Dobrý den, prosím vás o radu. Spouští se mi nějaké procesy, které detekoval i NOD 32, ale zapínají se stále i po provedeném léčení. Nejde mi ani zabránit jejich spuštění, hodí to postupně následující chyby: http://www.2i.cz/c589c1eb38
Možná je problém jinde, ale tohle je jediný rozdíl, který jsem sám zpozoroval. Mnohokrát děkuji za případné rady.
Logfile of random's system information tool 1.09 (written by random/random)
Run at 2011-12-11 10:55:35
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 258 GB (27%) free of 946 GB
Total RAM: 3070 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:27, on 11.12.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Radek\Downloads\RSIT.exe
C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
C:\Program Files\trend micro\Radek.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Radek\AppData\Roaming\7E40D\20104.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50808
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Toolbar_eula_launcher] C:\install\google\eula\EULALauncher.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [Nike+ Connect] "C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [FCF.exe] C:\Program Files\LP\0497\FCF.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [FCF.exe] C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
--
End of file - 7955 bytes
======Scheduled tasks folder======
C:\Windows\tasks\At1.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778, {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.3, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFFICE.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\searchplugins\
filetubecom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-30 7289376]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"Toolbar_eula_launcher"=C:\install\google\eula\EULALauncher.exe []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-04-09 2029640]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-03-30 1833504]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"Nike+ Connect"=C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe [2010-10-01 299008]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-11-13 421736]
"FCF.exe"=C:\Program Files\LP\0497\FCF.exe [2011-12-11 292864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Google Update"=C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"FCF.exe"=C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe [2011-12-11 292864]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Folder Castle Support]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Folder Castle Support]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-12-11 10:55:35 ----D---- C:\rsit
2011-12-11 10:55:35 ----D---- C:\Program Files\trend micro
2011-12-11 09:51:08 ----D---- C:\Program Files\LP
2011-12-11 08:56:20 ----A---- C:\Users\Radek\AppData\Roaming\wmplayer.exe
2011-12-10 19:58:21 ----A---- C:\Users\Radek\AppData\Roaming\java.exe
2011-12-10 14:09:59 ----A---- C:\Users\Radek\AppData\Roaming\chrome.exe
2011-12-10 13:36:22 ----D---- C:\Users\Radek\AppData\Roaming\0D648
2011-12-10 13:35:47 ----D---- C:\Users\Radek\AppData\Roaming\7E40D
2011-11-20 11:26:05 ----D---- C:\Users\Radek\AppData\Roaming\Screenshoter
2011-11-15 11:12:24 ----D---- C:\Program Files\iPod
2011-11-15 11:12:22 ----D---- C:\Program Files\iTunes
======List of files/folders modified in the last 1 month======
2011-12-11 10:56:28 ----D---- C:\Windows\Temp
2011-12-11 10:55:35 ----RD---- C:\Program Files
2011-12-11 10:52:05 ----D---- C:\Users\Radek\AppData\Roaming\Dropbox
2011-12-11 10:40:54 ----SHD---- C:\System Volume Information
2011-12-11 10:23:51 ----SHD---- C:\Windows\Installer
2011-12-11 09:54:45 ----D---- C:\Windows\System32
2011-12-11 09:54:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-11 09:54:44 ----D---- C:\Windows\inf
2011-12-11 09:51:10 ----D---- C:\Windows\Tasks
2011-12-11 09:51:10 ----D---- C:\Windows\system32\Tasks
2011-12-11 09:41:19 ----D---- C:\Windows\system32\catroot2
2011-12-11 08:58:49 ----D---- C:\Windows\Prefetch
2011-12-10 13:35:48 ----SD---- C:\Users\Radek\AppData\Roaming\Microsoft
2011-12-09 12:20:42 ----D---- C:\Users\Radek\AppData\Roaming\ICQ
2011-11-17 10:31:10 ----D---- C:\Program Files\Google
2011-11-15 11:12:23 ----D---- C:\Program Files\Common Files\Apple
2011-11-15 11:07:33 ----D---- C:\Windows\system32\catroot
2011-11-12 09:12:34 ----D---- C:\Windows\winsxs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-28 691696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 113960]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-04-09 93312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-01 3894272]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
R3 dvd43llh;dvd43llh; C:\Windows\System32\DRIVERS\dvd43llh.sys [2009-08-27 18816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-30 2350624]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mdf15;mdf15; \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288]
R3 mvd21;mvd21; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512]
R3 PAC7302;iLook 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-11-10 135680]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2010-06-25 483200]
S3 apy4gwjh;apy4gwjh; C:\Windows\system32\drivers\apy4gwjh.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-07 47360]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 VNUSB;VN Series Device; C:\Windows\system32\DRIVERS\VNUSB.sys [2006-04-07 38496]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-01 700416]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-04-09 731840]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 SZASSIST;SecretZone Assist Service; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 821608]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-31 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-04-09 20680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-31 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-03-03 332720]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o radu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o radu
TL logfile created on: 11.12.2011 11:26:20 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Radek\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 52,67% Memory free
6,21 Gb Paging File | 4,85 Gb Available in Paging File | 78,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 923,69 Gb Total Space | 251,52 Gb Free Space | 27,23% Space Free | Partition Type: NTFS
Drive D: | 6,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: RADEK-PC | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.12.11 11:25:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Radek\Desktop\OTL.exe
PRC - [2011.12.11 10:52:42 | 000,193,024 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
PRC - [2011.12.11 10:52:08 | 000,176,640 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\7E40D\20104.exe
PRC - [2011.12.11 10:51:41 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
PRC - [2011.11.11 00:06:49 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.16 14:21:06 | 001,500,160 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2011.06.08 13:49:48 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.04.08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.03.31 13:38:26 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.03.21 12:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2010.10.01 16:26:58 | 000,299,008 | ---- | M] (Nike) -- C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2010.07.30 11:40:54 | 000,090,112 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.09 14:19:08 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.04.09 14:17:56 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7302\Monitor.exe
PRC - [2007.02.22 18:32:12 | 000,118,784 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
PRC - [2005.07.15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.11 10:52:42 | 000,193,024 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
MOD - [2011.12.11 10:52:08 | 000,176,640 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\7E40D\20104.exe
MOD - [2011.12.11 10:51:41 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
MOD - [2011.11.16 18:31:58 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.11 00:06:49 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.04.07 15:43:24 | 008,191,488 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2011.04.07 15:43:22 | 002,296,320 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2011.02.22 19:13:22 | 000,022,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011.02.22 19:12:54 | 000,196,608 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011.02.22 16:39:06 | 000,276,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2011.02.22 16:07:20 | 000,339,968 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2009.04.26 22:15:40 | 000,139,776 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.08.01 05:47:28 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006.12.10 20:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006.12.10 20:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2005.07.30 21:00:40 | 000,114,688 | ---- | M] () -- C:\Windows\System32\OdiOlDVR.dll
MOD - [2004.06.21 10:14:54 | 000,053,248 | ---- | M] () -- C:\Windows\System32\OdiAPI.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.07.30 11:40:54 | 000,090,112 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - [2010.03.03 17:37:47 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.04.09 14:29:20 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.04.09 14:19:08 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
========== Driver Services (SafeList) ==========
DRV - [2010.06.25 11:26:47 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010.06.14 14:14:48 | 000,064,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys -- (mvd21)
DRV - [2010.03.18 16:24:34 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys -- (mdf15)
DRV - [2009.12.28 10:45:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.04.28 10:08:40 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2009.04.09 14:21:16 | 000,093,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009.04.09 14:18:02 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.04.09 14:10:30 | 000,113,960 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008.11.10 20:26:00 | 000,135,680 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.09.20 00:41:50 | 000,037,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSuiteVAC.sys -- (CamSuiteVAC)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.01 07:40:28 | 003,894,272 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2006.04.07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50808
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Radek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Radek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.11 00:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.01 11:11:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.05.04 18:16:11 | 000,000,000 | ---D | M]
[2009.09.11 10:02:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Extensions
[2011.09.28 08:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\extensions
[2010.08.31 20:09:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.04 16:16:14 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2011.12.07 10:43:43 | 000,001,210 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\searchplugins\filetubecom.xml
[2011.11.11 00:06:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.10 19:38:13 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
() (No name found) -- C:\USERS\RADEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZIRIY8KH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.11.11 00:06:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.06.21 17:24:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.06.21 17:24:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.06.21 17:24:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.21 17:24:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.21 17:24:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Radek\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Radek\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Radek\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Radek\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Poppit Stres Buster = C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mohjjmefnkbafiajlccpfglfpdfdemmj\1.2_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\..\Toolbar\ShellBrowser: (no name) - {783840E6-0A18-4087-9EC7-A1CC131DF0D4} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [FCF.exe] C:\Program Files\LP\0497\FCF.exe ()
O4 - HKLM..\Run: [Nike+ Connect] C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Toolbar_eula_launcher] C:\install\google\eula\EULALauncher.exe File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000..\Run: [FCF.exe] C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe ()
O4 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - Startup: C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
F3 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000 WinNT: Load - (C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe) -C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99DC7F18-A62D-4C6D-87C3-BAA9B4EA1DA3}: DhcpNameServer = 213.46.172.36 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000 Winlogon: Shell - (C:\Users\Radek\AppData\Roaming\7E40D\20104.exe) -C:\Users\Radek\AppData\Roaming\7E40D\20104.exe ()
O24 - Desktop WallPaper: C:\Users\Radek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Radek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.11 02:29:24 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011.08.11 02:29:24 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{2aed6beb-f396-11de-b952-001fd0dbce50}\Shell - "" = AutoRun
O33 - MountPoints2\{2aed6beb-f396-11de-b952-001fd0dbce50}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{ed7f5d1b-33ce-11de-a087-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed7f5d1b-33ce-11de-a087-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2011.08.11 02:29:24 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2011.12.11 11:25:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Radek\Desktop\OTL.exe
[2011.12.11 10:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.11 10:55:35 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.11 09:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011.12.10 13:36:22 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\0D648
[2011.12.10 13:35:47 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\7E40D
[2009.05.07 19:48:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Radek\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.12.11 11:31:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.11 11:26:06 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.11 11:25:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Radek\Desktop\OTL.exe
[2011.12.11 10:58:12 | 000,607,226 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.12.11 10:58:12 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.11 10:58:12 | 000,117,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.12.11 10:58:12 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:50:19 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.11 10:50:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.11 10:50:11 | 3217,571,840 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.11 10:49:07 | 000,004,268 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.12.11 09:52:04 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011.12.11 09:50:04 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000UA.job
[2011.12.11 09:49:56 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
[2011.12.11 08:55:41 | 000,204,800 | ---- | M] () -- C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.10 19:58:21 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.12.10 15:39:06 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.12.10 13:50:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000Core.job
[2011.12.08 21:50:31 | 045,240,320 | ---- | M] () -- C:\Users\Radek\AppData\Local\filesync.metadata
[2011.12.08 21:48:52 | 000,002,347 | ---- | M] () -- C:\Users\Radek\Desktop\SyncToy 2.0.lnk
[2011.12.07 23:31:48 | 000,002,673 | ---- | M] () -- C:\Users\Radek\Desktop\Microsoft Word.lnk
[2011.12.07 16:22:49 | 006,767,148 | ---- | M] () -- C:\Users\Radek\Desktop\Prodigy Stand-up hlasitejsi.wav
[2011.12.07 16:19:07 | 006,767,148 | ---- | M] () -- C:\Users\Radek\Desktop\Prodigy Stand-up.wav
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.11 11:31:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.11 09:51:10 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011.12.11 08:56:20 | 000,292,864 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
[2011.12.10 19:58:21 | 000,292,864 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.12.10 14:09:59 | 000,292,864 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.12.07 16:22:48 | 006,767,148 | ---- | C] () -- C:\Users\Radek\Desktop\Prodigy Stand-up hlasitejsi.wav
[2011.12.07 16:19:07 | 006,767,148 | ---- | C] () -- C:\Users\Radek\Desktop\Prodigy Stand-up.wav
[2011.07.31 18:52:55 | 000,000,680 | ---- | C] () -- C:\Users\Radek\AppData\Local\d3d9caps.dat
[2010.06.25 11:29:56 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2010.06.25 11:26:49 | 000,000,140 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2010.04.18 08:07:54 | 013,525,424 | ---- | C] () -- C:\Program Files\Dropbox 0.7.110.exe
[2010.03.21 18:33:04 | 000,037,560 | ---- | C] () -- C:\Windows\System32\drivers\CamSuiteVAC.sys
[2010.03.21 18:30:36 | 000,000,666 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2010.03.21 18:30:33 | 000,000,885 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2010.02.28 10:52:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.11.18 10:43:35 | 000,114,688 | ---- | C] () -- C:\Windows\System32\OdiOlDVR.dll
[2009.11.18 10:43:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\OdiAPI.dll
[2009.08.27 07:06:35 | 000,000,067 | ---- | C] () -- C:\Windows\DVDIdlePro.INI
