:52:07 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\Stubbs the Zombie
[2013.07.19 11:52:06 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\EA Sports
[2013.07.19 11:52:05 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\My eBooks
[2013.07.19 11:52:05 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\GTA Vice City User Files
[2013.07.19 11:52:04 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\GTA Underground
[2013.07.19 11:51:58 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\GTA San Andreas User Files
[2013.07.19 11:51:21 | 000,000,000 | --SD | C] -- D:\DOKUMENTY\Zdroje údajov
[2013.07.19 11:51:21 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\Preberanie
[2013.07.19 11:47:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2013.07.19 10:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.07.19 10:51:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2013.07.19 10:48:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.07.19 10:03:04 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2013.07.19 10:03:04 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2013.07.19 10:03:04 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2013.07.19 10:02:53 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2013.07.19 10:02:51 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2013.07.19 10:02:49 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2013.07.19 10:02:29 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013.07.19 10:02:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.07.19 10:02:28 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013.07.19 10:02:28 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013.07.19 10:02:28 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013.07.19 10:02:28 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013.07.19 10:02:28 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013.07.19 10:02:28 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013.07.19 10:02:28 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013.07.19 10:02:28 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013.07.19 10:02:27 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2013.07.19 10:02:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2013.07.19 10:02:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2013.07.19 10:02:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.07.19 10:02:26 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2013.07.19 10:02:26 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2013.07.19 10:02:26 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2013.07.19 10:02:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2013.07.19 10:02:26 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2013.07.19 10:02:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2013.07.19 10:02:25 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2013.07.19 10:02:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2013.07.19 10:02:25 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013.07.19 10:02:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2013.07.19 10:02:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2013.07.19 10:02:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2013.07.19 10:02:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2013.07.19 10:02:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2013.07.19 10:02:22 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2013.07.19 10:02:22 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2013.07.19 10:02:22 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2013.07.19 10:02:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2013.07.19 10:02:21 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013.07.19 10:02:21 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2013.07.19 10:02:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2013.07.19 10:02:21 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2013.07.19 10:02:21 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2013.07.19 10:02:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2013.07.19 10:02:20 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013.07.19 10:02:19 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2013.07.19 10:02:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2013.07.19 10:02:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2013.07.19 10:02:18 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013.07.19 10:02:18 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.07.19 10:02:18 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013.07.19 10:02:18 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013.07.19 10:02:18 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013.07.19 10:02:18 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013.07.19 10:02:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2013.07.19 10:02:17 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013.07.19 10:02:15 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2013.07.19 10:02:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.07.19 10:02:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013.07.19 10:02:14 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2013.07.19 10:02:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2013.07.19 10:02:13 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013.07.19 10:02:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2013.07.19 10:02:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013.07.19 10:02:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2013.07.19 10:02:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013.07.19 09:58:13 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2013.07.19 09:55:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013.07.19 09:55:53 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013.07.19 09:55:53 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013.07.19 09:55:53 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013.07.19 09:55:53 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013.07.19 09:55:53 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013.07.19 09:55:53 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013.07.19 09:55:53 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013.07.19 09:55:53 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013.07.19 09:55:53 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013.07.19 09:55:53 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013.07.19 09:55:53 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013.07.19 09:55:53 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013.07.19 09:55:53 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013.07.19 09:55:53 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013.07.19 09:55:53 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013.07.19 09:55:53 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013.07.19 09:55:53 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013.07.19 09:55:53 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013.07.19 09:55:53 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013.07.19 09:55:53 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013.07.19 09:55:53 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013.07.19 09:55:53 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013.07.19 09:55:53 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013.07.19 09:55:53 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013.07.19 09:55:53 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013.07.19 09:55:53 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013.07.19 09:55:52 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013.07.19 09:55:52 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013.07.19 09:55:52 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2013.07.19 09:55:52 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013.07.19 09:55:52 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013.07.19 09:55:52 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013.07.19 09:55:52 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013.07.19 09:55:52 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013.07.19 09:55:52 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013.07.19 09:55:52 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013.07.19 09:55:50 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013.07.19 09:55:50 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013.07.19 09:55:50 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013.07.19 09:55:50 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013.07.19 09:55:50 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013.07.19 09:55:50 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013.07.19 09:55:49 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013.07.19 09:55:49 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013.07.19 09:55:49 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013.07.19 09:55:49 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013.07.19 09:55:49 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013.07.19 09:55:49 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013.07.19 09:55:49 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013.07.19 09:55:49 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2013.07.19 09:55:49 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013.07.19 09:55:48 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013.07.19 09:55:48 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013.07.19 09:55:48 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013.07.19 09:55:48 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013.07.19 09:55:48 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013.07.19 09:55:48 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013.07.19 09:49:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013.07.19 09:49:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013.07.13 16:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2013.07.13 16:14:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\norbi\Nabídka Start\Programy\WinXP Manager
[2013.07.13 16:12:12 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013.07.13 16:10:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013.07.12 22:46:55 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2013.07.12 22:46:52 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013.07.12 22:46:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013.07.12 22:46:50 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013.07.12 22:46:49 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013.07.12 22:46:49 | 000,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2013.07.12 22:46:14 | 000,200,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe
[2013.07.12 22:46:10 | 009,298,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.EXE
[2013.07.12 22:45:59 | 017,747,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2013.07.12 22:45:59 | 000,077,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2013.07.12 22:45:58 | 002,311,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2013.07.12 22:44:14 | 001,038,208 | R--- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_DP.sys
[2013.07.12 22:44:14 | 000,703,232 | R--- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2013.07.12 22:44:14 | 000,200,576 | R--- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\HSFHWSIS.sys
[2013.07.12 22:44:14 | 000,086,016 | R--- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013.07.12 22:44:14 | 000,039,018 | R--- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfci012.dll
[2013.07.12 22:44:14 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2013.07.12 22:43:55 | 000,004,096 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\drivers\siside.sys
[2013.07.12 22:43:49 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnicxp.sys
[2013.07.12 22:43:41 | 000,337,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\difxapi.dll
[2013.07.12 22:43:36 | 001,740,800 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\sisgl.dll
[2013.07.12 22:43:36 | 000,862,208 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\sisgrv.dll
[2013.07.12 22:43:36 | 000,258,048 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\SiSParse.dll
[2013.07.12 22:43:36 | 000,240,640 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisgrp.sys
[2013.07.12 22:43:36 | 000,184,320 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\SiSInst.dll
[2013.07.12 22:43:36 | 000,049,152 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\SiSBase.dll
[2013.07.12 22:43:36 | 000,013,312 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\srvkp.sys
[2013.07.12 22:43:31 | 000,036,992 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\SISAGPX.SYS
[2013.07.12 22:43:22 | 000,009,728 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\SiSPIns2.dll
[2013.07.12 22:40:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\norbi\Data aplikací\DRPSu
[2013.07.12 21:20:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\norbi\Nabídka Start\Programy\Nástroje pro správu
[2013.06.25 19:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\Documents and Settings\norbi\*.tmp files -> C:\Documents and Settings\norbi\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.07.23 17:12:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.23 17:05:06 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.07.23 17:02:28 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.07.23 16:56:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\norbi\Plocha\OTL.exe
[2013.07.23 16:53:28 | 000,000,451 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2013.07.23 16:52:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.23 14:40:34 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2013.07.23 14:35:58 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\norbi\Plocha\OTM.exe