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.07.14 20:20:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.14 20:20:51 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.12 17:37:38 | 000,004,268 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.05.07 19:48:55 | 000,001,057 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\vso_ts_preview.xml
[2009.05.07 19:48:25 | 000,087,608 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2009.05.07 19:48:25 | 000,007,887 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.cat
[2009.05.07 19:48:25 | 000,001,144 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.inf
[2009.05.07 09:02:19 | 045,240,320 | ---- | C] () -- C:\Users\Radek\AppData\Local\filesync.metadata
[2009.05.05 07:07:56 | 000,162,686 | ---- | C] () -- C:\Windows\hpoins19.dat
[2009.05.05 07:07:44 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2009.05.04 18:54:55 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.05.04 17:28:06 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.05.04 17:28:05 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.05.04 17:28:04 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009.05.04 17:28:04 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.04 17:28:03 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.05.04 17:24:13 | 000,204,800 | ---- | C] () -- C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.28 10:16:32 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.04.28 10:16:32 | 000,174,820 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.04.28 10:16:32 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.04.28 10:16:32 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009.04.28 10:16:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.04.28 10:16:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.04.28 10:08:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.28 09:33:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.01.21 07:46:38 | 000,607,226 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.01.21 07:46:38 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.01.21 07:46:38 | 000,117,890 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.01.21 07:46:38 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,445,464 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2011.12.11 10:52:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\0D648
[2011.12.11 10:52:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\7E40D
[2009.07.25 08:17:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2011.04.26 21:51:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Audacity
[2011.06.25 09:51:59 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\calibre
[2009.12.28 10:50:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2011.12.11 10:52:05 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Dropbox
[2010.08.09 14:58:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FileZilla
[2011.12.09 12:20:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ICQ
[2010.08.18 15:50:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImgBurn
[2011.05.28 09:18:06 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2011.07.17 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Nokia
[2011.07.15 11:51:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PC Suite
[2011.02.08 19:37:01 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Pexeso
[2009.12.25 12:21:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PhotoFiltre
[2011.07.31 18:47:28 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\QuakeMap
[2011.03.28 19:25:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sammsoft
[2011.11.20 11:26:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Screenshoter
[2011.09.13 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sports Interactive
[2011.04.02 08:20:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2011.12.11 09:52:04 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.12.11 10:49:09 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.05.25 06:32:28 | 000,136,176 | ---- | M] (Google Inc.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2011.06.16 14:21:06 | 001,500,160 | ---- | M] (Nokia)
"RGSC" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)
"FCF.exe" = C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe -- [2011.12.11 10:51:41 | 000,292,864 | ---- | M] ()
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc /s >
"DisplayName" = @%SystemRoot%\system32\cryptsvc.dll,-1001
"ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\cryptsvc.dll,-1002
"ObjectName" = NT Authority\NetworkService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = RpcSs [binary data] -- [2009.04.11 07:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation)
"ServiceSidType" = 1
"RequiredPrivileges" = [Binary data over 100 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Parameters]
"ServiceDll" = %SystemRoot%\system32\cryptsvc.dll -- [2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation)
"ServiceMain" = CryptServiceMain
"ServiceDllUnloadOnStop" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Security]
"Security" = 00 00 0E 00 01 [binary data]
< >
< MD5 for: ACPI.SYS >
[2006.11.02 10:51:30 | 000,255,592 | ---- | M] (Microsoft Corporation) MD5=192BDBD1540645C4A2AA69F24CCE197F -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_97916753\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\drivers\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_62085e44\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\acpi.sys
[2008.01.21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_cae6072a\acpi.sys
[2008.01.21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\acpi.sys
< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CMD.EXE >
[2006.11.02 10:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=349CD4318E6E351C9BB72EE13B7CA807 -- C:\Windows\winsxs\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6000.16386_none_88d604c11d71789b\cmd.exe
[2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\System32\cmd.exe
[2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\winsxs\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6001.18000_none_8b0cc6bd1a5c896f\cmd.exe
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2008.01.21 03:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.01.21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
< MD5 for: EXPLORER.EXE >
[2009.04.28 10:12:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.04.28 10:12:36 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.04.28 10:12:36 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.04.28 10:12:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\System32\drivers\fastfat.sys
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_b09ea48c5485f42b\fastfat.sys
[2008.01.21 03:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3C489390C2E2064563727752AF8EAB9E -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_aeb32b80576428df\fastfat.sys
< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: I8042PRT.SYS >
[2006.11.02 09:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\i8042prt.sys
[2006.11.02 09:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\drivers\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_8b7c4328\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: KBDCLASS.SYS >
[2006.11.02 10:49:57 | 000,032,872 | ---- | M] (Microsoft Corporation) MD5=1A48765F92BA1A88445FC25C9C9D94FC -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\drivers\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
[2008.01.21 03:09:47 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=B076B2AB806B3F696DAB21375389101C -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
[2008.01.21 03:09:47 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=C9B0CF786D5F151A43C7BE8E243F2819 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys
< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008.01.21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
< MD5 for: NVRAID.SYS >
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: REGEDIT.EXE >
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SERVICES.EXE >
[2008.01.21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SMSS.EXE >
[2008.01.21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009.04.11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008.01.21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010.08.17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010.08.17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010.08.17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010.08.17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.04.28 10:07:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2009.04.28 10:07:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Radek\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 52,67% Memory free
6,21 Gb Paging File | 4,85 Gb Available in Paging File | 78,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 923,69 Gb Total Space | 251,52 Gb Free Space | 27,23% Space Free | Partition Type: NTFS
Drive D: | 6,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: RADEK-PC | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.12.11 11:25:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Radek\Desktop\OTL.exe
PRC - [2011.12.11 10:52:42 | 000,193,024 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
PRC - [2011.12.11 10:52:08 | 000,176,640 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\7E40D\20104.exe
PRC - [2011.12.11 10:51:41 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
PRC - [2011.11.11 00:06:49 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.16 14:21:06 | 001,500,160 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2011.06.08 13:49:48 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.04.08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.03.31 13:38:26 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.03.21 12:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2010.10.01 16:26:58 | 000,299,008 | ---- | M] (Nike) -- C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe
PRC - [2010.07.30 11:40:54 | 000,090,112 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.09 14:19:08 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.04.09 14:17:56 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7302\Monitor.exe
PRC - [2007.02.22 18:32:12 | 000,118,784 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
PRC - [2005.07.15 22:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.11 10:52:42 | 000,193,024 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
MOD - [2011.12.11 10:52:08 | 000,176,640 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\7E40D\20104.exe
MOD - [2011.12.11 10:51:41 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
MOD - [2011.11.16 18:31:58 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.11 00:06:49 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.04.07 15:43:24 | 008,191,488 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2011.04.07 15:43:22 | 002,296,320 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2011.02.22 19:13:22 | 000,022,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011.02.22 19:12:54 | 000,196,608 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011.02.22 16:39:06 | 000,276,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2011.02.22 16:07:20 | 000,339,968 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2009.04.26 22:15:40 | 000,139,776 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.08.01 05:47:28 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2006.12.10 20:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006.12.10 20:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2005.07.30 21:00:40 | 000,114,688 | ---- | M] () -- C:\Windows\System32\OdiOlDVR.dll
MOD - [2004.06.21 10:14:54 | 000,053,248 | ---- | M] () -- C:\Windows\System32\OdiAPI.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.07.30 11:40:54 | 000,090,112 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe -- (SZASSIST)
SRV - [2010.03.03 17:37:47 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.04.09 14:29:20 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.04.09 14:19:08 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
========== Driver Services (SafeList) ==========
DRV - [2010.06.25 11:26:47 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2010.06.14 14:14:48 | 000,064,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys -- (mvd21)
DRV - [2010.03.18 16:24:34 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys -- (mdf15)
DRV - [2009.12.28 10:45:56 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.04.28 10:08:40 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2009.04.09 14:21:16 | 000,093,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009.04.09 14:18:02 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.04.09 14:10:30 | 000,113,960 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008.11.10 20:26:00 | 000,135,680 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.09.20 00:41:50 | 000,037,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSuiteVAC.sys -- (CamSuiteVAC)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.01 07:40:28 | 003,894,272 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2006.04.07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50808
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Radek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Radek\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.11 00:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.01 11:11:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.05.04 18:16:11 | 000,000,000 | ---D | M]
[2009.09.11 10:02:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Extensions
[2011.09.28 08:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\extensions
[2010.08.31 20:09:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.04 16:16:14 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2011.12.07 10:43:43 | 000,001,210 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\searchplugins\filetubecom.xml
[2011.11.11 00:06:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.10 19:38:13 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
() (No name found) -- C:\USERS\RADEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZIRIY8KH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.11.11 00:06:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.06.21 17:24:38 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.06.21 17:24:38 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.06.21 17:24:38 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.21 17:24:38 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.21 17:24:38 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Radek\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Radek\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Radek\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Radek\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Poppit Stres Buster = C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mohjjmefnkbafiajlccpfglfpdfdemmj\1.2_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\..\Toolbar\ShellBrowser: (no name) - {783840E6-0A18-4087-9EC7-A1CC131DF0D4} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [FCF.exe] C:\Program Files\LP\0497\FCF.exe ()
O4 - HKLM..\Run: [Nike+ Connect] C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Toolbar_eula_launcher] C:\install\google\eula\EULALauncher.exe File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000..\Run: [FCF.exe] C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe ()
O4 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - Startup: C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
F3 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000 WinNT: Load - (C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe) -C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99DC7F18-A62D-4C6D-87C3-BAA9B4EA1DA3}: DhcpNameServer = 213.46.172.36 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2162578933-837445269-2599185901-1000 Winlogon: Shell - (C:\Users\Radek\AppData\Roaming\7E40D\20104.exe) -C:\Users\Radek\AppData\Roaming\7E40D\20104.exe ()
O24 - Desktop WallPaper: C:\Users\Radek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Radek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.08.11 02:29:24 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011.08.11 02:29:24 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{2aed6beb-f396-11de-b952-001fd0dbce50}\Shell - "" = AutoRun
O33 - MountPoints2\{2aed6beb-f396-11de-b952-001fd0dbce50}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{ed7f5d1b-33ce-11de-a087-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed7f5d1b-33ce-11de-a087-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2011.08.11 02:29:24 | 000,247,696 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2011.12.11 11:25:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Radek\Desktop\OTL.exe
[2011.12.11 10:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.11 10:55:35 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.11 09:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011.12.10 13:36:22 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\0D648
[2011.12.10 13:35:47 | 000,000,000 | ---D | C] -- C:\Users\Radek\AppData\Roaming\7E40D
[2009.05.07 19:48:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Radek\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.12.11 11:31:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.11 11:26:06 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.11 11:25:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Radek\Desktop\OTL.exe
[2011.12.11 10:58:12 | 000,607,226 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.12.11 10:58:12 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.11 10:58:12 | 000,117,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.12.11 10:58:12 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:50:19 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.11 10:50:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.11 10:50:11 | 3217,571,840 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.11 10:49:07 | 000,004,268 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.12.11 09:52:04 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011.12.11 09:50:04 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000UA.job
[2011.12.11 09:49:56 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
[2011.12.11 08:55:41 | 000,204,800 | ---- | M] () -- C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.10 19:58:21 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.12.10 15:39:06 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.12.10 13:50:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000Core.job
[2011.12.08 21:50:31 | 045,240,320 | ---- | M] () -- C:\Users\Radek\AppData\Local\filesync.metadata
[2011.12.08 21:48:52 | 000,002,347 | ---- | M] () -- C:\Users\Radek\Desktop\SyncToy 2.0.lnk
[2011.12.07 23:31:48 | 000,002,673 | ---- | M] () -- C:\Users\Radek\Desktop\Microsoft Word.lnk
[2011.12.07 16:22:49 | 006,767,148 | ---- | M] () -- C:\Users\Radek\Desktop\Prodigy Stand-up hlasitejsi.wav
[2011.12.07 16:19:07 | 006,767,148 | ---- | M] () -- C:\Users\Radek\Desktop\Prodigy Stand-up.wav
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.11 11:31:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.11 09:51:10 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011.12.11 08:56:20 | 000,292,864 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
[2011.12.10 19:58:21 | 000,292,864 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.12.10 14:09:59 | 000,292,864 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.12.07 16:22:48 | 006,767,148 | ---- | C] () -- C:\Users\Radek\Desktop\Prodigy Stand-up hlasitejsi.wav
[2011.12.07 16:19:07 | 006,767,148 | ---- | C] () -- C:\Users\Radek\Desktop\Prodigy Stand-up.wav
[2011.07.31 18:52:55 | 000,000,680 | ---- | C] () -- C:\Users\Radek\AppData\Local\d3d9caps.dat
[2010.06.25 11:29:56 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2010.06.25 11:26:49 | 000,000,140 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2010.04.18 08:07:54 | 013,525,424 | ---- | C] () -- C:\Program Files\Dropbox 0.7.110.exe
[2010.03.21 18:33:04 | 000,037,560 | ---- | C] () -- C:\Windows\System32\drivers\CamSuiteVAC.sys
[2010.03.21 18:30:36 | 000,000,666 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2010.03.21 18:30:33 | 000,000,885 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2010.02.28 10:52:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.11.18 10:43:35 | 000,114,688 | ---- | C] () -- C:\Windows\System32\OdiOlDVR.dll
[2009.11.18 10:43:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\OdiAPI.dll
[2009.08.27 07:06:35 | 000,000,067 | ---- | C] () -- C:\Windows\DVDIdlePro.INI
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.07.14 20:20:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.14 20:20:51 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.12 17:37:38 | 000,004,268 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.05.07 19:48:55 | 000,001,057 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\vso_ts_preview.xml
[2009.05.07 19:48:25 | 000,087,608 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2009.05.07 19:48:25 | 000,007,887 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.cat
[2009.05.07 19:48:25 | 000,001,144 | ---- | C] () -- C:\Users\Radek\AppData\Roaming\pcouffin.inf
[2009.05.07 09:02:19 | 045,240,320 | ---- | C] () -- C:\Users\Radek\AppData\Local\filesync.metadata
[2009.05.05 07:07:56 | 000,162,686 | ---- | C] () -- C:\Windows\hpoins19.dat
[2009.05.05 07:07:44 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2009.05.04 18:54:55 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.05.04 17:28:06 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.05.04 17:28:05 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.05.04 17:28:04 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009.05.04 17:28:04 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.04 17:28:03 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.05.04 17:24:13 | 000,204,800 | ---- | C] () -- C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.28 10:16:32 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.04.28 10:16:32 | 000,174,820 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.04.28 10:16:32 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.04.28 10:16:32 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009.04.28 10:16:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.04.28 10:16:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.04.28 10:08:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.28 09:33:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008.01.21 07:46:38 | 000,607,226 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2008.01.21 07:46:38 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2008.01.21 07:46:38 | 000,117,890 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2008.01.21 07:46:38 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,445,464 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2011.12.11 10:52:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\0D648
[2011.12.11 10:52:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\7E40D
[2009.07.25 08:17:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2011.04.26 21:51:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Audacity
[2011.06.25 09:51:59 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\calibre
[2009.12.28 10:50:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2011.12.11 10:52:05 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Dropbox
[2010.08.09 14:58:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FileZilla
[2011.12.09 12:20:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ICQ
[2010.08.18 15:50:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImgBurn
[2011.05.28 09:18:06 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2011.07.17 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Nokia
[2011.07.15 11:51:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PC Suite
[2011.02.08 19:37:01 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Pexeso
[2009.12.25 12:21:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PhotoFiltre
[2011.07.31 18:47:28 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\QuakeMap
[2011.03.28 19:25:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sammsoft
[2011.11.20 11:26:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Screenshoter
[2011.09.13 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sports Interactive
[2011.04.02 08:20:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2011.12.11 09:52:04 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.12.11 10:49:09 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 03:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.05.25 06:32:28 | 000,136,176 | ---- | M] (Google Inc.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2011.06.16 14:21:06 | 001,500,160 | ---- | M] (Nokia)
"RGSC" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)
"FCF.exe" = C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe -- [2011.12.11 10:51:41 | 000,292,864 | ---- | M] ()
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc /s >
"DisplayName" = @%SystemRoot%\system32\cryptsvc.dll,-1001
"ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\cryptsvc.dll,-1002
"ObjectName" = NT Authority\NetworkService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = RpcSs [binary data] -- [2009.04.11 07:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation)
"ServiceSidType" = 1
"RequiredPrivileges" = [Binary data over 100 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Parameters]
"ServiceDll" = %SystemRoot%\system32\cryptsvc.dll -- [2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation)
"ServiceMain" = CryptServiceMain
"ServiceDllUnloadOnStop" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Security]
"Security" = 00 00 0E 00 01 [binary data]
< >
< MD5 for: ACPI.SYS >
[2006.11.02 10:51:30 | 000,255,592 | ---- | M] (Microsoft Corporation) MD5=192BDBD1540645C4A2AA69F24CCE197F -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_97916753\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\drivers\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_62085e44\acpi.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\acpi.sys
[2008.01.21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_cae6072a\acpi.sys
[2008.01.21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\acpi.sys
< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CMD.EXE >
[2006.11.02 10:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=349CD4318E6E351C9BB72EE13B7CA807 -- C:\Windows\winsxs\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6000.16386_none_88d604c11d71789b\cmd.exe
[2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\System32\cmd.exe
[2008.01.21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) MD5=74F26FC01B180D4A99A168ED69C30A53 -- C:\Windows\winsxs\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.0.6001.18000_none_8b0cc6bd1a5c896f\cmd.exe
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2008.01.21 03:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.01.21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 03:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
< MD5 for: EXPLORER.EXE >
[2009.04.28 10:12:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.04.28 10:12:36 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.04.28 10:12:36 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.04.28 10:12:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\System32\drivers\fastfat.sys
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_b09ea48c5485f42b\fastfat.sys
[2008.01.21 03:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3C489390C2E2064563727752AF8EAB9E -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_aeb32b80576428df\fastfat.sys
< MD5 for: HAL.DLL >
[2009.04.11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: I8042PRT.SYS >
[2006.11.02 09:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\i8042prt.sys
[2006.11.02 09:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\drivers\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_8b7c4328\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys
[2008.01.21 03:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys
[2008.01.21 03:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: KBDCLASS.SYS >
[2006.11.02 10:49:57 | 000,032,872 | ---- | M] (Microsoft Corporation) MD5=1A48765F92BA1A88445FC25C9C9D94FC -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\drivers\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys
[2008.01.21 03:09:47 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=B076B2AB806B3F696DAB21375389101C -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys
[2008.01.21 03:09:47 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=C9B0CF786D5F151A43C7BE8E243F2819 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys
< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008.01.21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
< MD5 for: NVRAID.SYS >
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: REGEDIT.EXE >
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SERVICES.EXE >
[2008.01.21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SMSS.EXE >
[2008.01.21 03:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009.04.11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008.01.21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010.08.17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010.08.17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010.08.17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010.08.17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.04.28 10:07:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2009.04.28 10:07:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
Re: Prosím o radu
< MD5 for: USER32.DLL >
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WIN32K.SYS >
[2010.10.18 15:01:21 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=041D6ADE410A2FAD7451DADA50B807AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22778_none_b93974c5b3d5e6c3\win32k.sys
[2009.04.21 12:55:06 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=13D686DF9652E7A397B2C3DA89881C34 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18246_none_b8ce3f929aa1cbdc\win32k.sys
[2009.08.14 14:53:16 | 002,035,712 | ---- | M] (Microsoft Corporation) MD5=18406CE410C1A4394FE1A8246D10567F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18311_none_b8e9afca9a8df67d\win32k.sys
[2011.06.02 13:59:29 | 002,042,368 | ---- | M] (Microsoft Corporation) MD5=1AB81DE60826E31BCA3644C34C35006D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18653_none_b8c076609aac9064\win32k.sys
[2009.08.14 14:29:56 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=26AC4A647E67C7A7064309CBF1AAE3AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22200_none_bb639005b0cab34a\win32k.sys
[2010.06.21 14:47:04 | 002,045,952 | ---- | M] (Microsoft Corporation) MD5=2AB7745E006D3692A6B758F9A97386A8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22428_none_bb55f649b0d3b032\win32k.sys
[2010.12.31 14:59:47 | 002,048,000 | ---- | M] (Microsoft Corporation) MD5=2EE9A7A6563BEB2D325028BFA1639A94 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22560_none_bb22b62fb0fb5265\win32k.sys
[2009.04.28 10:15:13 | 002,033,664 | ---- | M] (Microsoft Corporation) MD5=33180D19BCCBF9CB6B96CE03BB613FD4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22372_none_b9336b71b3db5a1d\win32k.sys
[2010.10.18 14:31:24 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=4A2D1819212071B0AA0DD47DD6D2DC7B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18328_none_bacc597e97b61068\win32k.sys
[2011.06.02 14:12:16 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=4CD2681A8C7613567F5DFAE6EA4589C4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22653_none_bb3088dfb0f07fa0\win32k.sys
[2010.08.31 15:33:39 | 002,046,464 | ---- | M] (Microsoft Corporation) MD5=5A259D684426F7DCBD6D435347955FF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22478_none_bb1fe6adb0fc3be7\win32k.sys
[2009.04.28 10:15:13 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=5CAE6E4513342909C7FDA4F83D85E958 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18211_none_b8e9ade49a8df956\win32k.sys
[2009.04.21 12:55:42 | 002,030,080 | ---- | M] (Microsoft Corporation) MD5=633B5887DC689EB3ECF2F0994F506F40 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21044_none_b76f7545b69adb49\win32k.sys
[2008.01.21 03:24:35 | 002,031,616 | ---- | M] (Microsoft Corporation) MD5=664FCB81B53ECC5A1ACB325D50EB11C0 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_b8f379ba9a86c9c0\win32k.sys
[2009.04.28 10:15:13 | 002,030,080 | ---- | M] (Microsoft Corporation) MD5=6730B1581BBE610596C322465229D8A2 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21006_none_b79cb589b6789e33\win32k.sys
[2009.04.28 10:15:13 | 002,028,032 | ---- | M] (Microsoft Corporation) MD5=68D3921F210FC146876B7815DF5BCC41 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16816_none_b70870b09d62e718\win32k.sys
[2010.05.01 14:53:49 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=6E78D8BB909579F9CBA6C8410C5C1697 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18468_none_b8baa41a9ab030ba\win32k.sys
[2009.04.11 05:24:16 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=71C61AFCD453F3153B0EB4F988EE669D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_badef2c697a8950c\win32k.sys
[2011.06.02 13:59:32 | 002,042,880 | ---- | M] (Microsoft Corporation) MD5=7380515AC4AD02062931817CC226486D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22927_none_b96e87e3b3ae3c05\win32k.sys
[2010.12.31 14:24:31 | 002,039,296 | ---- | M] (Microsoft Corporation) MD5=7BE33568CBC736ACD18BF868CCFDD721 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22824_none_b96b851fb3b0f2d9\win32k.sys
[2010.12.31 14:25:17 | 002,038,784 | ---- | M] (Microsoft Corporation) MD5=7E2B88A06365DB40AB739E51DE750A1A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18573_none_b8aad4a29abccb1f\win32k.sys
[2009.08.14 14:27:17 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=8705038245789561EE714D12CC3368CE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18091_none_ba79a25297f52b29\win32k.sys
[2010.08.31 14:39:46 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=8B8F4094E0C58022F8CBA3D33E45E244 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18523_none_b8e0e43e9a943f6a\win32k.sys
[2010.05.01 21:27:32 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=92D62DCB0C488707CCDBC4044C62920C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22682_none_b928a137b3e36d83\win32k.sys
[2009.08.14 15:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) MD5=9352E049F234BFA756C840CD8BDF4FFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16908_none_b71543169d58fafc\win32k.sys
[2010.06.21 14:18:15 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=A0F8D73E65CD93F90FE9410FB17CD154 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18496_none_b89833c29aca51df\win32k.sys
[2009.04.21 12:39:47 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=A1696D4E327DB3FC815DAE837DC3D8B8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18023_none_bac7525a97ba9a40\win32k.sys
[2011.03.03 13:53:48 | 002,040,832 | ---- | M] (Microsoft Corporation) MD5=A91142A46B8FC7CFBD22F78515756EF1 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18612_none_b8eab5c69a8d0749\win32k.sys
[2009.04.21 12:42:33 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=AB4D93D30AA6B51598ADAFB6AAAB5962 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22119_none_bb61c0cdb0cab623\win32k.sys
[2010.05.01 15:26:07 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=ABC44865039F3D6B055F7418A83802CC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22396_none_bb08445bb10e43f4\win32k.sys
[2011.06.02 14:34:49 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=AD40B88FEA23C51404C40948C3160285 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18475_none_ba934aea97e14d3f\win32k.sys
[2011.09.06 16:18:22 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=B2855D835DBB342F9B058012254DB767 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22711_none_bb59c9e1b0d1da55\win32k.sys