[2013.07.23 13:18:16 | 000,000,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2013.07.22 10:39:14 | 002,311,680 | ---- | M] () -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS.dump
[2013.07.22 10:39:14 | 000,083,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\wdmaud.sys.dump
[2013.07.22 10:39:14 | 000,081,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\videoprt.sys.dump
[2013.07.22 10:39:14 | 000,052,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\volsnap.sys.dump
[2013.07.22 10:39:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\System32\drivers\wanarp.sys.dump
[2013.07.22 10:39:14 | 000,032,768 | ---- | M] () -- C:\WINDOWS\System32\drivers\sisnicxp.sys.dump
[2013.07.22 10:39:14 | 000,020,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\vga.sys.dump
[2013.07.22 10:39:14 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\srvkp.sys.dump
[2013.07.22 10:39:12 | 001,038,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\HSF_DP.sys.dump
[2013.07.22 10:39:12 | 000,703,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys.dump
[2013.07.22 10:39:12 | 000,278,728 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys.dump
[2013.07.22 10:39:12 | 000,240,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\sisgrp.sys.dump
[2013.07.22 10:39:12 | 000,200,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\HSFHWSIS.sys.dump
[2013.07.22 10:39:12 | 000,039,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\AmdK8.sys.dump
[2013.07.22 10:39:12 | 000,036,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\SISAGPX.SYS.dump
[2013.07.22 10:39:12 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\siside.sys.dump
[2013.07.22 10:39:10 | 000,056,623 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1btxx.sys.dump
[2013.07.22 10:39:10 | 000,044,928 | ---- | M] () -- C:\WINDOWS\System32\drivers\agpcpq.sys.dump
[2013.07.22 10:39:10 | 000,042,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\alim1541.sys.dump
[2013.07.22 10:39:10 | 000,042,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\agp440.sys.dump
[2013.07.22 10:39:10 | 000,041,600 | ---- | M] () -- C:\WINDOWS\System32\drivers\amdk7.sys.dump
[2013.07.22 10:39:10 | 000,040,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys.dump
[2013.07.22 10:39:10 | 000,027,648 | ---- | M] () -- C:\WINDOWS\System32\drivers\GMFilter.sys.dump
[2013.07.22 10:39:10 | 000,025,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys.dump
[2013.07.22 10:39:10 | 000,022,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbam.sys.dump
[2013.07.22 10:39:10 | 000,012,047 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.dump
[2013.07.22 10:39:10 | 000,011,615 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.dump
[2013.07.22 10:39:08 | 000,701,440 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati2mtag.sys.dump
[2013.07.22 10:39:08 | 000,326,912 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati2mtaa.sys.dump
[2013.07.22 10:39:08 | 000,063,663 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1rvxx.sys.dump
[2013.07.22 10:39:08 | 000,057,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys.dump
[2013.07.22 10:39:08 | 000,036,463 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.dump
[2013.07.22 10:39:08 | 000,034,735 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.dump
[2013.07.22 10:39:08 | 000,030,671 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1raxx.sys.dump
[2013.07.22 10:39:08 | 000,029,455 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.dump
[2013.07.22 10:39:08 | 000,026,367 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1snxx.sys.dump
[2013.07.22 10:39:08 | 000,021,343 | ---- | M] () -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.dump
[2013.07.22 10:39:08 | 000,014,336 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys.dump
[2013.07.22 10:39:08 | 000,013,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys.dump
[2013.07.22 10:39:06 | 000,272,896 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthport.sys.dump
[2013.07.22 10:39:06 | 000,129,792 | ---- | M] () -- C:\WINDOWS\System32\drivers\fltMgr.sys.dump
[2013.07.22 10:39:06 | 000,104,960 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys.dump
[2013.07.22 10:39:06 | 000,101,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthpan.sys.dump
[2013.07.22 10:39:06 | 000,073,216 | ---- | M] () -- C:\WINDOWS\System32\drivers\atintuxx.sys.dump
[2013.07.22 10:39:06 | 000,063,488 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys.dump
[2013.07.22 10:39:06 | 000,052,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinraxx.sys.dump
[2013.07.22 10:39:06 | 000,046,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\gagp30kx.sys.dump
[2013.07.22 10:39:06 | 000,031,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinxbxx.sys.dump
[2013.07.22 10:39:06 | 000,028,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinsnxx.sys.dump
[2013.07.22 10:39:06 | 000,018,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthusb.sys.dump
[2013.07.22 10:39:06 | 000,013,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\atinttxx.sys.dump
[2013.07.22 10:39:04 | 000,302,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.sys.dump
[2013.07.22 10:39:04 | 000,071,088 | ---- | M] () -- C:\WINDOWS\System32\drivers\khips.sys.dump
[2013.07.22 10:39:04 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidbth.sys.dump
[2013.07.22 10:39:04 | 000,019,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidir.sys.dump
[2013.07.22 10:39:00 | 001,309,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys.dump
[2013.07.22 10:39:00 | 000,452,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys.dump
[2013.07.22 10:39:00 | 000,180,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys.dump
[2013.07.22 10:39:00 | 000,126,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.dump
[2013.07.22 10:39:00 | 000,062,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\ft1000.sys.dump
[2013.07.22 10:39:00 | 000,036,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\ip6fw.sys.dump
[2013.07.22 10:39:00 | 000,015,488 | ---- | M] () -- C:\WINDOWS\System32\drivers\mssmbios.sys.dump
[2013.07.22 10:39:00 | 000,012,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\mutohpen.sys.dump
[2013.07.22 10:38:58 | 000,129,535 | ---- | M] () -- C:\WINDOWS\System32\drivers\slnt7554.sys.dump
[2013.07.22 10:38:58 | 000,059,136 | ---- | M] () -- C:\WINDOWS\System32\drivers\rfcomm.sys.dump
[2013.07.22 10:38:58 | 000,030,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\rndismpx.sys.dump
[2013.07.22 10:38:58 | 000,012,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\mouhid.sys.dump
[2013.07.22 10:38:58 | 000,011,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sffdisk.sys.dump
[2013.07.22 10:38:58 | 000,011,008 | ---- | M] () -- C:\WINDOWS\System32\drivers\sffp_sd.sys.dump
[2013.07.22 10:38:56 | 000,404,990 | ---- | M] () -- C:\WINDOWS\System32\drivers\slntamr.sys.dump
[2013.07.22 10:38:56 | 000,384,768 | ---- | M] () -- C:\WINDOWS\System32\drivers\update.sys.dump
[2013.07.22 10:38:56 | 000,121,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbvideo.sys.dump
[2013.07.22 10:38:56 | 000,095,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\slnthal.sys.dump
[2013.07.22 10:38:56 | 000,042,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\viaagp.sys.dump
[2013.07.22 10:38:56 | 000,030,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbehci.sys.dump
[2013.07.22 10:38:56 | 000,022,271 | ---- | M] () -- C:\WINDOWS\System32\drivers\watv06nt.sys.dump
[2013.07.22 10:38:56 | 000,014,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\wacompen.sys.dump
[2013.07.22 10:38:56 | 000,013,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys.dump
[2013.07.22 10:38:56 | 000,012,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\tunmp.sys.dump
[2013.07.22 10:38:56 | 000,011,935 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys.dump
[2013.07.22 10:38:56 | 000,011,871 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys.dump
[2013.07.22 10:38:56 | 000,011,807 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys.dump
[2013.07.22 10:38:56 | 000,011,295 | ---- | M] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys.dump
[2013.07.22 10:38:54 | 000,188,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\acpi.sys.dump
[2013.07.22 10:38:54 | 000,172,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmixer.sys.dump
[2013.07.22 10:38:54 | 000,171,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\MpFilter.sys.dump
[2013.07.22 10:38:54 | 000,153,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmio.sys.dump
[2013.07.22 10:38:54 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\aec.sys.dump
[2013.07.22 10:38:54 | 000,060,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\drmk.sys.dump
[2013.07.22 10:38:54 | 000,052,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\DMusic.sys.dump
[2013.07.22 10:38:54 | 000,024,960 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidparse.sys.dump
[2013.07.22 10:38:54 | 000,024,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\kbdclass.sys.dump
[2013.07.22 10:38:54 | 000,020,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipinip.sys.dump
[2013.07.22 10:38:52 | 000,369,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\BCMWL5.SYS.dump
[2013.07.22 10:38:52 | 000,180,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\mrxdav.sys.dump
[2013.07.22 10:38:52 | 000,141,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\ks.sys.dump
[2013.07.22 10:38:52 | 000,042,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\mountmgr.sys.dump
[2013.07.22 10:38:52 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthmodem.sys.dump
[2013.07.22 10:38:52 | 000,035,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\msgpc.sys.dump
[2013.07.22 10:38:52 | 000,017,024 | ---- | M] () -- C:\WINDOWS\System32\drivers\BthEnum.sys.dump
[2013.07.22 10:38:52 | 000,010,890 | ---- | M] () -- C:\WINDOWS\System32\drivers\OsaFsLoc.sys.dump
[2013.07.22 10:38:52 | 000,010,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\pfc.sys.dump
[2013.07.22 10:38:52 | 000,008,704 | ---- | M] () -- C:\WINDOWS\System32\drivers\osaio.sys.dump
[2013.07.22 10:38:52 | 000,007,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\mskssrv.sys.dump
[2013.07.22 10:38:52 | 000,005,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\mspclock.sys.dump
[2013.07.22 10:38:52 | 000,004,010 | ---- | M] () -- C:\WINDOWS\System32\drivers\osanbm.sys.dump
[2013.07.22 10:38:52 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\audstub.sys.dump
[2013.07.22 10:38:50 | 000,175,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\rdbss.sys.dump
[2013.07.22 10:38:50 | 000,120,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\pcmcia.sys.dump
[2013.07.22 10:38:50 | 000,075,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipsec.sys.dump
[2013.07.22 10:38:50 | 000,055,808 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmlane.sys.dump
[2013.07.22 10:38:50 | 000,049,536 | ---- | M] () -- C:\WINDOWS\System32\drivers\classpnp.sys.dump
[2013.07.22 10:38:50 | 000,048,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\raspptp.sys.dump
[2013.07.22 10:38:50 | 000,037,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\isapnp.sys.dump
[2013.07.22 10:38:50 | 000,036,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\bthprint.sys.dump
[2013.07.22 10:38:50 | 000,030,848 | ---- | M] () -- C:\WINDOWS\System32\drivers\npfs.sys.dump
[2013.07.22 10:38:50 | 000,030,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\modem.sys.dump
[2013.07.22 10:38:50 | 000,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\CmBatt.sys.dump
[2013.07.22 10:38:50 | 000,013,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\recagent.sys.dump
[2013.07.22 10:38:50 | 000,012,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\usb8023x.sys.dump
[2013.07.22 10:38:48 | 000,202,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\RMCast.sys.dump
[2013.07.22 10:38:48 | 000,196,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\rdpdr.sys.dump
[2013.07.22 10:38:48 | 000,139,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\rdpwd.sys.dump
[2013.07.22 10:38:48 | 000,073,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\sr.sys.dump
[2013.07.22 10:38:48 | 000,036,864 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidclass.sys.dump
[2013.07.22 10:38:48 | 000,025,471 | ---- | M] () -- C:\WINDOWS\System32\drivers\watv10nt.sys.dump
[2013.07.22 10:38:48 | 000,025,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\sonydcam.sys.dump
[2013.07.22 10:38:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\drivers\flpydisk.sys.dump
[2013.07.22 10:38:48 | 000,019,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\partmgr.sys.dump
[2013.07.22 10:38:48 | 000,010,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\hidusb.sys.dump
[2013.07.22 10:38:48 | 000,006,272 | ---- | M] () -- C:\WINDOWS\System32\drivers\splitter.sys.dump
[2013.07.22 10:38:48 | 000,005,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\smbali.sys.dump
[2013.07.22 10:38:46 | 000,574,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\ntfs.sys.dump
[2013.07.22 10:38:46 | 000,334,848 | ---- | M] () -- C:\WINDOWS\System32\drivers\srv.sys.dump
[2013.07.22 10:38:46 | 000,166,912 | ---- | M] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys.dump
[2013.07.22 10:38:46 | 000,079,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\sdbus.sys.dump
[2013.07.22 10:38:46 | 000,060,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\sysaudio.sys.dump
[2013.07.22 10:38:46 | 000,058,496 | ---- | M] () -- C:\WINDOWS\System32\drivers\redbook.sys.dump
[2013.07.22 10:38:46 | 000,056,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\swmidi.sys.dump
[2013.07.22 10:38:46 | 000,030,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\rndismp.sys.dump
[2013.07.22 10:38:46 | 000,024,960 | ---- | M] () -- C:\WINDOWS\System32\drivers\pciidex.sys.dump