[2010.06.21 14:25:11 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=B39C0D9A2B67487FCCF50345E44F8125 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22716_none_b97853b9b3a70c6f\win32k.sys
[2011.03.03 14:25:11 | 002,041,856 | ---- | M] (Microsoft Corporation) MD5=BE9AC15503AD65C35D9EF649539C4E3F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18417_none_bad62b0697aed847\win32k.sys
[2010.08.31 14:27:38 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=C2F2451A71234D5CF5D0E6C6546FAC6D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18305_none_badef87897a88c81\win32k.sys
[2010.06.21 14:37:03 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=C803AEA1F4ED11CBBFFBEFF2FE78D463 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18275_none_ba93471e97e152f1\win32k.sys
[2010.08.31 14:38:10 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=CFDC1586D84A187D38512528F60CA7E5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22754_none_b94b1375b3c94985\win32k.sys
[2009.08.14 14:46:38 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=D4F9530BB031E0BAEDBE08B21BE52ADD -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22497_none_b922cef1b3e70dd9\win32k.sys
[2009.04.21 14:26:36 | 002,034,176 | ---- | M] (Microsoft Corporation) MD5=D8882CAF965DCBDE4278C88842D0ACFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22416_none_b9784e07b3a714fa\win32k.sys
[2010.05.01 15:13:48 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=DE14B77E9A30588F944163BD0911EDEA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18253_none_baa6e66297d2e861\win32k.sys
[2009.04.21 13:04:30 | 002,028,032 | ---- | M] (Microsoft Corporation) MD5=F0F292B8E028D69ACF49A9A78FBE4B78 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16849_none_b6eb01ca9d7886f0\win32k.sys
[2009.08.15 22:08:32 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=F140B984628DA0171AC67548A0515572 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21108_none_b79eb803b676ce08\win32k.sys
[2011.03.03 13:51:31 | 002,041,344 | ---- | M] (Microsoft Corporation) MD5=F56A9A30BA307D902C661A71B46F75F3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22867_none_b943464db3ceaea2\win32k.sys
[2011.09.06 14:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=FC8AC0F6116A2454DEE43680494784E4 -- C:\Windows\System32\win32k.sys
[2011.09.06 14:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=FC8AC0F6116A2454DEE43680494784E4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18512_none_bad12b7a97b356bb\win32k.sys
[2011.03.03 16:19:03 | 002,050,560 | ---- | M] (Microsoft Corporation) MD5=FCDC7F76EB218887230BE86AC6EBAC9B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22601_none_bb6497e7b0c9c13d\win32k.sys
[2010.12.31 14:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) MD5=FD9B62599B3AD261D203040BC7DDEC65 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18365_none_ba9e18f097d93427\win32k.sys
[2010.10.18 16:02:01 | 002,046,976 | ---- | M] (Microsoft Corporation) MD5=FDFC6B42F398A78C490616EA9DE3BCF5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22506_none_bb699773b0c542c9\win32k.sys
[2010.10.18 14:56:44 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=FEC8A2CE367AFB7D91ABC0B16478B171 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18539_none_b8dc160e9a96f365\win32k.sys
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WINSRV.DLL >
[2009.04.11 07:28:25 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=40864DA48A14EBC68A0D6BFD08BA21EB -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18005_none_b86a0fae997700f7\winsrv.dll
[2011.06.17 16:19:45 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=54D17B3CF96B72929A61391E765D7D4C -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22662_none_b8afd591b2c7ee25\winsrv.dll
[2011.04.20 16:55:29 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=5DF01708D214FDC0075AD197F1889557 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18456_none_b83507f4999e9a9f\winsrv.dll
[2011.04.20 16:13:57 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=60B351541547DE0A483926AA825D1D1D -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22628_none_b8e116fdb2a2166b\winsrv.dll
[2008.01.21 03:24:35 | 000,375,296 | ---- | M] (Microsoft Corporation) MD5=8B05FAF8603E6FDE90C5B103761CC3F6 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18000_none_b67e96a29c5535ab\winsrv.dll
[2011.06.17 17:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=9A7A3BC8DC7E7ECABA2478CED4C38CBD -- C:\Windows\System32\winsrv.dll
[2011.06.17 17:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=9A7A3BC8DC7E7ECABA2478CED4C38CBD -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18484_none_b812979c99b8bbc4\winsrv.dll
[2011.04.20 15:37:24 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=D1DE6323ADB727E9E9BFC0C4315A93E1 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.22904_none_b70c43c5b56f2409\winsrv.dll
[2011.04.20 15:47:25 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=F42F8855CB5C22E203C6672B124F17FD -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18638_none_b66634929c664320\winsrv.dll
< MD5 for: WS2_32.DLL >
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.01.21 03:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006.11.02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2007.04.09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
[2008.01.21 07:40:30 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2008.01.21 03:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006.11.02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2007.04.09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\mdippr.dll
[2008.01.21 07:40:30 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
< %systemroot%\system32\drivers\*.sys /10 >
< %systemroot%\system32\drivers\*.sys /X >
[2008.08.01 04:51:18 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2006.08.23 22:26:58 | 000,328,162 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.cpa
[2006.08.23 22:26:58 | 000,000,929 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.vp
[2007.04.18 13:19:50 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativdkxx.vp
[2007.05.30 16:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativokxx.vp
[2007.05.30 16:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativpkxx.vp
[2007.09.09 03:37:08 | 000,052,400 | ---- | M] () -- C:\Windows\system32\drivers\ativvpxx.vp
[2006.09.18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006.09.18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2008.01.21 03:23:51 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011.07.17 18:26:50 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2009.04.28 09:34:03 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009.11.11 10:11:30 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009.06.18 07:48:10 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009.11.11 10:11:51 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.28 10:45:56 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\system32\*.* /10 >
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:58:12 | 000,117,890 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.12.11 10:58:12 | 000,103,872 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.12.11 10:58:12 | 000,607,226 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.12.11 10:58:12 | 000,595,798 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.12.11 10:58:12 | 001,418,230 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV
< %systemroot%\Tasks\*.job >
[2011.12.11 09:52:04 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.12.11 10:50:19 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.12.11 11:26:06 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.12.10 13:50:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000Core.job
[2011.12.11 11:50:02 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000UA.job
< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[13 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6835 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
< %systemroot%\*. /rp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >
< %ALLUSERSPROFILE%\Data Aplikácií\*.* >
< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %APPDATA%\*. >
[2011.12.11 10:52:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\0D648
[2011.12.11 10:52:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\7E40D
[2009.05.04 18:07:57 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Adobe
[2011.01.29 10:10:21 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Apple Computer
[2009.07.25 08:17:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2011.04.26 21:51:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Audacity
[2011.06.25 09:51:59 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\calibre
[2009.12.28 10:50:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2010.12.24 17:04:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DivX
[2011.12.11 10:52:05 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Dropbox
[2010.08.09 14:58:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FileZilla
[2009.05.05 07:17:44 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\HP
[2011.12.09 12:20:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ICQ
[2009.05.04 12:55:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Identities
[2010.08.18 15:50:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImgBurn
[2010.03.21 18:32:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\InstallShield
[2011.07.03 20:42:21 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Intelore
[2009.05.04 17:39:43 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Center Programs
[2009.05.04 18:34:05 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Player Classic
[2011.12.10 13:35:48 | 000,000,000 | --SD | M] -- C:\Users\Radek\AppData\Roaming\Microsoft
[2009.09.11 10:02:59 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Mozilla
[2011.05.28 09:18:06 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2011.07.17 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Nokia
[2011.07.15 11:51:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PC Suite
[2011.02.08 19:37:01 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Pexeso
[2009.12.25 12:21:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PhotoFiltre
[2011.07.31 18:47:28 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\QuakeMap
[2009.07.01 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Real
[2010.03.21 18:38:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Reallusion
[2011.03.28 19:25:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sammsoft
[2011.11.20 11:26:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Screenshoter
[2011.08.19 07:17:04 | 000,000,000 | RH-D | M] -- C:\Users\Radek\AppData\Roaming\SecuROM
[2011.07.02 18:59:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Skype
[2011.07.02 18:59:15 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\skypePM
[2010.08.09 15:02:53 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\SmartFTP
[2011.09.13 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sports Interactive
[2011.04.02 08:20:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2009.05.06 05:33:25 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2011.12.10 15:39:06 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.04.02 08:20:08 | 000,087,608 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2011.12.10 19:58:21 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.04.02 08:20:08 | 000,007,887 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\pcouffin.cat
[2011.04.02 08:20:08 | 000,001,144 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\pcouffin.inf
[2011.04.02 08:20:08 | 000,000,055 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\pcouffin.log
[2011.04.02 08:20:08 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Radek\AppData\Roaming\pcouffin.sys
[2011.04.02 08:19:58 | 000,001,057 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\vso_ts_preview.xml
[2011.12.11 09:49:56 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
< %APPDATA%\*.exe /s >
[2011.12.10 15:39:06 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.04.02 08:20:08 | 000,087,608 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2011.12.10 19:58:21 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.12.11 09:49:56 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
[2011.12.11 10:52:42 | 000,193,024 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
[2011.12.11 10:52:08 | 000,176,640 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\7E40D\20104.exe
[2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2011.05.25 21:07:18 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radek\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2011.07.03 20:42:21 | 000,098,709 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Intelore\Word Password Recovery\uninstall.exe
[2011.07.03 20:42:21 | 002,808,832 | ---- | M] (Intelore) -- C:\Users\Radek\AppData\Roaming\Intelore\Word Password Recovery\WordPasswordRecovery.exe
[2011.12.10 13:39:10 | 000,002,347 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\D9ED.exe
[2011.12.11 10:51:41 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
[11 C:\Users\Radek\AppData\Roaming\Microsoft\0497\*.tmp files -> C:\Users\Radek\AppData\Roaming\Microsoft\0497\*.tmp -> ]
[2011.01.15 12:43:25 | 000,000,766 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\Copy(2)ofweb.exe
[2011.01.15 12:43:25 | 000,000,766 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\CopyofHelp.exe
[2011.01.15 12:43:25 | 000,002,238 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\wolf3D.exe
[2010.12.24 17:04:08 | 000,029,926 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32|bak;true;false;false /fp >
< %PROGRAMFILES%|bak;true;false;false /fp >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.11.11 00:06:49 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=4CB4054659ABEEEF925B153E2290E634 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.04.13 06:02:37 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-06 13:10:26
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.04.11 07:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation)
"StateIndex" = 0
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
< type c:\boot.ini >> test.txt /c >
< bcdedit /v >C:\boot.txt /c >
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=C:
description Windows Boot Manager
locale cs-CZ
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
default {45be5220-33d5-11de-ad50-001fd0dbce50}
resumeobject {45be5221-33d5-11de-ad50-001fd0dbce50}
displayorder {45be5220-33d5-11de-ad50-001fd0dbce50}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
resume No
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {45be5220-33d5-11de-ad50-001fd0dbce50}
device partition=C:
path \Windows\system32\winload.exe
description Microsoft Windows Vista
locale cs-CZ
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence {572bcd56-ffa7-11d9-aae0-0007e994107d}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {45be5221-33d5-11de-ad50-001fd0dbce50}
nx OptIn
< type C:\boot.txt >> test1.txt /c >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.11 11:31:07 | 000,000,512 | ---- | M] () MD5=DA7FC47B41CF74E76B734D9EA6F90889 -- C:\PhysicalMBR.bin
< %systemroot%\system32\drivers\*.sys /md5 >
[2006.11.02 09:55:12 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=B46AA621E7BD4FE150BCC140DACEDA1B -- C:\Windows\system32\drivers\1394bus.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\system32\drivers\acpi.sys
[2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) MD5=04F0FCAC69C7C71A3AC4EB97FAFC8303 -- C:\Windows\system32\drivers\adp94xx.sys
[2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) MD5=60505E0041F7751BDBB80F88BF45C2CE -- C:\Windows\system32\drivers\adpahci.sys
[2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) MD5=8A42779B02AEC986EAB64ECFC98F8BD7 -- C:\Windows\system32\drivers\adpu160m.sys
[2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) MD5=241C9E37F8CE45EF51C3DE27515CA4E5 -- C:\Windows\system32\drivers\adpu320.sys
[2010.06.25 11:26:47 | 000,483,200 | ---- | M] (ITETech ) MD5=E3F08935158038D385AD382442F4BB2D -- C:\Windows\system32\drivers\AF15BDA.sys
[2011.04.21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\system32\drivers\afd.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\system32\drivers\AGP440.sys
[2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) MD5=9EAEF5FC9B8E351AFA7E78A6FAE91F91 -- C:\Windows\system32\drivers\aliide.sys
[2008.01.21 03:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=C47344BC706E5F0B9DCE369516661578 -- C:\Windows\system32\drivers\AMDAGP.SYS
[2008.01.21 03:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=9B78A39A4C173FDBC1321E0DD659B34C -- C:\Windows\system32\drivers\amdide.sys
[2008.01.21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=18F29B49AD23ECEE3D2A826C725C8D48 -- C:\Windows\system32\drivers\amdk7.sys
[2008.01.21 03:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=93AE7F7DD54AB986A6F1A1B37BE7442D -- C:\Windows\system32\drivers\amdk8.sys
[2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) MD5=5D2888182FB46632511ACEE92FDAD522 -- C:\Windows\system32\drivers\arc.sys
[2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) MD5=5E2A321BD7C8B3624E41FDEC3E244945 -- C:\Windows\system32\drivers\arcsas.sys
[2008.01.21 03:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=53B202ABEE6455406254444303E87BE1 -- C:\Windows\system32\drivers\asyncmac.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\system32\drivers\atapi.sys
[2009.04.11 07:32:42 | 000,109,032 | ---- | M] (Microsoft Corporation) MD5=64B0052340B8EC28FA8A56B708AE71CC -- C:\Windows\system32\drivers\ataport.sys
[2008.08.01 07:40:28 | 003,894,272 | ---- | M] (ATI Technologies Inc.) MD5=ED29ACF556FF827CB35C0D07ED4AB8D0 -- C:\Windows\system32\drivers\atikmdag.sys
[2008.01.21 03:23:00 | 000,028,216 | ---- | M] (Microsoft Corporation) MD5=2B8A5A8879238C3BA9A89A8E3AC4E45D -- C:\Windows\system32\drivers\battc.sys
[2008.01.21 03:23:31 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=9F5F8F2318DFA3974A6F6A5602733929 -- C:\Windows\system32\drivers\bdasup.sys
[2008.01.21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\system32\drivers\beep.sys
[2008.01.21 03:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=D4DF28447741FD3D953526E33A617397 -- C:\Windows\system32\drivers\blbdrive.sys
[2011.02.22 14:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=35F376253F687BDE63976CCB3F2108CA -- C:\Windows\system32\drivers\bowser.sys
[2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) MD5=9F9ACC7F7CCDE8A15C282D3F88B43309 -- C:\Windows\system32\drivers\BrFiltLo.sys
[2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) MD5=56801AD62213A41F6497F96DEE83755A -- C:\Windows\system32\drivers\BrFiltUp.sys
[2009.04.11 06:42:55 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=B1564976D98E91FC764D5DC28A0297DA -- C:\Windows\system32\drivers\bridge.sys
[2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) MD5=B304E75CFF293029EDDF094246747113 -- C:\Windows\system32\drivers\BrSerId.sys
[2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) MD5=203F0B1E73ADADBBB7B7B1FABD901F6B -- C:\Windows\system32\drivers\BrSerWdm.sys
[2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) MD5=BD456606156BA17E60A04E18016AE54B -- C:\Windows\system32\drivers\BrUsbMdm.sys
[2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) MD5=AF72ED54503F717A43268B3CC5FAEC2E -- C:\Windows\system32\drivers\BrUsbSer.sys
[2009.04.11 05:43:10 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=6D39C954799B63BA866910234CF7D726 -- C:\Windows\system32\drivers\bthenum.sys
[2009.04.11 05:43:10 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=9A966A8E86D1771911AE34A20D11BFF3 -- C:\Windows\system32\drivers\bthmodem.sys
[2008.01.21 03:23:20 | 000,092,160 | ---- | M] (Microsoft Corporation) MD5=5904EFA25F829BF84EA6FB045134A1D8 -- C:\Windows\system32\drivers\bthpan.sys
[2011.04.21 14:55:05 | 000,508,416 | ---- | M] (Microsoft Corporation) MD5=611FF3F2F095C8D4A6D4CFD9DCC09793 -- C:\Windows\system32\drivers\bthport.sys
[2009.06.17 14:23:23 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=D330803EAB2A15CAEC7F011F1D4CB30E -- C:\Windows\system32\drivers\BTHUSB.SYS
[2008.09.20 00:41:50 | 000,037,560 | ---- | M] () MD5=E292176878F933E6A3CC46D6109EF1BB -- C:\Windows\system32\drivers\CamSuiteVAC.sys
[2008.01.21 03:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=7ADD03E75BEB9E6DD102C3081D29840A -- C:\Windows\system32\drivers\cdfs.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\system32\drivers\cdrom.sys
[2008.01.21 03:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=E5D4133F37219DBCFE102BC61072589D -- C:\Windows\system32\drivers\circlass.sys
[2009.04.11 07:32:43 | 000,125,928 | ---- | M] (Microsoft Corporation) MD5=0767B09C74D935A590B4879D14463B64 -- C:\Windows\system32\drivers\Classpnp.sys
[2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) MD5=0CA25E686A4928484E9FDABD168AB629 -- C:\Windows\system32\drivers\cmdide.sys
[2008.01.21 03:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) MD5=6AFEF0B60FA25DE07C0968983EE4F60A -- C:\Windows\system32\drivers\compbatt.sys
[2009.04.11 07:32:30 | 000,035,304 | ---- | M] (Microsoft Corporation) MD5=36975327EF03949CC378AB01E316B574 -- C:\Windows\system32\drivers\crashdmp.sys
[2008.01.21 03:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) MD5=741E9DFF4F42D2D8477D0FC1DC0DF871 -- C:\Windows\system32\drivers\crcdisk.sys
[2008.01.21 03:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=1F07BECDCA750766A96CDA811BA86410 -- C:\Windows\system32\drivers\crusoe.sys
[2011.04.14 15:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=622C41A07CA7E6DD91770F50D532CB6C -- C:\Windows\system32\drivers\dfsc.sys
[2009.04.11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\system32\drivers\disk.sys
[2009.04.11 05:39:11 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=494075282E23D838F43A4C9FB7143959 -- C:\Windows\system32\drivers\Diskdump.sys
[2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) MD5=AE1FDF7BF7BB6C6A70F67699D880592A -- C:\Windows\system32\drivers\djsvs.sys
[2008.01.21 03:23:01 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=4F59C172C094E1A1D46463A8DC061CBD -- C:\Windows\system32\drivers\Dot4.sys
[2008.01.21 03:23:03 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=80BF3BA09F6F2523C8F6B7CC6DBF7BD5 -- C:\Windows\system32\drivers\Dot4Prt.sys
[2008.01.21 03:23:01 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=C55004CA6B419B6695970DFE849B122F -- C:\Windows\system32\drivers\Dot4usb.sys
[2008.01.21 03:23:20 | 000,130,048 | ---- | M] (Microsoft Corporation) MD5=7BE5A3C671A2CB56E94403BFC2020A0D -- C:\Windows\system32\drivers\drmk.sys
[2008.01.21 03:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=97FEF831AB90BEE128C9AF390E243F80 -- C:\Windows\system32\drivers\drmkaud.sys
[2009.04.11 07:32:29 | 000,027,624 | ---- | M] (Microsoft Corporation) MD5=C67EBF9C05531C406E1E079FF669A2E6 -- C:\Windows\system32\drivers\Dumpata.sys
[2009.08.27 07:17:20 | 000,018,816 | ---- | M] (RIF) MD5=1FC1EED3EA0C3A0ECF8A95B97E1B4831 -- C:\Windows\system32\drivers\dvd43llh.sys
[2001.04.09 19:17:58 | 000,039,096 | ---- | M] (OLYMPUS OPTICAL CO.,LTD.) MD5=3E72195CBE5A3CF9C2D97D9E7FEF5455 -- C:\Windows\system32\drivers\DW90USB.SYS
[2008.01.21 03:24:21 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=EAAAFEF04FBB45665C9576E525D45A12 -- C:\Windows\system32\drivers\dxapi.sys
[2009.04.11 05:23:23 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=C8D5369BFE193B5FB53337DCE77CE314 -- C:\Windows\system32\drivers\dxg.sys
[2011.01.20 17:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) MD5=C68AC676B0EF30CFBB1080ADCE49EB1F -- C:\Windows\system32\drivers\dxgkrnl.sys
[2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) MD5=5425F74AC0C1DBD96A1E04F17D63F94C -- C:\Windows\system32\drivers\E1G60I32.sys
[2009.04.09 14:10:30 | 000,113,960 | ---- | M] (ESET) MD5=3B2E8F97B6869C29DA023EE75BF585D5 -- C:\Windows\system32\drivers\eamon.sys
[2009.04.11 07:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) MD5=7F64EA048DCFAC7ACF8B4D7B4E6FE371 -- C:\Windows\system32\drivers\ecache.sys
[2009.04.09 14:18:02 | 000,107,256 | ---- | M] (ESET) MD5=4FAD054CBCAA296BE7BD2CB77DA9D9B4 -- C:\Windows\system32\drivers\ehdrv.sys
[2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) MD5=23B62471681A124889978F6295B3F4C6 -- C:\Windows\system32\drivers\elxstor.sys
[2009.04.09 14:21:16 | 000,093,312 | ---- | M] (ESET) MD5=50207AB089C6B877781BFF673E70B86B -- C:\Windows\system32\drivers\epfwwfpr.sys
[2008.01.21 03:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=3DB974F3935483555D7148663F726C61 -- C:\Windows\system32\drivers\errdev.sys
[2009.04.11 05:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) MD5=22B408651F9123527BCEE54B4F6C5CAE -- C:\Windows\system32\drivers\exfat.sys
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\system32\drivers\fastfat.sys
[2008.01.21 03:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=AFE1E8B9782A0DD7FB46BBD88E43F89A -- C:\Windows\system32\drivers\fdc.sys
[2008.01.21 03:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) MD5=A8C0139A884861E3AAE9CFE73B208A9F -- C:\Windows\system32\drivers\fileinfo.sys
[2008.01.21 03:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=0AE429A696AECBC5970E3CF2C62635AE -- C:\Windows\system32\drivers\filetrace.sys
[2008.01.21 03:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=85B7CF99D532820495D68D747FDA9EBD -- C:\Windows\system32\drivers\flpydisk.sys
[2009.04.11 07:32:46 | 000,190,424 | ---- | M] (Společnost Microsoft) MD5=01334F9EA68E6877C4EF05D3EA8ABB05 -- C:\Windows\system32\drivers\fltMgr.sys
[2008.01.21 03:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=65EA8B77B5851854F0C55C43FA51A198 -- C:\Windows\system32\drivers\fs_rec.sys
[2009.04.11 07:32:43 | 000,099,816 | ---- | M] (Microsoft Corporation) MD5=73594DBC99E22958150192EE99BC48CE -- C:\Windows\system32\drivers\FWPKCLNT.SYS
[2008.01.21 03:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) MD5=34582A6E6573D54A07ECE5FE24A126B5 -- C:\Windows\system32\drivers\GAGP30KX.SYS
[2009.05.18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\Windows\system32\drivers\GEARAspiWDM.sys
[2009.04.11 05:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) MD5=062452B7FFD68C8C042A6261FE8DFF4A -- C:\Windows\system32\drivers\hdaudbus.sys
[2009.04.11 05:43:02 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=3F90E001369A07243763BD5A523D8722 -- C:\Windows\system32\drivers\HdAudio.sys
[2009.04.11 05:43:09 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=FCB3F4BE408F72C1BD81BCABA87FC22F -- C:\Windows\system32\drivers\hidbth.sys
[2009.04.11 05:42:48 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=5961CADB7CAD938368D2028725EF771D -- C:\Windows\system32\drivers\hidclass.sys
[2006.11.02 09:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=FF3160C3A2445128C5A6D9B076DA519E -- C:\Windows\system32\drivers\hidir.sys
[2008.01.21 03:23:26 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=175444D3A01CA45D0E1C5DC5F48DF7CD -- C:\Windows\system32\drivers\hidparse.sys
[2009.04.11 05:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=CCA4B519B17E23A00B826C55716809CC -- C:\Windows\system32\drivers\hidusb.sys
[2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) MD5=16EE7B23A009E00D835CDB79574A91A6 -- C:\Windows\system32\drivers\HpCISSs.sys
[2010.02.20 21:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=F870AA3E254628EBEAFE754108D664DE -- C:\Windows\system32\drivers\http.sys
[2008.01.21 03:23:02 | 000,019,000 | ---- | M] (Microsoft Corporation) MD5=95BD3EA81EBE6B8CACAFDB6CDAB3586C -- C:\Windows\system32\drivers\i2omgmt.sys
[2008.01.21 03:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) MD5=C6B032D69650985468160FC9937CF5B4 -- C:\Windows\system32\drivers\i2omp.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\system32\drivers\i8042prt.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\system32\drivers\iaStorV.sys
[2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) MD5=2D077BF86E843F901D8DB709C95B49A5 -- C:\Windows\system32\drivers\iirsp.sys
[2008.01.21 03:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\system32\drivers\intelide.sys
[2008.01.21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=224191001E78C89DFA78924C3EA595FF -- C:\Windows\system32\drivers\intelppm.sys
[2008.01.21 03:24:45 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=62C265C38769B864CB25B4BCF62DF6C3 -- C:\Windows\system32\drivers\ipfltdrv.sys
[2008.01.21 03:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=B25AAF203552B7B3491139D582B39AD1 -- C:\Windows\system32\drivers\IPMIDrv.sys
[2008.01.21 03:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=8793643A67B42CEC66490B2A0CF92D68 -- C:\Windows\system32\drivers\ipnat.sys
[2008.01.21 03:24:31 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=E50A95179211B12946F7E035D60AF560 -- C:\Windows\system32\drivers\irda.sys
[2008.01.21 03:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=109C0DFB82C3632FBD11949B73AEEAC9 -- C:\Windows\system32\drivers\irenum.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\system32\drivers\isapnp.sys
[2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) MD5=BCED60D16156E428F8DF8CF27B0DF150 -- C:\Windows\system32\drivers\iteatapi.sys
[2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) MD5=06FA654504A498C30ADCA8BEC4E87E7E -- C:\Windows\system32\drivers\iteraid.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\system32\drivers\kbdclass.sys
[2009.04.11 05:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=EDE59EC70E25C24581ADD1FBEC7325F7 -- C:\Windows\system32\drivers\kbdhid.sys
[2009.04.11 05:38:49 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=EF73C1E29FBE7B0FD0274BF4394E346A -- C:\Windows\system32\drivers\ks.sys
[2009.06.16 00:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) MD5=86165728AF9BF72D6442A894FDFB4F8B -- C:\Windows\system32\drivers\ksecdd.sys
[2008.01.21 03:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) MD5=D1C5883087A0C3F1344D9D55A44901F6 -- C:\Windows\system32\drivers\lltdio.sys
[2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) MD5=C7E15E82879BF3235B559563D4185365 -- C:\Windows\system32\drivers\lsi_fc.sys
[2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) MD5=EE01EBAE8C9BF0FA072E0FF68718920A -- C:\Windows\system32\drivers\lsi_sas.sys
[2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) MD5=912A04696E9CA30146A62AFA1463DD5C -- C:\Windows\system32\drivers\lsi_scsi.sys
[2008.01.21 03:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) MD5=8F5C7426567798E62A3B3614965D62CC -- C:\Windows\system32\drivers\luafv.sys
[2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) MD5=A3E700D78EEC390F1208098CDCA5C6B6 -- C:\Windows\system32\drivers\MarvinBus.sys
[2008.01.21 03:24:47 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B271EC02E71271A2DA28B3B7BC4E4F15 -- C:\Windows\system32\drivers\mcd.sys
[2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) MD5=0001CE609D66632FA17B84705F658879 -- C:\Windows\system32\drivers\megasas.sys
[2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) MD5=C252F32CD9A49DBFC25ECF26EBD51A99 -- C:\Windows\system32\drivers\MegaSR.sys
[2008.01.21 03:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=E13B5EA0F51BA5B1512EC671393D09BA -- C:\Windows\system32\drivers\modem.sys
[2008.01.21 03:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=0A9BB33B56E294F686ABB7C1E4E2D8A8 -- C:\Windows\system32\drivers\monitor.sys
[2008.01.21 03:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) MD5=5BF6A1326A335C5298477754A506D263 -- C:\Windows\system32\drivers\mouclass.sys
[2008.01.21 03:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=93B8D4869E12CFBE663915502900876F -- C:\Windows\system32\drivers\mouhid.sys
[2008.01.21 03:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\system32\drivers\mountmgr.sys
[2008.01.21 03:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) MD5=511D011289755DD9F9A7579FB0B064E6 -- C:\Windows\system32\drivers\mpio.sys
[2008.01.21 03:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=22241FEBA9B2DEFA669C8CB0A8DD7D2E -- C:\Windows\system32\drivers\mpsdrv.sys
[2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) MD5=4FBBB70D30FD20EC51F80061703B001E -- C:\Windows\system32\drivers\Mraid35x.sys
[2009.04.11 05:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=82CEA0395524AACFEB58BA1448E8325C -- C:\Windows\system32\drivers\mrxdav.sys
[2011.04.29 14:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=1E94971C4B446AB2290DEB71D01CF0C2 -- C:\Windows\system32\drivers\mrxsmb.sys
[2011.07.06 16:31:47 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=4FCCB34D793B116423209C0F8B7A3B03 -- C:\Windows\system32\drivers\mrxsmb10.sys
[2011.04.29 14:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C3CB1B40AD4A0124D617A1199B0B9D7C -- C:\Windows\system32\drivers\mrxsmb20.sys
[2008.01.21 03:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) MD5=28023E86F17001F7CD9B15A5BC9AE07D -- C:\Windows\system32\drivers\msahci.sys
[2008.01.21 03:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) MD5=4468B0F385A86ECDDAF8D3CA662EC0E7 -- C:\Windows\system32\drivers\msdsm.sys
[2008.01.21 03:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A9927F4A46B816C92F461ACB90CF8515 -- C:\Windows\system32\drivers\msfs.sys
[2008.01.21 03:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) MD5=0F400E306F385C56317357D6DEA56F62 -- C:\Windows\system32\drivers\msisadrv.sys
[2009.04.11 07:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) MD5=232FA340531D940AAC623B121A595034 -- C:\Windows\system32\drivers\msiscsi.sys
[2008.01.21 03:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=D8C63D34D9C9E56C059E24EC7185CC07 -- C:\Windows\system32\drivers\mskssrv.sys
[2008.01.21 03:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=1D373C90D62DDB641D50E55B9E78D65E -- C:\Windows\system32\drivers\mspclock.sys
[2008.01.21 03:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=B572DA05BF4E098D4BBA3A4734FB505B -- C:\Windows\system32\drivers\mspqm.sys
[2009.04.11 07:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) MD5=B49456D70555DE905C311BCDA6EC6ADB -- C:\Windows\system32\drivers\msrpc.sys
[2008.01.21 03:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) MD5=E384487CB84BE41D09711C30CA79646C -- C:\Windows\system32\drivers\mssmbios.sys
[2008.01.21 03:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) MD5=7199C1EEC1E4993CAF96B8C0A26BD58A -- C:\Windows\system32\drivers\mstee.sys
[2009.04.11 07:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) MD5=6A57B5733D4CB702C8EA4542E836B96C -- C:\Windows\system32\drivers\mup.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\system32\drivers\ndis.sys
[2008.01.21 03:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=0E186E90404980569FB449BA7519AE61 -- C:\Windows\system32\drivers\ndistapi.sys
[2008.01.21 03:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D6973AA34C4D5D76C0430B181C3CD389 -- C:\Windows\system32\drivers\ndisuio.sys
[2009.04.11 05:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) MD5=818F648618AE34F729FDB47EC68345C3 -- C:\Windows\system32\drivers\ndiswan.sys
[2008.01.21 03:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=71DAB552B41936358F3B541AE5997FB3 -- C:\Windows\system32\drivers\ndproxy.sys
[2008.01.21 03:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=BCD093A5A6777CF626434568DC7DBA78 -- C:\Windows\system32\drivers\netbios.sys
[2009.04.11 05:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=ECD64230A59CBD93C85F1CD1CAB9F3F6 -- C:\Windows\system32\drivers\netbt.sys
[2009.04.11 07:32:46 | 000,223,208 | ---- | M] (Microsoft Corporation) MD5=063EE4D3CB88A14EAB9901875CEE98B1 -- C:\Windows\system32\drivers\netio.sys
[2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) MD5=2E7FB731D4790A1BC6270ACCEFACB36E -- C:\Windows\system32\drivers\nfrd960.sys
[2009.04.11 05:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=D36F239D7CCE1931598E8FB90A0DBC26 -- C:\Windows\system32\drivers\npfs.sys
[2008.01.21 03:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=609773E344A97410CE4EBF74A8914FCF -- C:\Windows\system32\drivers\nsiproxy.sys
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\system32\drivers\ntfs.sys
[2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) MD5=E875C093AEC0C978A90F30C9E0DFBB72 -- C:\Windows\system32\drivers\ntrigdigi.sys