[2013.07.22 10:38:46 | 000,011,392 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfloppy.sys.dump
[2013.07.22 10:38:46 | 000,010,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\sffp_mmc.sys.dump
[2013.07.22 10:38:46 | 000,004,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\swenum.sys.dump
[2013.07.22 10:38:44 | 000,361,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\tcpip.sys.dump
[2013.07.22 10:38:44 | 000,264,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\http.sys.dump
[2013.07.22 10:38:44 | 000,162,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\netbt.sys.dump
[2013.07.22 10:38:44 | 000,092,288 | ---- | M] () -- C:\WINDOWS\System32\drivers\ksecdd.sys.dump
[2013.07.22 10:38:44 | 000,061,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\nic1394.sys.dump
[2013.07.22 10:38:44 | 000,042,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\imapi.sys.dump
[2013.07.22 10:38:44 | 000,040,192 | ---- | M] () -- C:\WINDOWS\System32\drivers\intelppm.sys.dump
[2013.07.22 10:38:44 | 000,019,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\tdi.sys.dump
[2013.07.22 10:38:44 | 000,014,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\tape.sys.dump
[2013.07.22 10:38:44 | 000,014,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\diskdump.sys.dump
[2013.07.22 10:38:44 | 000,010,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\compbatt.sys.dump
[2013.07.22 10:38:42 | 000,146,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\portcls.sys.dump
[2013.07.22 10:38:42 | 000,138,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\afd.sys.dump
[2013.07.22 10:38:42 | 000,096,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\atapi.sys.dump
[2013.07.22 10:38:42 | 000,071,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\bridge.sys.dump
[2013.07.22 10:38:42 | 000,060,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\arp1394.sys.dump
[2013.07.22 10:38:42 | 000,059,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmarpc.sys.dump
[2013.07.22 10:38:42 | 000,041,216 | ---- | M] () -- C:\WINDOWS\System32\drivers\amdk6.sys.dump
[2013.07.22 10:38:42 | 000,036,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\disk.sys.dump
[2013.07.22 10:38:42 | 000,021,896 | ---- | M] () -- C:\WINDOWS\System32\drivers\tdtcp.sys.dump
[2013.07.22 10:38:42 | 000,014,208 | ---- | M] () -- C:\WINDOWS\System32\drivers\battc.sys.dump
[2013.07.22 10:38:42 | 000,012,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\tdpipe.sys.dump
[2013.07.22 10:38:42 | 000,010,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndistapi.sys.dump
[2013.07.22 10:38:42 | 000,002,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\drmkaud.sys.dump
[2013.07.22 10:38:40 | 000,152,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipnat.sys.dump
[2013.07.22 10:38:40 | 000,071,168 | ---- | M] () -- C:\WINDOWS\System32\drivers\dxg.sys.dump
[2013.07.22 10:38:40 | 000,066,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\udfs.sys.dump
[2013.07.22 10:38:40 | 000,064,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\serial.sys.dump
[2013.07.22 10:38:40 | 000,052,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\i8042prt.sys.dump
[2013.07.22 10:38:40 | 000,049,408 | ---- | M] () -- C:\WINDOWS\System32\drivers\stream.sys.dump
[2013.07.22 10:38:40 | 000,044,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\uagp35.sys.dump
[2013.07.22 10:38:40 | 000,044,544 | ---- | M] () -- C:\WINDOWS\System32\drivers\fips.sys.dump
[2013.07.22 10:38:40 | 000,040,840 | ---- | M] () -- C:\WINDOWS\System32\drivers\termdd.sys.dump
[2013.07.22 10:38:40 | 000,034,688 | ---- | M] () -- C:\WINDOWS\System32\drivers\netbios.sys.dump
[2013.07.22 10:38:40 | 000,019,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\msfs.sys.dump
[2013.07.22 10:38:38 | 000,143,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\fastfat.sys.dump
[2013.07.22 10:38:38 | 000,096,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\scsiport.sys.dump
[2013.07.22 10:38:38 | 000,069,120 | ---- | M] () -- C:\WINDOWS\System32\drivers\psched.sys.dump
[2013.07.22 10:38:38 | 000,063,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdfs.sys.dump
[2013.07.22 10:38:38 | 000,051,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\rasl2tp.sys.dump
[2013.07.22 10:38:38 | 000,046,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\p3.sys.dump
[2013.07.22 10:38:38 | 000,041,472 | ---- | M] () -- C:\WINDOWS\System32\drivers\raspppoe.sys.dump
[2013.07.22 10:38:38 | 000,039,680 | ---- | M] () -- C:\WINDOWS\System32\drivers\processr.sys.dump
[2013.07.22 10:38:38 | 000,015,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\serenum.sys.dump
[2013.07.22 10:38:38 | 000,014,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisuio.sys.dump
[2013.07.22 10:38:36 | 001,270,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\AGRSM.sys.dump
[2013.07.22 10:38:36 | 000,456,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\mrxsmb.sys.dump
[2013.07.22 10:38:36 | 000,088,320 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnkipx.sys.dump
[2013.07.22 10:38:36 | 000,063,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\mf.sys.dump
[2013.07.22 10:38:36 | 000,040,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndproxy.sys.dump
[2013.07.22 10:38:36 | 000,040,320 | ---- | M] () -- C:\WINDOWS\System32\drivers\nmnt.sys.dump
[2013.07.22 10:38:36 | 000,032,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbccgp.sys.dump
[2013.07.22 10:38:36 | 000,025,728 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbcamd2.sys.dump
[2013.07.22 10:38:36 | 000,004,992 | ---- | M] () -- C:\WINDOWS\System32\drivers\mspqm.sys.dump
[2013.07.22 10:38:34 | 000,225,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\tcpip6.sys.dump
[2013.07.22 10:38:34 | 000,143,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbport.sys.dump
[2013.07.22 10:38:34 | 000,105,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\mup.sys.dump
[2013.07.22 10:38:34 | 000,068,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\pci.sys.dump
[2013.07.22 10:38:34 | 000,059,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbhub.sys.dump
[2013.07.22 10:38:34 | 000,023,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\mouclass.sys.dump
[2013.07.22 10:38:34 | 000,017,152 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbohci.sys.dump
[2013.07.22 10:38:34 | 000,015,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbintel.sys.dump
[2013.07.22 10:38:32 | 000,800,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmboot.sys.dump
[2013.07.22 10:38:32 | 000,062,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdrom.sys.dump
[2013.07.22 10:38:32 | 000,058,112 | ---- | M] () -- C:\WINDOWS\System32\drivers\vdmindvd.sys.dump
[2013.07.22 10:38:32 | 000,040,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\crusoe.sys.dump
[2013.07.22 10:38:32 | 000,025,600 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbcamd.sys.dump
[2013.07.22 10:38:32 | 000,014,336 | ---- | M] () -- C:\WINDOWS\System32\drivers\asyncmac.sys.dump
[2013.07.22 10:38:32 | 000,012,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsvga.sys.dump
[2013.07.22 10:38:32 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\ws2ifsl.sys.dump
[2013.07.22 10:38:32 | 000,011,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\acpiec.sys.dump
[2013.07.22 10:38:32 | 000,011,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\irenum.sys.dump
[2013.07.22 10:38:32 | 000,004,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbd.sys.dump
[2013.07.22 10:38:32 | 000,004,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\mnmdd.sys.dump
[2013.07.22 10:38:32 | 000,003,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\oprghdlr.sys.dump
[2013.07.22 10:38:32 | 000,003,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\pciide.sys.dump
[2013.07.22 10:38:30 | 000,055,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.dump
[2013.07.22 10:38:30 | 000,051,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\tosdvd.sys.dump
[2013.07.22 10:38:30 | 000,034,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\rawwan.sys.dump
[2013.07.22 10:38:30 | 000,026,368 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbstor.sys.dump
[2013.07.22 10:38:30 | 000,025,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbprint.sys.dump
[2013.07.22 10:38:30 | 000,021,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\tsbvcap.sys.dump
[2013.07.22 10:38:30 | 000,015,104 | ---- | M] () -- C:\WINDOWS\System32\drivers\usbscan.sys.dump
[2013.07.22 10:38:30 | 000,014,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\smclib.sys.dump
[2013.07.22 10:38:30 | 000,012,800 | ---- | M] () -- C:\WINDOWS\System32\drivers\usb8023.sys.dump
[2013.07.22 10:38:30 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\riodrv.sys.dump
[2013.07.22 10:38:30 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\rio8drv.sys.dump
[2013.07.22 10:38:30 | 000,005,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\rootmdm.sys.dump
[2013.07.22 10:38:28 | 000,352,256 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmuni.sys.dump
[2013.07.22 10:38:28 | 000,262,528 | ---- | M] () -- C:\WINDOWS\System32\drivers\cinemst2.sys.dump
[2013.07.22 10:38:28 | 000,063,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnknb.sys.dump
[2013.07.22 10:38:28 | 000,032,896 | ---- | M] () -- C:\WINDOWS\System32\drivers\ipfltdrv.sys.dump
[2013.07.22 10:38:28 | 000,032,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnkfwd.sys.dump
[2013.07.22 10:38:28 | 000,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\cbidf2k.sys.dump
[2013.07.22 10:38:28 | 000,012,416 | ---- | M] () -- C:\WINDOWS\System32\drivers\nwlnkflt.sys.dump
[2013.07.22 10:38:28 | 000,012,032 | ---- | M] () -- C:\WINDOWS\System32\drivers\nikedrv.sys.dump
[2013.07.22 10:38:28 | 000,011,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\cpqdap01.sys.dump
[2013.07.22 10:38:28 | 000,010,496 | ---- | M] () -- C:\WINDOWS\System32\drivers\dxapi.sys.dump
[2013.07.22 10:38:28 | 000,007,680 | ---- | M] () -- C:\WINDOWS\System32\drivers\mcd.sys.dump
[2013.07.22 10:38:26 | 000,182,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndis.sys.dump
[2013.07.22 10:38:26 | 000,091,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndiswan.sys.dump
[2013.07.22 10:38:26 | 000,031,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\atmepvc.sys.dump
[2013.07.22 10:38:26 | 000,027,392 | ---- | M] () -- C:\WINDOWS\System32\drivers\fdc.sys.dump
[2013.07.22 10:38:26 | 000,018,688 | ---- | M] () -- C:\WINDOWS\System32\drivers\cdaudio.sys.dump
[2013.07.22 10:38:26 | 000,016,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\raspti.sys.dump
[2013.07.22 10:38:26 | 000,008,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\rasacd.sys.dump
[2013.07.22 10:38:26 | 000,007,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\fs_rec.sys.dump
[2013.07.22 10:38:26 | 000,006,784 | ---- | M] () -- C:\WINDOWS\System32\drivers\parvdm.sys.dump
[2013.07.22 10:38:26 | 000,004,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\rdpcdd.sys.dump
[2013.07.22 10:38:26 | 000,004,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\beep.sys.dump
[2013.07.22 10:38:26 | 000,003,328 | ---- | M] () -- C:\WINDOWS\System32\drivers\dxgthk.sys.dump
[2013.07.22 10:38:26 | 000,002,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\null.sys.dump
[2013.07.22 10:38:24 | 000,125,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\ftdisk.sys.dump
[2013.07.22 10:38:24 | 000,080,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\parport.sys.dump
[2013.07.22 10:38:24 | 000,005,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmload.sys.dump
[2013.07.22 10:38:24 | 000,004,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\wmilib.sys.dump
[2013.07.22 08:37:58 | 000,915,968 | ---- | M] () -- C:\Documents and Settings\norbi\Plocha\RogueKiller.exe
[2013.07.21 18:29:18 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\norbi\Plocha\adwcleaner.exe
[2013.07.21 16:08:04 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.07.21 14:24:26 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\norbi\Plocha\RSIT.exe
[2013.07.20 14:41:08 | 000,335,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.07.19 12:13:02 | 000,001,663 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.07.19 10:54:50 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013.07.19 10:51:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.19 10:40:40 | 070,530,926 | ---- | M] () -- D:\DOKUMENTY\BackupRegistry(20130719).reg
[2013.07.19 10:13:38 | 000,396,876 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.07.19 10:13:38 | 000,394,400 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.07.19 10:13:38 | 000,070,794 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.07.19 10:13:38 | 000,060,446 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.07.19 10:12:30 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.07.19 10:10:54 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\norbi\Plocha\Windows Media Player.lnk
[2013.07.19 10:07:20 | 000,008,840 | ---- | M] () -- C:\WINDOWS\SEC12EA.PNF
[2013.07.19 09:55:32 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2013.07.19 09:54:36 | 000,002,948 | ---- | M] () -- C:\WINDOWS\SEC56.PNF
[2013.07.13 16:15:00 | 000,001,805 | ---- | M] () -- C:\Documents and Settings\norbi\Plocha\1-Click Cleaner.lnk
[2013.07.13 16:15:00 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\norbi\Plocha\WinXP Manager.lnk
[2013.07.12 17:05:52 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\ReminderNextRun
[2013.07.12 16:51:10 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\norbi\Plocha\Total Commander.lnk
[2013.07.12 16:30:00 | 000,044,544 | ---- | M] () -- C:\Documents and Settings\norbi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Documents and Settings\norbi\*.tmp files -> C:\Documents and Settings\norbi\*.tmp -> ]