[2008.01.21 03:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=C5DBBCDA07D780BDA9B685DF333BB41E -- C:\Windows\system32\drivers\null.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\system32\drivers\nvraid.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\system32\drivers\nvstor.sys
[2008.01.21 03:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) MD5=18BBDF913916B71BD54575BDB6EEAC0B -- C:\Windows\system32\drivers\NV_AGP.SYS
[2009.04.11 05:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=85C44FDFF9CF7E72A40DCB7EC06A4416 -- C:\Windows\system32\drivers\nwifi.sys
[2006.11.02 09:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) MD5=BE32DA025A0BE1878F0EE8D6D9386CD5 -- C:\Windows\system32\drivers\ohci1394.sys
[2009.04.28 10:08:40 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) MD5=AD66BC56DD6A030174C03395B3DC0720 -- C:\Windows\system32\drivers\PAC7302.SYS
[2009.04.11 05:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=99514FAA8DF93D34B5589187DB3AA0BA -- C:\Windows\system32\drivers\pacer.sys
[2008.01.21 03:23:01 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=8A79FDF04A73428597E2CAF9D0D67850 -- C:\Windows\system32\drivers\parport.sys
[2009.04.11 07:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) MD5=57389FA59A36D96B3EB09D0CB91E9CDC -- C:\Windows\system32\drivers\partmgr.sys
[2008.01.21 03:23:01 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=6C580025C81CAF3AE9E3617C22CAD00E -- C:\Windows\system32\drivers\parvdm.sys
[2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) MD5=FD2041E9BA03DB7764B2248F02475079 -- C:\Windows\system32\drivers\pccsmcfd.sys
[2009.04.11 07:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) MD5=941DC1D19E7E8620F40BBC206981EFDB -- C:\Windows\system32\drivers\pci.sys
[2008.01.21 03:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) MD5=FC175F5DDAB666D7F4D17449A547626F -- C:\Windows\system32\drivers\pciide.sys
[2009.04.11 07:32:52 | 000,043,496 | ---- | M] (Microsoft Corporation) MD5=6429D10C5D149AC9EB2D95052A390CFF -- C:\Windows\system32\drivers\pciidex.sys
[2006.11.02 10:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) MD5=E6F3FB1B86AA519E7698AD05E58B04E5 -- C:\Windows\system32\drivers\pcmcia.sys
[2009.05.07 19:48:25 | 000,047,360 | ---- | M] (VSO Software) MD5=5B6C11DE7E839C05248CED8825470FEF -- C:\Windows\system32\drivers\pcouffin.sys
[2006.11.02 10:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) MD5=6349F6ED9C623B44B52EA3C63C831A92 -- C:\Windows\system32\drivers\PEAuth.sys
[2009.04.11 05:42:50 | 000,167,936 | ---- | M] (Microsoft Corporation) MD5=218286724EC530FF252648369E05B090 -- C:\Windows\system32\drivers\portcls.sys
[2008.01.21 03:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=2027293619DD0F047C584CF2E7DF4FFD -- C:\Windows\system32\drivers\processr.sys
[2008.11.20 20:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) MD5=49452BFCEC22F36A7A9B9C2181BC3042 -- C:\Windows\system32\drivers\pxhelp20.sys
[2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) MD5=0A6DB55AFB7820C99AA1F3A1D270F4F6 -- C:\Windows\system32\drivers\ql2300.sys
[2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) MD5=81A7E5C076E59995D54BC1ED3A16E60B -- C:\Windows\system32\drivers\ql40xx.sys
[2008.01.21 03:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9F5E0E1926014D17486901C88ECA2DB7 -- C:\Windows\system32\drivers\qwavedrv.sys
[2008.01.21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\system32\drivers\rasacd.sys
[2008.01.21 03:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=A214ADBAF4CB47DD2728859EF31F26B0 -- C:\Windows\system32\drivers\rasl2tp.sys
[2009.04.11 05:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=509A98DD18AF4375E1FC40BC175F1DEF -- C:\Windows\system32\drivers\raspppoe.sys
[2008.01.21 03:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=ECFFFAEC0C1ECD8DBC77F39070EA1DB1 -- C:\Windows\system32\drivers\raspptp.sys
[2009.04.11 05:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=2005F4A1E05FA09389AC85840F0A9E4D -- C:\Windows\system32\drivers\rassstp.sys
[2009.04.11 05:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) MD5=B14C9D5B9ADD2F84F70570BBBFAA7935 -- C:\Windows\system32\drivers\rdbss.sys
[2008.01.21 03:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=89E59BE9A564262A3FB6C4F4F1CD9899 -- C:\Windows\system32\drivers\RDPCDD.sys
[2008.01.21 03:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) MD5=FBC0BACD9C3D7F6956853F64A66E252D -- C:\Windows\system32\drivers\rdpdr.sys
[2008.01.21 03:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=9D91FE5286F748862ECFFA05F8A0710C -- C:\Windows\system32\drivers\RDPENCDD.sys
[2009.04.11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\system32\drivers\rdpwd.sys
[2009.04.11 05:43:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=6482707F9F4DA0ECBAB43B2E0398A101 -- C:\Windows\system32\drivers\rfcomm.sys
[2009.04.11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) MD5=EEC7EE5675294B03E88AA868540007C1 -- C:\Windows\system32\drivers\rmcast.sys
[2009.04.11 05:46:07 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=D9225D107E40D0FA5C5069446759C8E9 -- C:\Windows\system32\drivers\RNDISMP.sys
[2008.01.21 03:24:49 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=75E8A6BFA7374ABA833AE92BF41AE4E6 -- C:\Windows\system32\drivers\rootmdm.sys
[2008.01.21 03:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=9C508F4074A39E8B4B31D27198146FAD -- C:\Windows\system32\drivers\rspndr.sys
[2009.03.30 16:13:42 | 002,350,624 | ---- | M] (Realtek Semiconductor Corp.) MD5=2E4F8AD76CB1203D68DB6E8F02E4AF74 -- C:\Windows\system32\drivers\RTKVHDA.sys
[2008.11.10 20:26:00 | 000,135,680 | ---- | M] (Realtek Corporation ) MD5=F875E277A79EF9D6F3AC89ABB557A689 -- C:\Windows\system32\drivers\Rtlh86.sys
[2006.11.02 10:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) MD5=3CE8F073A557E172B330109436984E30 -- C:\Windows\system32\drivers\sbp2port.sys
[2008.01.21 03:23:54 | 000,142,904 | ---- | M] (Microsoft Corporation) MD5=6F5CA34AE885645ACF8A20D564DB976C -- C:\Windows\system32\drivers\scsiport.sys
[2006.11.02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\Windows\system32\drivers\secdrv.sys
[2008.01.21 03:23:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=CE9EC966638EF0B10B864DDEDF62A099 -- C:\Windows\system32\drivers\serenum.sys
[2008.01.21 03:23:01 | 000,083,456 | ---- | M] (Microsoft Corporation) MD5=6D663022DB3E7058907784AE14B69898 -- C:\Windows\system32\drivers\serial.sys
[2008.01.21 03:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=8AF3D28A879BF75DB53A0EE7A4289624 -- C:\Windows\system32\drivers\sermouse.sys
[2008.01.21 03:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=3EFA810BDCA87F6ECC24F9832243FE86 -- C:\Windows\system32\drivers\sffdisk.sys
[2008.01.21 03:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=E95D451F7EA3E583AEC75F3B3EE42DC5 -- C:\Windows\system32\drivers\sffp_mmc.sys
[2008.01.21 03:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=3D0EA348784B7AC9EA9BD9F317980979 -- C:\Windows\system32\drivers\sffp_sd.sys
[2006.11.02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\system32\drivers\sfloppy.sys
[2008.01.21 03:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) MD5=1D76624A09A054F682D746B924E2DBC3 -- C:\Windows\system32\drivers\SISAGP.SYS
[2008.01.21 03:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) MD5=43CB7AA756C7DB280D01DA9B676CFDE2 -- C:\Windows\system32\drivers\sisraid2.sys
[2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) MD5=A99C6C8B0BAA970D8AA59DDC50B57F94 -- C:\Windows\system32\drivers\sisraid4.sys
[2009.04.11 05:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=7B75299A4D201D6A6533603D6914AB04 -- C:\Windows\system32\drivers\smb.sys
[2008.01.21 03:24:55 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=A7D7EA1771D2ED6F39A8063E79B6C3E8 -- C:\Windows\system32\drivers\smclib.sys
[2008.01.21 03:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) MD5=7AEBDEEF071FE28B0EEF2CDD69102BFF -- C:\Windows\system32\drivers\spldr.sys
[2009.04.11 03:52:40 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=A7F8BAD9590ADDC425B4003E94780DFA -- C:\Windows\system32\drivers\spsys.sys
[2009.12.28 10:45:56 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
[2011.02.18 15:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) MD5=41987F9FC0E61ADF54F581E15029AD91 -- C:\Windows\system32\drivers\srv.sys
[2011.04.29 14:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=FF33AFF99564B1AA534F58868CBE41EF -- C:\Windows\system32\drivers\srv2.sys
[2011.04.29 14:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=7605C0E1D01A08F3ECD743F38B834A44 -- C:\Windows\system32\drivers\srvnet.sys
[2009.04.11 07:32:54 | 000,122,344 | ---- | M] (Microsoft Corporation) MD5=47E55AFE1ED1D5AFF09690DB226F4A7A -- C:\Windows\system32\drivers\Storport.sys
[2009.04.11 05:42:47 | 000,052,992 | ---- | M] (Microsoft Corporation) MD5=70A92E46A2F459CDEDE3CA558CB26B6A -- C:\Windows\system32\drivers\stream.sys
[2008.01.21 03:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) MD5=7BA58ECF0C0A9A69D44B3DCA62BECF56 -- C:\Windows\system32\drivers\swenum.sys
[2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) MD5=192AA3AC01DF071B541094F251DEED10 -- C:\Windows\system32\drivers\symc8xx.sys
[2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) MD5=8C8EB8C76736EBAF3B13B633B2E64125 -- C:\Windows\system32\drivers\sym_hi.sys
[2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) MD5=8072AF52B5FD103BBBA387A1E49F62CB -- C:\Windows\system32\drivers\sym_u3.sys
[2008.01.21 03:24:44 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1239FD18895040D97B7CDBC19BC2075E -- C:\Windows\system32\drivers\tape.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\system32\drivers\tcpip.sys
[2009.12.08 18:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=608C345A255D82A6289C2D468EB41FD7 -- C:\Windows\system32\drivers\tcpipreg.sys
[2008.01.21 03:24:05 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=77937EFF009AC696B90E09F671F9D0A4 -- C:\Windows\system32\drivers\tdi.sys
[2008.01.21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\system32\drivers\tdpipe.sys
[2008.01.21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\system32\drivers\tdtcp.sys
[2009.04.11 05:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=76B06EB8A01FC8624D699E7045303E54 -- C:\Windows\system32\drivers\tdx.sys
[2009.04.11 07:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\system32\drivers\termdd.sys
[2008.01.21 03:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=DCF0F056A2E4F52287264F5AB29CF206 -- C:\Windows\system32\drivers\tssecsrv.sys
[2008.01.21 03:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=CAECC0120AC49E3D2F758B9169872D38 -- C:\Windows\system32\drivers\TUNMP.SYS
[2010.02.18 12:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=300DB877AC094FEAB0BE7688C3454A9C -- C:\Windows\system32\drivers\tunnel.sys
[2008.01.21 03:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) MD5=7D33C4DB2CE363C8518D2DFCF533941F -- C:\Windows\system32\drivers\UAGP35.SYS
[2009.04.11 05:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) MD5=D9728AF68C4C7693CB100B8441CBDEC6 -- C:\Windows\system32\drivers\udfs.sys
[2008.01.21 03:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) MD5=B0ACFDC9E4AF279E9116C03E014B2B27 -- C:\Windows\system32\drivers\ULIAGPKX.SYS
[2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) MD5=9224BB254F591DE4CA8D572A5F0D635C -- C:\Windows\system32\drivers\uliahci.sys
[2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) MD5=8514D0E5CD0534467C5FC61BE94A569F -- C:\Windows\system32\drivers\ulsata.sys
[2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) MD5=38C3C6E62B157A6BC46594FADA45C62B -- C:\Windows\system32\drivers\ulsata2.sys
[2008.01.21 03:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=32CFF9F809AE9AED85464492BF3E32D2 -- C:\Windows\system32\drivers\umbus.sys
[2008.01.21 03:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=88BD96A1BAEED33EE8BDF9499C07A841 -- C:\Windows\system32\drivers\umpass.sys
[2009.04.11 05:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=830D5D8456B822C1247C1E59B4C464FA -- C:\Windows\system32\drivers\usb8023.sys
[2011.05.10 07:06:08 | 000,042,496 | ---- | M] (Apple, Inc.) MD5=83CAFCB53201BBAC04D822F32438E244 -- C:\Windows\system32\drivers\usbaapl.sys
[2009.04.11 05:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=D06F193F3E9CC3B356DF97F6A43C054A -- C:\Windows\system32\drivers\USBCAMD.sys
[2009.04.11 05:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=EAE017D3AA298374A1967B96C379C5AB -- C:\Windows\system32\drivers\USBCAMD2.sys
[2008.01.21 03:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) MD5=CAF811AE4C147FFCD5B51750C7F09142 -- C:\Windows\system32\drivers\usbccgp.sys
[2006.11.02 09:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) MD5=E9476E6C486E76BC4898074768FB7131 -- C:\Windows\system32\drivers\usbcir.sys
[2008.01.21 03:23:03 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=790FDAC6D0C762DF9047C3C625A6FF6C -- C:\Windows\system32\drivers\usbd.sys
[2009.04.11 05:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=79E96C23A97CE7B8F14D310DA2DB0C9B -- C:\Windows\system32\drivers\usbehci.sys
[2009.04.11 05:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) MD5=4673BBCB006AF60E7ABDDBE7A130BA42 -- C:\Windows\system32\drivers\usbhub.sys
[2006.11.02 09:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=38DBC7DD6CC5A72011F187425384388B -- C:\Windows\system32\drivers\usbohci.sys
[2009.04.11 05:42:57 | 000,226,304 | ---- | M] (Microsoft Corporation) MD5=A1C100A87D981AD0774FBC0B4B82E913 -- C:\Windows\system32\drivers\usbport.sys
[2008.01.21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\system32\drivers\usbprint.sys
[2008.01.21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\system32\drivers\usbscan.sys
[2009.04.11 05:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\system32\drivers\USBSTOR.SYS
[2008.01.21 03:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=814D653EFC4D48BE3B04A307ECEFF56F -- C:\Windows\system32\drivers\usbuhci.sys
[2008.01.21 03:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=2E93AC0A1D8C79D019DB6C51F036636C -- C:\Windows\system32\drivers\vga.sys
[2008.01.21 03:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=87B06E1F30B749A114F74622D013F8D4 -- C:\Windows\system32\drivers\vgapnp.sys
[2008.01.21 03:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) MD5=5D7159DEF58A800D5781BA3A879627BC -- C:\Windows\system32\drivers\VIAAGP.SYS
[2008.01.21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=C4F3A691B5BAD343E6249BD8C2D45DEE -- C:\Windows\system32\drivers\viac7.sys
[2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) MD5=AADF5587A4063F52C2C3FED7887426FC -- C:\Windows\system32\drivers\viaide.sys
[2008.01.21 03:23:42 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=C048D2C33D27441A0CDCAAE2651EB03D -- C:\Windows\system32\drivers\videoprt.sys
[2006.04.07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) MD5=AE01E1ED5A81E0D268B91B4A6DE5A872 -- C:\Windows\system32\drivers\VNUSB.sys
[2008.01.21 03:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) MD5=69503668AC66C77C6CD7AF86FBDF8C43 -- C:\Windows\system32\drivers\volmgr.sys
[2009.04.11 07:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) MD5=23E41B834759917BFD6B9A0D625D0C28 -- C:\Windows\system32\drivers\volmgrx.sys
[2009.04.11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\system32\drivers\volsnap.sys
[2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=587253E09325E6BF226B299774B728A9 -- C:\Windows\system32\drivers\vsmraid.sys
[2006.11.02 09:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) MD5=48DFEE8F1AF7C8235D4E626F0C4FE031 -- C:\Windows\system32\drivers\wacompen.sys
[2008.01.21 03:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=55201897378CCA7AF8B5EFD874374A26 -- C:\Windows\system32\drivers\wanarp.sys
[2009.04.11 05:22:46 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=4A5C31E2C1646034E6A60EBA4C747FF6 -- C:\Windows\system32\drivers\watchdog.sys
[2008.01.21 03:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) MD5=78FE9542363F297B18C027B2D7E7C07F -- C:\Windows\system32\drivers\wd.sys
[2008.01.21 03:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) MD5=B6F0A7AD6D4BD325FBCD8BAC96CD8D96 -- C:\Windows\system32\drivers\Wdf01000.sys
[2008.01.21 03:23:51 | 000,035,896 | ---- | M] (Microsoft Corporation) MD5=B4FC6DD9167B058E6DBE6CB14ACFA2CB -- C:\Windows\system32\drivers\WdfLdr.sys
[2008.01.21 03:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=2E7255D172DF0B8283CDFB7B433B864E -- C:\Windows\system32\drivers\wmiacpi.sys
[2008.01.21 03:23:42 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=C546864EED786304762D030FEBF6B411 -- C:\Windows\system32\drivers\wmilib.sys
[2009.10.01 02:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=DE9D36F91A4DF3D911626643DEBF11EA -- C:\Windows\system32\drivers\WpdUsb.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\system32\drivers\ws2ifsl.sys
[2009.07.14 18:45:07 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=6F9B6C0C93232CFF47D0F72D6DB1D21E -- C:\Windows\system32\drivers\WUDFPf.sys
[2009.07.14 18:45:07 | 000,132,224 | ---- | M] (Microsoft Corporation) MD5=F91FF1E51FCA30B3C3981DB7D5924252 -- C:\Windows\system32\drivers\WUDFRd.sys
< >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Historie] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programy] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs -> Junction
[C:\Windows\System32\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Filmy] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Hudba] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Obrázky] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\System32\config\systemprofile\Dokumenty] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\Nabídka Start] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\System32\config\systemprofile\Okolní síť] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Okolní tiskárny] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\System32\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\System32\config\systemprofile\Šablony] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Radek\Desktop\30 Rock - 1x05 - Jack-Tor.avi:TOC.WMV
< End of report >
Ten soubor C:\PhysicalMBR.bin se mi bohužel nepodařilo objevit..
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WIN32K.SYS >
[2010.10.18 15:01:21 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=041D6ADE410A2FAD7451DADA50B807AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22778_none_b93974c5b3d5e6c3\win32k.sys
[2009.04.21 12:55:06 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=13D686DF9652E7A397B2C3DA89881C34 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18246_none_b8ce3f929aa1cbdc\win32k.sys
[2009.08.14 14:53:16 | 002,035,712 | ---- | M] (Microsoft Corporation) MD5=18406CE410C1A4394FE1A8246D10567F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18311_none_b8e9afca9a8df67d\win32k.sys
[2011.06.02 13:59:29 | 002,042,368 | ---- | M] (Microsoft Corporation) MD5=1AB81DE60826E31BCA3644C34C35006D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18653_none_b8c076609aac9064\win32k.sys
[2009.08.14 14:29:56 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=26AC4A647E67C7A7064309CBF1AAE3AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22200_none_bb639005b0cab34a\win32k.sys
[2010.06.21 14:47:04 | 002,045,952 | ---- | M] (Microsoft Corporation) MD5=2AB7745E006D3692A6B758F9A97386A8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22428_none_bb55f649b0d3b032\win32k.sys
[2010.12.31 14:59:47 | 002,048,000 | ---- | M] (Microsoft Corporation) MD5=2EE9A7A6563BEB2D325028BFA1639A94 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22560_none_bb22b62fb0fb5265\win32k.sys
[2009.04.28 10:15:13 | 002,033,664 | ---- | M] (Microsoft Corporation) MD5=33180D19BCCBF9CB6B96CE03BB613FD4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22372_none_b9336b71b3db5a1d\win32k.sys
[2010.10.18 14:31:24 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=4A2D1819212071B0AA0DD47DD6D2DC7B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18328_none_bacc597e97b61068\win32k.sys
[2011.06.02 14:12:16 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=4CD2681A8C7613567F5DFAE6EA4589C4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22653_none_bb3088dfb0f07fa0\win32k.sys
[2010.08.31 15:33:39 | 002,046,464 | ---- | M] (Microsoft Corporation) MD5=5A259D684426F7DCBD6D435347955FF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22478_none_bb1fe6adb0fc3be7\win32k.sys
[2009.04.28 10:15:13 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=5CAE6E4513342909C7FDA4F83D85E958 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18211_none_b8e9ade49a8df956\win32k.sys
[2009.04.21 12:55:42 | 002,030,080 | ---- | M] (Microsoft Corporation) MD5=633B5887DC689EB3ECF2F0994F506F40 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21044_none_b76f7545b69adb49\win32k.sys
[2008.01.21 03:24:35 | 002,031,616 | ---- | M] (Microsoft Corporation) MD5=664FCB81B53ECC5A1ACB325D50EB11C0 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_b8f379ba9a86c9c0\win32k.sys
[2009.04.28 10:15:13 | 002,030,080 | ---- | M] (Microsoft Corporation) MD5=6730B1581BBE610596C322465229D8A2 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21006_none_b79cb589b6789e33\win32k.sys
[2009.04.28 10:15:13 | 002,028,032 | ---- | M] (Microsoft Corporation) MD5=68D3921F210FC146876B7815DF5BCC41 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16816_none_b70870b09d62e718\win32k.sys
[2010.05.01 14:53:49 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=6E78D8BB909579F9CBA6C8410C5C1697 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18468_none_b8baa41a9ab030ba\win32k.sys
[2009.04.11 05:24:16 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=71C61AFCD453F3153B0EB4F988EE669D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_badef2c697a8950c\win32k.sys
[2011.06.02 13:59:32 | 002,042,880 | ---- | M] (Microsoft Corporation) MD5=7380515AC4AD02062931817CC226486D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22927_none_b96e87e3b3ae3c05\win32k.sys
[2010.12.31 14:24:31 | 002,039,296 | ---- | M] (Microsoft Corporation) MD5=7BE33568CBC736ACD18BF868CCFDD721 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22824_none_b96b851fb3b0f2d9\win32k.sys
[2010.12.31 14:25:17 | 002,038,784 | ---- | M] (Microsoft Corporation) MD5=7E2B88A06365DB40AB739E51DE750A1A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18573_none_b8aad4a29abccb1f\win32k.sys
[2009.08.14 14:27:17 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=8705038245789561EE714D12CC3368CE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18091_none_ba79a25297f52b29\win32k.sys
[2010.08.31 14:39:46 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=8B8F4094E0C58022F8CBA3D33E45E244 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18523_none_b8e0e43e9a943f6a\win32k.sys
[2010.05.01 21:27:32 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=92D62DCB0C488707CCDBC4044C62920C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22682_none_b928a137b3e36d83\win32k.sys
[2009.08.14 15:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) MD5=9352E049F234BFA756C840CD8BDF4FFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16908_none_b71543169d58fafc\win32k.sys
[2010.06.21 14:18:15 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=A0F8D73E65CD93F90FE9410FB17CD154 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18496_none_b89833c29aca51df\win32k.sys
[2009.04.21 12:39:47 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=A1696D4E327DB3FC815DAE837DC3D8B8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18023_none_bac7525a97ba9a40\win32k.sys
[2011.03.03 13:53:48 | 002,040,832 | ---- | M] (Microsoft Corporation) MD5=A91142A46B8FC7CFBD22F78515756EF1 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18612_none_b8eab5c69a8d0749\win32k.sys
[2009.04.21 12:42:33 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=AB4D93D30AA6B51598ADAFB6AAAB5962 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22119_none_bb61c0cdb0cab623\win32k.sys
[2010.05.01 15:26:07 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=ABC44865039F3D6B055F7418A83802CC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22396_none_bb08445bb10e43f4\win32k.sys
[2011.06.02 14:34:49 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=AD40B88FEA23C51404C40948C3160285 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18475_none_ba934aea97e14d3f\win32k.sys
[2011.09.06 16:18:22 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=B2855D835DBB342F9B058012254DB767 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22711_none_bb59c9e1b0d1da55\win32k.sys
[2010.06.21 14:25:11 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=B39C0D9A2B67487FCCF50345E44F8125 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22716_none_b97853b9b3a70c6f\win32k.sys
[2011.03.03 14:25:11 | 002,041,856 | ---- | M] (Microsoft Corporation) MD5=BE9AC15503AD65C35D9EF649539C4E3F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18417_none_bad62b0697aed847\win32k.sys
[2010.08.31 14:27:38 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=C2F2451A71234D5CF5D0E6C6546FAC6D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18305_none_badef87897a88c81\win32k.sys
[2010.06.21 14:37:03 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=C803AEA1F4ED11CBBFFBEFF2FE78D463 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18275_none_ba93471e97e152f1\win32k.sys
[2010.08.31 14:38:10 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=CFDC1586D84A187D38512528F60CA7E5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22754_none_b94b1375b3c94985\win32k.sys
[2009.08.14 14:46:38 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=D4F9530BB031E0BAEDBE08B21BE52ADD -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22497_none_b922cef1b3e70dd9\win32k.sys
[2009.04.21 14:26:36 | 002,034,176 | ---- | M] (Microsoft Corporation) MD5=D8882CAF965DCBDE4278C88842D0ACFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22416_none_b9784e07b3a714fa\win32k.sys
[2010.05.01 15:13:48 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=DE14B77E9A30588F944163BD0911EDEA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18253_none_baa6e66297d2e861\win32k.sys
[2009.04.21 13:04:30 | 002,028,032 | ---- | M] (Microsoft Corporation) MD5=F0F292B8E028D69ACF49A9A78FBE4B78 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16849_none_b6eb01ca9d7886f0\win32k.sys
[2009.08.15 22:08:32 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=F140B984628DA0171AC67548A0515572 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21108_none_b79eb803b676ce08\win32k.sys
[2011.03.03 13:51:31 | 002,041,344 | ---- | M] (Microsoft Corporation) MD5=F56A9A30BA307D902C661A71B46F75F3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22867_none_b943464db3ceaea2\win32k.sys
[2011.09.06 14:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=FC8AC0F6116A2454DEE43680494784E4 -- C:\Windows\System32\win32k.sys
[2011.09.06 14:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=FC8AC0F6116A2454DEE43680494784E4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18512_none_bad12b7a97b356bb\win32k.sys
[2011.03.03 16:19:03 | 002,050,560 | ---- | M] (Microsoft Corporation) MD5=FCDC7F76EB218887230BE86AC6EBAC9B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22601_none_bb6497e7b0c9c13d\win32k.sys
[2010.12.31 14:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) MD5=FD9B62599B3AD261D203040BC7DDEC65 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18365_none_ba9e18f097d93427\win32k.sys
[2010.10.18 16:02:01 | 002,046,976 | ---- | M] (Microsoft Corporation) MD5=FDFC6B42F398A78C490616EA9DE3BCF5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22506_none_bb699773b0c542c9\win32k.sys
[2010.10.18 14:56:44 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=FEC8A2CE367AFB7D91ABC0B16478B171 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18539_none_b8dc160e9a96f365\win32k.sys
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WINSRV.DLL >
[2009.04.11 07:28:25 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=40864DA48A14EBC68A0D6BFD08BA21EB -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18005_none_b86a0fae997700f7\winsrv.dll
[2011.06.17 16:19:45 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=54D17B3CF96B72929A61391E765D7D4C -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22662_none_b8afd591b2c7ee25\winsrv.dll
[2011.04.20 16:55:29 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=5DF01708D214FDC0075AD197F1889557 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18456_none_b83507f4999e9a9f\winsrv.dll
[2011.04.20 16:13:57 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=60B351541547DE0A483926AA825D1D1D -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22628_none_b8e116fdb2a2166b\winsrv.dll
[2008.01.21 03:24:35 | 000,375,296 | ---- | M] (Microsoft Corporation) MD5=8B05FAF8603E6FDE90C5B103761CC3F6 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18000_none_b67e96a29c5535ab\winsrv.dll
[2011.06.17 17:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=9A7A3BC8DC7E7ECABA2478CED4C38CBD -- C:\Windows\System32\winsrv.dll
[2011.06.17 17:03:18 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=9A7A3BC8DC7E7ECABA2478CED4C38CBD -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18484_none_b812979c99b8bbc4\winsrv.dll
[2011.04.20 15:37:24 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=D1DE6323ADB727E9E9BFC0C4315A93E1 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.22904_none_b70c43c5b56f2409\winsrv.dll
[2011.04.20 15:47:25 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=F42F8855CB5C22E203C6672B124F17FD -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18638_none_b66634929c664320\winsrv.dll
< MD5 for: WS2_32.DLL >
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.01.21 03:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006.11.02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2007.04.09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
[2008.01.21 07:40:30 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2008.01.21 03:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006.11.02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2007.04.09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\mdippr.dll
[2008.01.21 07:40:30 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui
< %systemroot%\system32\drivers\*.sys /10 >
< %systemroot%\system32\drivers\*.sys /X >
[2008.08.01 04:51:18 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2006.08.23 22:26:58 | 000,328,162 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.cpa
[2006.08.23 22:26:58 | 000,000,929 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.vp
[2007.04.18 13:19:50 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativdkxx.vp
[2007.05.30 16:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativokxx.vp
[2007.05.30 16:37:38 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativpkxx.vp
[2007.09.09 03:37:08 | 000,052,400 | ---- | M] () -- C:\Windows\system32\drivers\ativvpxx.vp
[2006.09.18 22:26:46 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2006.09.18 22:26:46 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2008.01.21 03:23:51 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2011.07.17 18:26:50 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2009.04.28 09:34:03 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009.11.11 10:11:30 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009.06.18 07:48:10 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009.11.11 10:11:51 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.28 10:45:56 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\system32\*.* /10 >
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:50:24 | 000,003,616 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.11 10:58:12 | 000,117,890 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.12.11 10:58:12 | 000,103,872 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.12.11 10:58:12 | 000,607,226 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.12.11 10:58:12 | 000,595,798 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.12.11 10:58:12 | 001,418,230 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\system32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\system32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\system32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\system32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\system32\config\SYSTEM.SAV
< %systemroot%\Tasks\*.job >
[2011.12.11 09:52:04 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.12.11 10:50:19 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.12.11 11:26:06 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.12.10 13:50:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000Core.job
[2011.12.11 11:50:02 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000UA.job
< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[13 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6835 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
< %systemroot%\*. /rp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >
< %ALLUSERSPROFILE%\Data Aplikácií\*.* >
< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %APPDATA%\*. >
[2011.12.11 10:52:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\0D648
[2011.12.11 10:52:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\7E40D
[2009.05.04 18:07:57 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Adobe
[2011.01.29 10:10:21 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Apple Computer
[2009.07.25 08:17:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Ashampoo
[2011.04.26 21:51:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Audacity
[2011.06.25 09:51:59 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\calibre
[2009.12.28 10:50:38 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
[2010.12.24 17:04:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\DivX
[2011.12.11 10:52:05 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Dropbox
[2010.08.09 14:58:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\FileZilla
[2009.05.05 07:17:44 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\HP
[2011.12.09 12:20:42 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ICQ
[2009.05.04 12:55:13 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Identities
[2010.08.18 15:50:58 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\ImgBurn
[2010.03.21 18:32:12 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\InstallShield
[2011.07.03 20:42:21 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Intelore
[2009.05.04 17:39:43 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Center Programs
[2009.05.04 18:34:05 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Media Player Classic
[2011.12.10 13:35:48 | 000,000,000 | --SD | M] -- C:\Users\Radek\AppData\Roaming\Microsoft
[2009.09.11 10:02:59 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Mozilla
[2011.05.28 09:18:06 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\MyPhoneExplorer
[2011.07.17 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Nokia
[2011.07.15 11:51:50 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PC Suite
[2011.02.08 19:37:01 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Pexeso
[2009.12.25 12:21:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\PhotoFiltre
[2011.07.31 18:47:28 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\QuakeMap
[2009.07.01 16:59:16 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Real
[2010.03.21 18:38:36 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Reallusion
[2011.03.28 19:25:26 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sammsoft
[2011.11.20 11:26:07 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Screenshoter
[2011.08.19 07:17:04 | 000,000,000 | RH-D | M] -- C:\Users\Radek\AppData\Roaming\SecuROM