ANGILO · #24 Příspěvek od **ANGILO** » 23 črc 2013 17:23

========== Files Created - No Company Name ==========

[2013.07.23 17:12:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.23 15:11:01 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.07.22 09:54:46 | 002,311,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS.dump
[2013.07.22 09:54:46 | 000,083,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\wdmaud.sys.dump
[2013.07.22 09:54:46 | 000,081,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\videoprt.sys.dump
[2013.07.22 09:54:46 | 000,052,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys.dump
[2013.07.22 09:54:46 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wanarp.sys.dump
[2013.07.22 09:54:46 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\vga.sys.dump
[2013.07.22 09:54:45 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\sisgrp.sys.dump
[2013.07.22 09:54:45 | 000,036,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\SISAGPX.SYS.dump
[2013.07.22 09:54:45 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sisnicxp.sys.dump
[2013.07.22 09:54:45 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\srvkp.sys.dump
[2013.07.22 09:54:44 | 001,038,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\HSF_DP.sys.dump
[2013.07.22 09:54:44 | 000,200,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\HSFHWSIS.sys.dump
[2013.07.22 09:54:44 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\AmdK8.sys.dump
[2013.07.22 09:54:43 | 000,703,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys.dump
[2013.07.22 09:54:43 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys.dump
[2013.07.22 09:54:43 | 000,044,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\agpcpq.sys.dump
[2013.07.22 09:54:43 | 000,042,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\agp440.sys.dump
[2013.07.22 09:54:43 | 000,040,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys.dump
[2013.07.22 09:54:43 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\GMFilter.sys.dump
[2013.07.22 09:54:43 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys.dump
[2013.07.22 09:54:43 | 000,022,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbam.sys.dump
[2013.07.22 09:54:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys.dump
[2013.07.22 09:54:43 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\siside.sys.dump
[2013.07.22 09:54:42 | 000,701,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati2mtag.sys.dump
[2013.07.22 09:54:42 | 000,326,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati2mtaa.sys.dump
[2013.07.22 09:54:42 | 000,063,663 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1rvxx.sys.dump
[2013.07.22 09:54:42 | 000,056,623 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1btxx.sys.dump
[2013.07.22 09:54:42 | 000,042,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\alim1541.sys.dump
[2013.07.22 09:54:42 | 000,041,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\amdk7.sys.dump
[2013.07.22 09:54:42 | 000,036,463 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.dump
[2013.07.22 09:54:42 | 000,034,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.dump
[2013.07.22 09:54:42 | 000,030,671 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1raxx.sys.dump
[2013.07.22 09:54:42 | 000,029,455 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.dump
[2013.07.22 09:54:42 | 000,026,367 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1snxx.sys.dump
[2013.07.22 09:54:42 | 000,021,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.dump
[2013.07.22 09:54:42 | 000,012,047 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.dump
[2013.07.22 09:54:42 | 000,011,615 | ---- | C] () -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.dump
[2013.07.22 09:54:41 | 000,272,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthport.sys.dump
[2013.07.22 09:54:41 | 000,104,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys.dump
[2013.07.22 09:54:41 | 000,101,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthpan.sys.dump
[2013.07.22 09:54:41 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys.dump
[2013.07.22 09:54:41 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys.dump
[2013.07.22 09:54:41 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys.dump
[2013.07.22 09:54:41 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys.dump
[2013.07.22 09:54:41 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxbxx.sys.dump
[2013.07.22 09:54:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinsnxx.sys.dump
[2013.07.22 09:54:41 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthusb.sys.dump
[2013.07.22 09:54:41 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys.dump
[2013.07.22 09:54:41 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys.dump
[2013.07.22 09:54:41 | 000,013,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys.dump
[2013.07.22 09:54:40 | 000,685,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfcxts2.sys.dump
[2013.07.22 09:54:40 | 000,302,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwdrv.sys.dump
[2013.07.22 09:54:40 | 000,220,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys.dump
[2013.07.22 09:54:40 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\hdaudbus.sys.dump
[2013.07.22 09:54:40 | 000,129,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\fltMgr.sys.dump
[2013.07.22 09:54:40 | 000,071,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\khips.sys.dump
[2013.07.22 09:54:40 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\gagp30kx.sys.dump
[2013.07.22 09:54:40 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidbth.sys.dump
[2013.07.22 09:54:40 | 000,019,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidir.sys.dump
[2013.07.22 09:54:39 | 001,041,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys.dump
[2013.07.22 09:54:39 | 000,062,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\ft1000.sys.dump
[2013.07.22 09:54:39 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\ip6fw.sys.dump
[2013.07.22 09:54:39 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\mssmbios.sys.dump
[2013.07.22 09:54:38 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys.dump
[2013.07.22 09:54:38 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys.dump
[2013.07.22 09:54:38 | 000,126,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.dump
[2013.07.22 09:54:37 | 001,897,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\nv4_mini.sys.dump
[2013.07.22 09:54:37 | 000,180,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys.dump
[2013.07.22 09:54:37 | 000,012,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\mutohpen.sys.dump
[2013.07.22 09:54:37 | 000,012,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\mouhid.sys.dump
[2013.07.22 09:54:36 | 000,404,990 | ---- | C] () -- C:\WINDOWS\System32\drivers\slntamr.sys.dump
[2013.07.22 09:54:36 | 000,129,535 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnt7554.sys.dump
[2013.07.22 09:54:36 | 000,059,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\rfcomm.sys.dump
[2013.07.22 09:54:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\sisagp.sys.dump
[2013.07.22 09:54:36 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismpx.sys.dump
[2013.07.22 09:54:36 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\DKbFltr.SYS.dump
[2013.07.22 09:54:36 | 000,011,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffdisk.sys.dump
[2013.07.22 09:54:36 | 000,011,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_sd.sys.dump
[2013.07.22 09:54:36 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\NTIDrvr.sys.dump
[2013.07.22 09:54:35 | 000,384,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\update.sys.dump
[2013.07.22 09:54:35 | 000,188,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\acpi.sys.dump
[2013.07.22 09:54:35 | 000,121,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbvideo.sys.dump
[2013.07.22 09:54:35 | 000,095,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnthal.sys.dump
[2013.07.22 09:54:35 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\viaagp.sys.dump
[2013.07.22 09:54:35 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbehci.sys.dump
[2013.07.22 09:54:35 | 000,022,271 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv06nt.sys.dump
[2013.07.22 09:54:35 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\wacompen.sys.dump
[2013.07.22 09:54:35 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys.dump
[2013.07.22 09:54:35 | 000,013,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys.dump
[2013.07.22 09:54:35 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\tunmp.sys.dump
[2013.07.22 09:54:35 | 000,011,935 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys.dump
[2013.07.22 09:54:35 | 000,011,871 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys.dump
[2013.07.22 09:54:35 | 000,011,807 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys.dump
[2013.07.22 09:54:35 | 000,011,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys.dump
[2013.07.22 09:54:34 | 000,185,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\SynTP.sys.dump
[2013.07.22 09:54:34 | 000,172,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmixer.sys.dump
[2013.07.22 09:54:34 | 000,171,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\MpFilter.sys.dump
[2013.07.22 09:54:34 | 000,153,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmio.sys.dump
[2013.07.22 09:54:34 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\aec.sys.dump
[2013.07.22 09:54:34 | 000,141,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\ks.sys.dump
[2013.07.22 09:54:34 | 000,060,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\drmk.sys.dump
[2013.07.22 09:54:34 | 000,052,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\DMusic.sys.dump
[2013.07.22 09:54:34 | 000,024,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidparse.sys.dump
[2013.07.22 09:54:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\kbdclass.sys.dump
[2013.07.22 09:54:34 | 000,020,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipinip.sys.dump
[2013.07.22 09:54:33 | 000,369,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\BCMWL5.SYS.dump
[2013.07.22 09:54:33 | 000,180,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrxdav.sys.dump
[2013.07.22 09:54:33 | 000,049,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\classpnp.sys.dump
[2013.07.22 09:54:33 | 000,042,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\mountmgr.sys.dump
[2013.07.22 09:54:33 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthmodem.sys.dump
[2013.07.22 09:54:33 | 000,035,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\msgpc.sys.dump
[2013.07.22 09:54:33 | 000,030,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\npfs.sys.dump
[2013.07.22 09:54:33 | 000,017,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\BthEnum.sys.dump
[2013.07.22 09:54:33 | 000,013,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\recagent.sys.dump
[2013.07.22 09:54:33 | 000,010,890 | ---- | C] () -- C:\WINDOWS\System32\drivers\OsaFsLoc.sys.dump
[2013.07.22 09:54:33 | 000,010,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\pfc.sys.dump
[2013.07.22 09:54:33 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\osaio.sys.dump
[2013.07.22 09:54:33 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\mskssrv.sys.dump
[2013.07.22 09:54:33 | 000,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspclock.sys.dump
[2013.07.22 09:54:33 | 000,004,010 | ---- | C] () -- C:\WINDOWS\System32\drivers\osanbm.sys.dump
[2013.07.22 09:54:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\audstub.sys.dump
[2013.07.22 09:54:32 | 000,202,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\RMCast.sys.dump
[2013.07.22 09:54:32 | 000,175,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdbss.sys.dump
[2013.07.22 09:54:32 | 000,120,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\pcmcia.sys.dump
[2013.07.22 09:54:32 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipsec.sys.dump
[2013.07.22 09:54:32 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmlane.sys.dump
[2013.07.22 09:54:32 | 000,048,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspptp.sys.dump
[2013.07.22 09:54:32 | 000,037,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\isapnp.sys.dump
[2013.07.22 09:54:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidclass.sys.dump
[2013.07.22 09:54:32 | 000,036,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthprint.sys.dump
[2013.07.22 09:54:32 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\modem.sys.dump
[2013.07.22 09:54:32 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\flpydisk.sys.dump
[2013.07.22 09:54:32 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\CmBatt.sys.dump
[2013.07.22 09:54:32 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023x.sys.dump
[2013.07.22 09:54:31 | 000,334,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\srv.sys.dump
[2013.07.22 09:54:31 | 000,196,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpdr.sys.dump
[2013.07.22 09:54:31 | 000,139,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpwd.sys.dump
[2013.07.22 09:54:31 | 000,079,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sdbus.sys.dump
[2013.07.22 09:54:31 | 000,073,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\sr.sys.dump
[2013.07.22 09:54:31 | 000,056,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmidi.sys.dump
[2013.07.22 09:54:31 | 000,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv10nt.sys.dump
[2013.07.22 09:54:31 | 000,025,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonydcam.sys.dump
[2013.07.22 09:54:31 | 000,019,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\partmgr.sys.dump
[2013.07.22 09:54:31 | 000,011,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfloppy.sys.dump
[2013.07.22 09:54:31 | 000,010,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidusb.sys.dump
[2013.07.22 09:54:31 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_mmc.sys.dump
[2013.07.22 09:54:31 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\splitter.sys.dump
[2013.07.22 09:54:31 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\smbali.sys.dump
[2013.07.22 09:54:31 | 000,004,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\swenum.sys.dump
[2013.07.22 09:54:30 | 000,574,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntfs.sys.dump
[2013.07.22 09:54:30 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys.dump
[2013.07.22 09:54:30 | 000,162,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\netbt.sys.dump
[2013.07.22 09:54:30 | 000,061,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\nic1394.sys.dump
[2013.07.22 09:54:30 | 000,060,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\sysaudio.sys.dump
[2013.07.22 09:54:30 | 000,058,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\redbook.sys.dump
[2013.07.22 09:54:30 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismp.sys.dump
[2013.07.22 09:54:30 | 000,024,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\pciidex.sys.dump
[2013.07.22 09:54:30 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\tape.sys.dump
[2013.07.22 09:54:29 | 000,361,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\tcpip.sys.dump
[2013.07.22 09:54:29 | 000,264,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\http.sys.dump
[2013.07.22 09:54:29 | 000,092,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ksecdd.sys.dump
[2013.07.22 09:54:29 | 000,071,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\bridge.sys.dump
[2013.07.22 09:54:29 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmarpc.sys.dump
[2013.07.22 09:54:29 | 000,042,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\imapi.sys.dump
[2013.07.22 09:54:29 | 000,040,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\intelppm.sys.dump
[2013.07.22 09:54:29 | 000,019,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdi.sys.dump
[2013.07.22 09:54:29 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\diskdump.sys.dump
[2013.07.22 09:54:29 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\battc.sys.dump
[2013.07.22 09:54:29 | 000,011,868 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdmxsdk.sys.dump
[2013.07.22 09:54:29 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\compbatt.sys.dump
[2013.07.22 09:54:28 | 000,146,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\portcls.sys.dump
[2013.07.22 09:54:28 | 000,138,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\afd.sys.dump
[2013.07.22 09:54:28 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys.dump
[2013.07.22 09:54:28 | 000,071,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxg.sys.dump
[2013.07.22 09:54:28 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\udfs.sys.dump
[2013.07.22 09:54:28 | 000,060,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\arp1394.sys.dump
[2013.07.22 09:54:28 | 000,052,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\i8042prt.sys.dump
[2013.07.22 09:54:28 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\amdagp.sys.dump
[2013.07.22 09:54:28 | 000,041,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\amdk6.sys.dump
[2013.07.22 09:54:28 | 000,040,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\termdd.sys.dump
[2013.07.22 09:54:28 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\disk.sys.dump
[2013.07.22 09:54:28 | 000,034,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\netbios.sys.dump
[2013.07.22 09:54:28 | 000,021,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdtcp.sys.dump
[2013.07.22 09:54:28 | 000,012,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdpipe.sys.dump
[2013.07.22 09:54:28 | 000,010,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndistapi.sys.dump
[2013.07.22 09:54:28 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\drmkaud.sys.dump
[2013.07.22 09:54:27 | 000,152,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipnat.sys.dump
[2013.07.22 09:54:27 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\scsiport.sys.dump
[2013.07.22 09:54:27 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\psched.sys.dump
[2013.07.22 09:54:27 | 000,064,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\serial.sys.dump
[2013.07.22 09:54:27 | 000,063,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdfs.sys.dump
[2013.07.22 09:54:27 | 000,051,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\rasl2tp.sys.dump
[2013.07.22 09:54:27 | 000,049,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\stream.sys.dump
[2013.07.22 09:54:27 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\p3.sys.dump
[2013.07.22 09:54:27 | 000,044,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\uagp35.sys.dump
[2013.07.22 09:54:27 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\fips.sys.dump
[2013.07.22 09:54:27 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspppoe.sys.dump
[2013.07.22 09:54:27 | 000,039,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\processr.sys.dump
[2013.07.22 09:54:27 | 000,019,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\msfs.sys.dump
[2013.07.22 09:54:27 | 000,015,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\serenum.sys.dump
[2013.07.22 09:54:27 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisuio.sys.dump
[2013.07.22 09:54:26 | 001,270,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\AGRSM.sys.dump
[2013.07.22 09:54:26 | 000,143,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\fastfat.sys.dump
[2013.07.22 09:54:26 | 000,063,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\mf.sys.dump
[2013.07.22 09:54:26 | 000,025,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbcamd2.sys.dump
[2013.07.22 09:54:25 | 000,456,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrxsmb.sys.dump
[2013.07.22 09:54:25 | 000,225,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\tcpip6.sys.dump
[2013.07.22 09:54:25 | 000,105,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\mup.sys.dump
[2013.07.22 09:54:25 | 000,088,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkipx.sys.dump
[2013.07.22 09:54:25 | 000,059,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbhub.sys.dump
[2013.07.22 09:54:25 | 000,040,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndproxy.sys.dump
[2013.07.22 09:54:25 | 000,040,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\nmnt.sys.dump
[2013.07.22 09:54:25 | 000,032,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbccgp.sys.dump
[2013.07.22 09:54:25 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbohci.sys.dump
[2013.07.22 09:54:25 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbintel.sys.dump
[2013.07.22 09:54:25 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspqm.sys.dump
[2013.07.22 09:54:24 | 000,800,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmboot.sys.dump
[2013.07.22 09:54:24 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbport.sys.dump
[2013.07.22 09:54:24 | 000,068,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\pci.sys.dump
[2013.07.22 09:54:24 | 000,062,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdrom.sys.dump
[2013.07.22 09:54:24 | 000,040,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\crusoe.sys.dump
[2013.07.22 09:54:24 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\mouclass.sys.dump
[2013.07.22 09:54:24 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\asyncmac.sys.dump
[2013.07.22 09:54:24 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbd.sys.dump
[2013.07.22 09:54:24 | 000,003,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\oprghdlr.sys.dump
[2013.07.22 09:54:24 | 000,003,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\pciide.sys.dump
[2013.07.22 09:54:23 | 000,063,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnknb.sys.dump
[2013.07.22 09:54:23 | 000,058,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\vdmindvd.sys.dump
[2013.07.22 09:54:23 | 000,055,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.dump
[2013.07.22 09:54:23 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\tosdvd.sys.dump
[2013.07.22 09:54:23 | 000,034,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\rawwan.sys.dump
[2013.07.22 09:54:23 | 000,032,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkfwd.sys.dump
[2013.07.22 09:54:23 | 000,026,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbstor.sys.dump
[2013.07.22 09:54:23 | 000,025,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbprint.sys.dump
[2013.07.22 09:54:23 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbcamd.sys.dump
[2013.07.22 09:54:23 | 000,021,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\tsbvcap.sys.dump
[2013.07.22 09:54:23 | 000,015,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbscan.sys.dump
[2013.07.22 09:54:23 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\smclib.sys.dump
[2013.07.22 09:54:23 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023.sys.dump
[2013.07.22 09:54:23 | 000,012,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkflt.sys.dump
[2013.07.22 09:54:23 | 000,012,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsvga.sys.dump
[2013.07.22 09:54:23 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\ws2ifsl.sys.dump