[2011.07.02 18:59:37 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Skype
[2011.07.02 18:59:15 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\skypePM
[2010.08.09 15:02:53 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\SmartFTP
[2011.09.13 16:54:49 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Sports Interactive
[2011.04.02 08:20:08 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\Vso
[2009.05.06 05:33:25 | 000,000,000 | ---D | M] -- C:\Users\Radek\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2011.12.10 15:39:06 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.04.02 08:20:08 | 000,087,608 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2011.12.10 19:58:21 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.04.02 08:20:08 | 000,007,887 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\pcouffin.cat
[2011.04.02 08:20:08 | 000,001,144 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\pcouffin.inf
[2011.04.02 08:20:08 | 000,000,055 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\pcouffin.log
[2011.04.02 08:20:08 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Radek\AppData\Roaming\pcouffin.sys
[2011.04.02 08:19:58 | 000,001,057 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\vso_ts_preview.xml
[2011.12.11 09:49:56 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
< %APPDATA%\*.exe /s >
[2011.12.10 15:39:06 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\chrome.exe
[2011.04.02 08:20:08 | 000,087,608 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\inst.exe
[2011.12.10 19:58:21 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\java.exe
[2011.12.11 09:49:56 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\wmplayer.exe
[2011.12.11 10:52:42 | 000,193,024 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe
[2011.12.11 10:52:08 | 000,176,640 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\7E40D\20104.exe
[2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2011.05.25 21:07:18 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Radek\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2011.07.03 20:42:21 | 000,098,709 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Intelore\Word Password Recovery\uninstall.exe
[2011.07.03 20:42:21 | 002,808,832 | ---- | M] (Intelore) -- C:\Users\Radek\AppData\Roaming\Intelore\Word Password Recovery\WordPasswordRecovery.exe
[2011.12.10 13:39:10 | 000,002,347 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\D9ED.exe
[2011.12.11 10:51:41 | 000,292,864 | ---- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe
[11 C:\Users\Radek\AppData\Roaming\Microsoft\0497\*.tmp files -> C:\Users\Radek\AppData\Roaming\Microsoft\0497\*.tmp -> ]
[2011.01.15 12:43:25 | 000,000,766 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\Copy(2)ofweb.exe
[2011.01.15 12:43:25 | 000,000,766 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\CopyofHelp.exe
[2011.01.15 12:43:25 | 000,002,238 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{69FDD4EA-9D68-11D5-8A28-005004D37F93}\wolf3D.exe
[2010.12.24 17:04:08 | 000,029,926 | R--- | M] () -- C:\Users\Radek\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32|bak;true;false;false /fp >
< %PROGRAMFILES%|bak;true;false;false /fp >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.11.11 00:06:49 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=4CB4054659ABEEEF925B153E2290E634 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.04.13 06:02:37 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-06 13:10:26
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.04.11 07:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation)
"StateIndex" = 0
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
< type c:\boot.ini >> test.txt /c >
< bcdedit /v >C:\boot.txt /c >
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=C:
description Windows Boot Manager
locale cs-CZ
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
default {45be5220-33d5-11de-ad50-001fd0dbce50}
resumeobject {45be5221-33d5-11de-ad50-001fd0dbce50}
displayorder {45be5220-33d5-11de-ad50-001fd0dbce50}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
resume No
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {45be5220-33d5-11de-ad50-001fd0dbce50}
device partition=C:
path \Windows\system32\winload.exe
description Microsoft Windows Vista
locale cs-CZ
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence {572bcd56-ffa7-11d9-aae0-0007e994107d}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {45be5221-33d5-11de-ad50-001fd0dbce50}
nx OptIn
< type C:\boot.txt >> test1.txt /c >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.11 11:31:07 | 000,000,512 | ---- | M] () MD5=DA7FC47B41CF74E76B734D9EA6F90889 -- C:\PhysicalMBR.bin
< %systemroot%\system32\drivers\*.sys /md5 >
[2006.11.02 09:55:12 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=B46AA621E7BD4FE150BCC140DACEDA1B -- C:\Windows\system32\drivers\1394bus.sys
[2009.04.11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\system32\drivers\acpi.sys
[2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) MD5=04F0FCAC69C7C71A3AC4EB97FAFC8303 -- C:\Windows\system32\drivers\adp94xx.sys
[2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) MD5=60505E0041F7751BDBB80F88BF45C2CE -- C:\Windows\system32\drivers\adpahci.sys
[2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) MD5=8A42779B02AEC986EAB64ECFC98F8BD7 -- C:\Windows\system32\drivers\adpu160m.sys
[2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) MD5=241C9E37F8CE45EF51C3DE27515CA4E5 -- C:\Windows\system32\drivers\adpu320.sys
[2010.06.25 11:26:47 | 000,483,200 | ---- | M] (ITETech ) MD5=E3F08935158038D385AD382442F4BB2D -- C:\Windows\system32\drivers\AF15BDA.sys
[2011.04.21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\system32\drivers\afd.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\system32\drivers\AGP440.sys
[2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) MD5=9EAEF5FC9B8E351AFA7E78A6FAE91F91 -- C:\Windows\system32\drivers\aliide.sys
[2008.01.21 03:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=C47344BC706E5F0B9DCE369516661578 -- C:\Windows\system32\drivers\AMDAGP.SYS
[2008.01.21 03:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=9B78A39A4C173FDBC1321E0DD659B34C -- C:\Windows\system32\drivers\amdide.sys
[2008.01.21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=18F29B49AD23ECEE3D2A826C725C8D48 -- C:\Windows\system32\drivers\amdk7.sys
[2008.01.21 03:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=93AE7F7DD54AB986A6F1A1B37BE7442D -- C:\Windows\system32\drivers\amdk8.sys
[2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) MD5=5D2888182FB46632511ACEE92FDAD522 -- C:\Windows\system32\drivers\arc.sys
[2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) MD5=5E2A321BD7C8B3624E41FDEC3E244945 -- C:\Windows\system32\drivers\arcsas.sys
[2008.01.21 03:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=53B202ABEE6455406254444303E87BE1 -- C:\Windows\system32\drivers\asyncmac.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\system32\drivers\atapi.sys
[2009.04.11 07:32:42 | 000,109,032 | ---- | M] (Microsoft Corporation) MD5=64B0052340B8EC28FA8A56B708AE71CC -- C:\Windows\system32\drivers\ataport.sys
[2008.08.01 07:40:28 | 003,894,272 | ---- | M] (ATI Technologies Inc.) MD5=ED29ACF556FF827CB35C0D07ED4AB8D0 -- C:\Windows\system32\drivers\atikmdag.sys
[2008.01.21 03:23:00 | 000,028,216 | ---- | M] (Microsoft Corporation) MD5=2B8A5A8879238C3BA9A89A8E3AC4E45D -- C:\Windows\system32\drivers\battc.sys
[2008.01.21 03:23:31 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=9F5F8F2318DFA3974A6F6A5602733929 -- C:\Windows\system32\drivers\bdasup.sys
[2008.01.21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\system32\drivers\beep.sys
[2008.01.21 03:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=D4DF28447741FD3D953526E33A617397 -- C:\Windows\system32\drivers\blbdrive.sys
[2011.02.22 14:23:55 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=35F376253F687BDE63976CCB3F2108CA -- C:\Windows\system32\drivers\bowser.sys
[2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) MD5=9F9ACC7F7CCDE8A15C282D3F88B43309 -- C:\Windows\system32\drivers\BrFiltLo.sys
[2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) MD5=56801AD62213A41F6497F96DEE83755A -- C:\Windows\system32\drivers\BrFiltUp.sys
[2009.04.11 06:42:55 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=B1564976D98E91FC764D5DC28A0297DA -- C:\Windows\system32\drivers\bridge.sys
[2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) MD5=B304E75CFF293029EDDF094246747113 -- C:\Windows\system32\drivers\BrSerId.sys
[2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) MD5=203F0B1E73ADADBBB7B7B1FABD901F6B -- C:\Windows\system32\drivers\BrSerWdm.sys
[2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) MD5=BD456606156BA17E60A04E18016AE54B -- C:\Windows\system32\drivers\BrUsbMdm.sys
[2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) MD5=AF72ED54503F717A43268B3CC5FAEC2E -- C:\Windows\system32\drivers\BrUsbSer.sys
[2009.04.11 05:43:10 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=6D39C954799B63BA866910234CF7D726 -- C:\Windows\system32\drivers\bthenum.sys
[2009.04.11 05:43:10 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=9A966A8E86D1771911AE34A20D11BFF3 -- C:\Windows\system32\drivers\bthmodem.sys
[2008.01.21 03:23:20 | 000,092,160 | ---- | M] (Microsoft Corporation) MD5=5904EFA25F829BF84EA6FB045134A1D8 -- C:\Windows\system32\drivers\bthpan.sys
[2011.04.21 14:55:05 | 000,508,416 | ---- | M] (Microsoft Corporation) MD5=611FF3F2F095C8D4A6D4CFD9DCC09793 -- C:\Windows\system32\drivers\bthport.sys
[2009.06.17 14:23:23 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=D330803EAB2A15CAEC7F011F1D4CB30E -- C:\Windows\system32\drivers\BTHUSB.SYS
[2008.09.20 00:41:50 | 000,037,560 | ---- | M] () MD5=E292176878F933E6A3CC46D6109EF1BB -- C:\Windows\system32\drivers\CamSuiteVAC.sys
[2008.01.21 03:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=7ADD03E75BEB9E6DD102C3081D29840A -- C:\Windows\system32\drivers\cdfs.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\system32\drivers\cdrom.sys
[2008.01.21 03:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=E5D4133F37219DBCFE102BC61072589D -- C:\Windows\system32\drivers\circlass.sys
[2009.04.11 07:32:43 | 000,125,928 | ---- | M] (Microsoft Corporation) MD5=0767B09C74D935A590B4879D14463B64 -- C:\Windows\system32\drivers\Classpnp.sys
[2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) MD5=0CA25E686A4928484E9FDABD168AB629 -- C:\Windows\system32\drivers\cmdide.sys
[2008.01.21 03:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) MD5=6AFEF0B60FA25DE07C0968983EE4F60A -- C:\Windows\system32\drivers\compbatt.sys
[2009.04.11 07:32:30 | 000,035,304 | ---- | M] (Microsoft Corporation) MD5=36975327EF03949CC378AB01E316B574 -- C:\Windows\system32\drivers\crashdmp.sys
[2008.01.21 03:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) MD5=741E9DFF4F42D2D8477D0FC1DC0DF871 -- C:\Windows\system32\drivers\crcdisk.sys
[2008.01.21 03:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=1F07BECDCA750766A96CDA811BA86410 -- C:\Windows\system32\drivers\crusoe.sys
[2011.04.14 15:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=622C41A07CA7E6DD91770F50D532CB6C -- C:\Windows\system32\drivers\dfsc.sys
[2009.04.11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\system32\drivers\disk.sys
[2009.04.11 05:39:11 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=494075282E23D838F43A4C9FB7143959 -- C:\Windows\system32\drivers\Diskdump.sys
[2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) MD5=AE1FDF7BF7BB6C6A70F67699D880592A -- C:\Windows\system32\drivers\djsvs.sys
[2008.01.21 03:23:01 | 000,131,584 | ---- | M] (Microsoft Corporation) MD5=4F59C172C094E1A1D46463A8DC061CBD -- C:\Windows\system32\drivers\Dot4.sys
[2008.01.21 03:23:03 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=80BF3BA09F6F2523C8F6B7CC6DBF7BD5 -- C:\Windows\system32\drivers\Dot4Prt.sys
[2008.01.21 03:23:01 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=C55004CA6B419B6695970DFE849B122F -- C:\Windows\system32\drivers\Dot4usb.sys
[2008.01.21 03:23:20 | 000,130,048 | ---- | M] (Microsoft Corporation) MD5=7BE5A3C671A2CB56E94403BFC2020A0D -- C:\Windows\system32\drivers\drmk.sys
[2008.01.21 03:23:21 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=97FEF831AB90BEE128C9AF390E243F80 -- C:\Windows\system32\drivers\drmkaud.sys
[2009.04.11 07:32:29 | 000,027,624 | ---- | M] (Microsoft Corporation) MD5=C67EBF9C05531C406E1E079FF669A2E6 -- C:\Windows\system32\drivers\Dumpata.sys
[2009.08.27 07:17:20 | 000,018,816 | ---- | M] (RIF) MD5=1FC1EED3EA0C3A0ECF8A95B97E1B4831 -- C:\Windows\system32\drivers\dvd43llh.sys
[2001.04.09 19:17:58 | 000,039,096 | ---- | M] (OLYMPUS OPTICAL CO.,LTD.) MD5=3E72195CBE5A3CF9C2D97D9E7FEF5455 -- C:\Windows\system32\drivers\DW90USB.SYS
[2008.01.21 03:24:21 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=EAAAFEF04FBB45665C9576E525D45A12 -- C:\Windows\system32\drivers\dxapi.sys
[2009.04.11 05:23:23 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=C8D5369BFE193B5FB53337DCE77CE314 -- C:\Windows\system32\drivers\dxg.sys
[2011.01.20 17:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) MD5=C68AC676B0EF30CFBB1080ADCE49EB1F -- C:\Windows\system32\drivers\dxgkrnl.sys
[2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) MD5=5425F74AC0C1DBD96A1E04F17D63F94C -- C:\Windows\system32\drivers\E1G60I32.sys
[2009.04.09 14:10:30 | 000,113,960 | ---- | M] (ESET) MD5=3B2E8F97B6869C29DA023EE75BF585D5 -- C:\Windows\system32\drivers\eamon.sys
[2009.04.11 07:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) MD5=7F64EA048DCFAC7ACF8B4D7B4E6FE371 -- C:\Windows\system32\drivers\ecache.sys
[2009.04.09 14:18:02 | 000,107,256 | ---- | M] (ESET) MD5=4FAD054CBCAA296BE7BD2CB77DA9D9B4 -- C:\Windows\system32\drivers\ehdrv.sys
[2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) MD5=23B62471681A124889978F6295B3F4C6 -- C:\Windows\system32\drivers\elxstor.sys
[2009.04.09 14:21:16 | 000,093,312 | ---- | M] (ESET) MD5=50207AB089C6B877781BFF673E70B86B -- C:\Windows\system32\drivers\epfwwfpr.sys
[2008.01.21 03:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=3DB974F3935483555D7148663F726C61 -- C:\Windows\system32\drivers\errdev.sys
[2009.04.11 05:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) MD5=22B408651F9123527BCEE54B4F6C5CAE -- C:\Windows\system32\drivers\exfat.sys
[2009.04.11 05:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\system32\drivers\fastfat.sys
[2008.01.21 03:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=AFE1E8B9782A0DD7FB46BBD88E43F89A -- C:\Windows\system32\drivers\fdc.sys
[2008.01.21 03:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) MD5=A8C0139A884861E3AAE9CFE73B208A9F -- C:\Windows\system32\drivers\fileinfo.sys
[2008.01.21 03:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=0AE429A696AECBC5970E3CF2C62635AE -- C:\Windows\system32\drivers\filetrace.sys
[2008.01.21 03:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=85B7CF99D532820495D68D747FDA9EBD -- C:\Windows\system32\drivers\flpydisk.sys
[2009.04.11 07:32:46 | 000,190,424 | ---- | M] (Společnost Microsoft) MD5=01334F9EA68E6877C4EF05D3EA8ABB05 -- C:\Windows\system32\drivers\fltMgr.sys
[2008.01.21 03:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=65EA8B77B5851854F0C55C43FA51A198 -- C:\Windows\system32\drivers\fs_rec.sys
[2009.04.11 07:32:43 | 000,099,816 | ---- | M] (Microsoft Corporation) MD5=73594DBC99E22958150192EE99BC48CE -- C:\Windows\system32\drivers\FWPKCLNT.SYS
[2008.01.21 03:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) MD5=34582A6E6573D54A07ECE5FE24A126B5 -- C:\Windows\system32\drivers\GAGP30KX.SYS
[2009.05.18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\Windows\system32\drivers\GEARAspiWDM.sys
[2009.04.11 05:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) MD5=062452B7FFD68C8C042A6261FE8DFF4A -- C:\Windows\system32\drivers\hdaudbus.sys
[2009.04.11 05:43:02 | 000,236,544 | ---- | M] (Microsoft Corporation) MD5=3F90E001369A07243763BD5A523D8722 -- C:\Windows\system32\drivers\HdAudio.sys
[2009.04.11 05:43:09 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=FCB3F4BE408F72C1BD81BCABA87FC22F -- C:\Windows\system32\drivers\hidbth.sys
[2009.04.11 05:42:48 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=5961CADB7CAD938368D2028725EF771D -- C:\Windows\system32\drivers\hidclass.sys
[2006.11.02 09:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=FF3160C3A2445128C5A6D9B076DA519E -- C:\Windows\system32\drivers\hidir.sys
[2008.01.21 03:23:26 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=175444D3A01CA45D0E1C5DC5F48DF7CD -- C:\Windows\system32\drivers\hidparse.sys
[2009.04.11 05:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=CCA4B519B17E23A00B826C55716809CC -- C:\Windows\system32\drivers\hidusb.sys
[2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) MD5=16EE7B23A009E00D835CDB79574A91A6 -- C:\Windows\system32\drivers\HpCISSs.sys
[2010.02.20 21:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=F870AA3E254628EBEAFE754108D664DE -- C:\Windows\system32\drivers\http.sys
[2008.01.21 03:23:02 | 000,019,000 | ---- | M] (Microsoft Corporation) MD5=95BD3EA81EBE6B8CACAFDB6CDAB3586C -- C:\Windows\system32\drivers\i2omgmt.sys
[2008.01.21 03:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) MD5=C6B032D69650985468160FC9937CF5B4 -- C:\Windows\system32\drivers\i2omp.sys
[2008.01.21 03:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\system32\drivers\i8042prt.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\system32\drivers\iaStorV.sys
[2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) MD5=2D077BF86E843F901D8DB709C95B49A