[2013.07.22 09:54:23 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\riodrv.sys.dump
[2013.07.22 09:54:23 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\rio8drv.sys.dump
[2013.07.22 09:54:23 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\nikedrv.sys.dump
[2013.07.22 09:54:23 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\acpiec.sys.dump
[2013.07.22 09:54:23 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\irenum.sys.dump
[2013.07.22 09:54:23 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootmdm.sys.dump
[2013.07.22 09:54:23 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\mnmdd.sys.dump
[2013.07.22 09:54:22 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmuni.sys.dump
[2013.07.22 09:54:22 | 000,262,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\cinemst2.sys.dump
[2013.07.22 09:54:22 | 000,032,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipfltdrv.sys.dump
[2013.07.22 09:54:22 | 000,031,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atmepvc.sys.dump
[2013.07.22 09:54:22 | 000,027,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\fdc.sys.dump
[2013.07.22 09:54:22 | 000,018,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\cdaudio.sys.dump
[2013.07.22 09:54:22 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\cbidf2k.sys.dump
[2013.07.22 09:54:22 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\cpqdap01.sys.dump
[2013.07.22 09:54:22 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxapi.sys.dump
[2013.07.22 09:54:22 | 000,008,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\rasacd.sys.dump
[2013.07.22 09:54:22 | 000,007,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\fs_rec.sys.dump
[2013.07.22 09:54:22 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\mcd.sys.dump
[2013.07.22 09:54:22 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys.dump
[2013.07.22 09:54:22 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpcdd.sys.dump
[2013.07.22 09:54:22 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\beep.sys.dump
[2013.07.22 09:54:22 | 000,003,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxgthk.sys.dump
[2013.07.22 09:54:22 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\null.sys.dump
[2013.07.22 09:54:21 | 000,182,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndis.sys.dump
[2013.07.22 09:54:21 | 000,125,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\ftdisk.sys.dump
[2013.07.22 09:54:21 | 000,091,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndiswan.sys.dump
[2013.07.22 09:54:21 | 000,080,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\parport.sys.dump
[2013.07.22 09:54:21 | 000,017,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\ptilink.sys.dump
[2013.07.22 09:54:21 | 000,016,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspti.sys.dump
[2013.07.22 09:54:21 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmload.sys.dump
[2013.07.22 09:54:21 | 000,004,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\wmilib.sys.dump
[2013.07.22 08:39:44 | 000,915,968 | ---- | C] () -- C:\Documents and Settings\norbi\Plocha\RogueKiller.exe
[2013.07.21 18:30:50 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\norbi\Plocha\adwcleaner.exe
[2013.07.21 14:25:27 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\norbi\Plocha\RSIT.exe
[2013.07.20 10:02:41 | 000,000,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2013.07.19 11:01:49 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.07.19 10:51:51 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
[2013.07.19 10:40:31 | 070,530,926 | ---- | C] () -- D:\DOKUMENTY\BackupRegistry(20130719).reg
[2013.07.19 10:07:19 | 000,008,840 | ---- | C] () -- C:\WINDOWS\SEC12EA.PNF
[2013.07.19 10:02:58 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013.07.19 10:02:58 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013.07.19 10:02:57 | 000,674,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013.07.19 10:02:57 | 000,069,570 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013.07.19 10:02:57 | 000,028,164 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013.07.19 10:02:57 | 000,001,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013.07.19 10:02:57 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013.07.19 10:02:56 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013.07.19 10:02:56 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013.07.19 10:02:56 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013.07.19 10:02:56 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013.07.19 10:02:56 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013.07.19 10:02:56 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013.07.19 10:02:55 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013.07.19 10:02:55 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013.07.19 10:02:55 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013.07.19 10:02:55 | 000,058,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013.07.19 10:02:54 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013.07.19 10:02:53 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013.07.19 10:02:53 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013.07.19 10:02:53 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013.07.19 10:02:53 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013.07.19 10:02:53 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013.07.19 10:02:53 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013.07.19 10:02:53 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013.07.19 10:02:53 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013.07.19 10:02:53 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013.07.19 10:02:53 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013.07.19 10:02:53 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013.07.19 10:02:53 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013.07.19 10:02:53 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013.07.19 10:02:53 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013.07.19 10:02:53 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013.07.19 10:02:53 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013.07.19 10:02:53 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013.07.19 10:02:53 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013.07.19 10:02:53 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013.07.19 10:02:53 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013.07.19 10:02:53 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013.07.19 10:02:53 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013.07.19 10:02:53 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013.07.19 10:02:53 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013.07.19 10:02:53 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013.07.19 10:02:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013.07.19 10:02:52 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013.07.19 10:02:52 | 000,086,446 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013.07.19 10:02:52 | 000,066,170 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013.07.19 10:02:52 | 000,001,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013.07.19 10:02:52 | 000,001,480 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013.07.19 10:02:52 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013.07.19 10:02:52 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013.07.19 10:02:52 | 000,001,462 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013.07.19 10:02:52 | 000,001,263 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013.07.19 10:02:52 | 000,001,059 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013.07.19 10:02:52 | 000,001,042 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013.07.19 10:02:52 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013.07.19 10:02:52 | 000,000,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013.07.19 10:02:52 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013.07.19 10:02:52 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013.07.19 10:02:52 | 000,000,777 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013.07.19 10:02:52 | 000,000,774 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013.07.19 10:02:52 | 000,000,722 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013.07.19 10:02:51 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013.07.19 10:02:51 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013.07.19 10:02:50 | 000,036,870 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013.07.19 10:02:50 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013.07.19 10:02:50 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013.07.19 10:02:49 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013.07.19 10:02:49 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013.07.19 10:02:48 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013.07.19 10:02:48 | 000,184,130 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013.07.19 10:02:48 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013.07.19 10:02:48 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013.07.19 10:02:48 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013.07.19 10:02:48 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013.07.19 10:02:48 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013.07.19 10:02:48 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013.07.19 10:02:48 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013.07.19 10:02:48 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013.07.19 10:02:48 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013.07.19 09:55:52 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013.07.19 09:55:52 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013.07.19 09:55:50 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013.07.19 09:54:34 | 000,002,948 | ---- | C] () -- C:\WINDOWS\SEC56.PNF
[2013.07.13 16:39:21 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2013.07.13 16:14:58 | 000,001,805 | ---- | C] () -- C:\Documents and Settings\norbi\Plocha\1-Click Cleaner.lnk
[2013.07.13 16:14:58 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\norbi\Plocha\WinXP Manager.lnk
[2013.07.12 22:46:12 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013.07.12 22:46:09 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2013.07.12 22:44:14 | 000,129,045 | R--- | C] () -- C:\WINDOWS\System32\drivers\HSFProf.cty
[2013.07.12 22:43:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2013.07.12 22:43:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2013.07.12 22:43:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2013.01.05 14:59:22 | 000,000,451 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2012.01.16 13:13:28 | 000,001,663 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2011.07.18 23:42:35 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ReminderNextRun
[2008.12.27 15:25:07 | 000,036,280 | ---- | C] () -- C:\Documents and Settings\norbi\GamingC.mac
[2006.12.27 16:14:33 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\norbi\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013.07.13 16:12:14 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008.04.14 08:51:42 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008.01.24 17:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\POPWWPROFILES
[2007.02.14 21:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\RobotsDemo
[2013.07.12 22:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\DRPSu

========== Purity Check ==========

========== Custom Scans ==========

< >
[2004.08.18 20:00:00 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2005.03.09 11:13:16 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.07.19 11:01:49 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.07.23 15:11:01 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job

< >

< MD5 for: AGP440.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\snack\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\snack\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 20:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\snack\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 20:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 20:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 20:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\explorer.exe
[2007.06.13 14:12:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:40 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 20:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 20:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\snack\isapnp.sys
[2008.04.14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 20:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\snack\ndis.sys
[2008.04.13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 20:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 20:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 20:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 20:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 20:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\snack\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:36 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 20:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 20:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 20:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\00e011c76ebe11c677ffeb06b01169ed\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\00e011c76ebe11c677ffeb06b01169ed\*.tmp -> ]
[1 C:\WINDOWS\system32\CatRoot\*.tmp files -> C:\WINDOWS\system32\CatRoot\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2005.03.07 16:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Identities
[2005.03.07 15:53:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\norbi\Data aplikací\Microsoft
[2006.12.12 23:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Microsoft Web Folders
[2006.12.12 23:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\CyberLink
[2006.12.25 17:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Adobe
[2007.02.14 21:09:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\RobotsDemo
[2007.08.18 11:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\FaxCtr
[2007.12.22 13:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Macromedia
[2007.12.22 13:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Google
[2007.12.23 10:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Help
[2010.04.26 19:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\AdobeUM
[2010.08.04 20:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Mozilla
[2013.07.12 22:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\DRPSu
[2013.07.21 15:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\norbi\Data aplikací\Malwarebytes

< %APPDATA%\*.exe /s >
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\ClickCleaner.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\ClearMem.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\DesktopCleaner.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\DiskAnalyzer.exe
[2013.07.13 16:15:00 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\DuplicateFilesFinder.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\FileSecurity.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\FileSplitter.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\IconManager.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\IEManager.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\JunkFileCleaner.exe
[2013.07.13 16:15:00 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\LiveUpdate.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\OptimizationWizard.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\PrivacyProtector.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\ProcessManager.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\RegistryCleaner.exe
[2013.07.13 16:15:00 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\RegistryDefrag.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\RepairCenter.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\RunShortcutCreator.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\ServiceManager.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\Shutdown.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\StartupManager.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\SystemInfo.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\Uninstaller.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\WallpaperChanger.exe
[2013.07.13 16:15:00 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\WinXP_Manager.exe
[2013.07.13 16:15:00 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\ContextMenuManager.exe
[2013.07.13 16:15:00 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\IPSwitcher.exe
[2013.07.13 16:15:00 | 000,014,534 | R--- | M] () -- C:\Documents and Settings\norbi\Data aplikací\Microsoft\Installer\{75107D49-1FD4-45F5-8242-211D68B04ABD}\SystemFolder_msiexec.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005.03.07 15:52:36 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2005.03.07 15:52:36 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005.03.07 15:52:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2013.07.21 16:08:04 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

< %systemroot%\system32\*.* /3 >
[2013.07.23 16:53:28 | 000,000,451 | ---- | M] () -- C:\WINDOWS\system32\eRLog.ini
[2013.07.23 16:53:36 | 000,114,240 | ---- | M] () -- C:\WINDOWS\system32\PcCard0.log
[2013.07.23 16:53:36 | 000,066,045 | ---- | M] () -- C:\WINDOWS\system32\fmmservice.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.23 17:12:22 | 000,000,512 | ---- | M] () MD5=96AE1B6C7DF365346740C616D08C681F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2004.08.18 20:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\dmloader.dll
[2008.04.13 20:31:48 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.ntd
[2006.12.01 18:34:16 | 000,053,248 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2009.12.22 15:26:24 | 000,138,752 | ---- | M] () -- \Program Files\Common Files\BUSINESS OBJECTS\3.0\BIN\saxmlserialize.dll
[2009.12.22 15:26:24 | 000,212,992 | ---- | M] () -- \Program Files\Common Files\BUSINESS OBJECTS\3.0\BIN\saxserialize.dll
[2004.08.18 20:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2013.07.13 16:12:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2005.09.23 07:28:56 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2008.04.14 07:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\snack\serial.sys
[2008.04.14 04:17:26 | 000,028,416 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\serial.sys
[2004.08.18 20:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2004.08.18 20:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2004.08.18 20:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2004.08.18 20:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[2013.07.22 10:38:40 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys.dump

< *w7lxe* /s >

< End of report >

ANGILO · #25 Příspěvek od **ANGILO** » 23 črc 2013 17:24

OTL Extras logfile created on: 23. 7. 2013 16:59:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\norbi\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

446,48 Mb Total Physical Memory | 98,41 Mb Available Physical Memory | 22,04% Memory free
1,03 Gb Paging File | 0,51 Gb Available in Paging File | 49,51% Paging File free
Paging file location(s): D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,22 Gb Total Space | 4,09 Gb Free Space | 15,60% Space Free | Partition Type: FAT32
Drive D: | 26,71 Gb Total Space | 18,82 Gb Free Space | 70,47% Space Free | Partition Type: FAT32

Computer Name: ACER | User Name: norbi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1390230913-1518067078-3131263384-1006\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" = C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI -- (Sunbelt Software)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\groove.exe" = C:\Program Files\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Panel nástrojů
"{235C3A50-559F-4CAA-BAC3-4CC9ABF51976}" = GM-4200 Gamer Mouse Optical
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Arcade 3.0
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4F6B5F36-D87F-4AD7-BB78-D6F2F6327036}" = Robots Demo
"{5242A858-AD61-4130-92D4-BDF5087CE562}" = NTI CD & DVD-Maker
"{53B9A1FE-FF04-4431-B394-B110FE794200}" = Bad Boys 2
"{555ACAE5-B0D5-4E12-8F95-22757DEFAD0F}" = Stubbs the Zombie
"{69CC0647-7F98-4358-AAB6-4F65C0705400}" = NTI Backup NOW! 4
"{7032E73F-68A0-48F9-8100-E70E79169BAE}" = AGEIA PhysX v6.12.02
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{75107D49-1FD4-45F5-8242-211D68B04ABD}" = WinXP Manager
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{921D63F9-B829-43E9-BCDA-25384027A02D}" = Scooby-Doo (TM) - Záhada ve městě duchů
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9826FB84-BE39-4864-ABB1-45B8F04F3098}" = OMEGA 13.00.00
"{99ACFE14-A5B2-11D4-B7D3-000102392A3A}" = Sno-Cross Extreme Demo
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DC226AC9-0314-496C-BE6A-B6A132628466}" = SiSAGP driver
"{E659E0EE-10E6-49B7-8696-60F38D0EB174}" = Sunbelt Kerio Personal Firewall
"{EE5BC0BB-9EDA-423C-8276-48857B735D68}" = Prince of Persia Warrior Within
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Brave Dwarves Back for Treasures_is1" = Brave Dwarves Back for Treasures 1.1
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_00821025" = SoftV90 Data Fax Modem with SmartCP
"Deus Ex" = Deus Ex
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GameSpy Arcade" = GameSpy Arcade
"Hitman 2: Silent Assassin" = Hitman 2: Silent Assassin
"InstallShield_{5242A858-AD61-4130-92D4-BDF5087CE562}" = NTI CD & DVD-Maker Gold
"InstallShield_{555ACAE5-B0D5-4E12-8F95-22757DEFAD0F}" = Stubbs the Zombie
"InstallShield_{69CC0647-7F98-4358-AAB6-4F65C0705400}" = NTI Backup NOW! 4
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"James Bond 007: Nightfire" = James Bond 007: Nightfire
"Knight Rider 2" = Knight Rider 2
"Lexmark 2400 Series" = Lexmark 2400 Series
"Lexmark Fax Solutions" = Faxové funkce Lexmark
"LManager" = Launch Manager
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft Security Client" = Microsoft Security Essentials
"Mobility Manager" = Mobility Manager
"Mozilla Firefox 22.0 (x86 sk)" = Mozilla Firefox 22.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SiS VGA Driver" = SiS VGA Utilities
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tomb Raider - The Lost Artifact" = Tomb Raider - The Lost Artifact
"Tomb Raider III" = Tomb Raider III
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21. 7. 2013 10:09:03 | Computer Name = ACER | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 21. 7. 2013 10:09:03 | Computer Name = ACER | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 23. 7. 2013 4:12:04 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 22.0.0.4917, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23. 7. 2013 7:57:08 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msiexec.exe, verze 3.1.4001.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23. 7. 2013 8:06:45 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23. 7. 2013 8:06:49 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23. 7. 2013 8:07:56 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23. 7. 2013 8:08:58 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 23. 7. 2013 8:10:54 | Computer Name = ACER | Source = MsiInstaller | ID = 11316
Description = Product: Robots Demo -- Error 1316. A network error occurred while
attempting to read from the file: C:\WINDOWS\Installer\WIS4F6B5F36D87F4AD7BB78D6F2F6327036_1_0_0.MSI

Error - 23. 7. 2013 8:11:33 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 23. 7. 2013 8:42:08 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:23 | Computer Name = ACER | Source = Service Control Manager | ID = 7023
Description = Služba Image Task byla ukončena s následující chybou: %%126

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 23. 7. 2013 10:53:29 | Computer Name = ACER | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby SENS
s argumenty za účelem spuštění serveru: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

< End of report >

#26 Příspěvek od **Márty84** » 24 črc 2013 12:26

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
yqnhbr

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\system32\qckdycm.dll

:otl
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1390230913-1518067078-3131263384-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[1 C:\Documents and Settings\norbi\*.tmp files -> C:\Documents and Settings\norbi\*.tmp -> ]
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\00e011c76ebe11c677ffeb06b01169ed\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\00e011c76ebe11c677ffeb06b01169ed\*.tmp -> ]
[1 C:\WINDOWS\system32\CatRoot\*.tmp files -> C:\WINDOWS\system32\CatRoot\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

ANGILO · #27 Příspěvek od **ANGILO** » 24 črc 2013 13:11

Zdravim.
Po restarte vyskocilo okno Load DLL s hlaskou "Hook Load Failed" ... ???
Tu je log

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 9146 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: norbi
->Temp folder emptied: 988160 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 32202715 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5322 bytes
Session Manager Temp folder emptied: 12766 bytes
Session Manager Tmp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 32,00 mb

[EMPTYFLASH]

User: Default User

User: All Users

User: NetworkService

User: LocalService

User: norbi
->Flash cache emptied: 0 bytes

User: Administrator

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service yqnhbr stopped successfully!
Service yqnhbr deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\qckdycm.dll not found.
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-1390230913-1518067078-3131263384-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1390230913-1518067078-3131263384-1006\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Documents and Settings\norbi\MobilityManager.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13.tmp folder deleted successfully.
C:\WINDOWS\system32\CatRoot\TMP1BD.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 07242013_135554

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#28 Příspěvek od **Márty84** » 24 črc 2013 16:55

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

ANGILO · #29 Příspěvek od **ANGILO** » 24 črc 2013 22:01

Vykonal som vsetky kroky. Po restarte vyskocilo okno Load DLL s hlaskou "Hook Load Failed" ... ???
Nieco este stale vytazuje procesor na 80-100 %.
Stale je akoby pribrzdeny.

#30 Příspěvek od **Márty84** » 25 črc 2013 14:28

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

15.9. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu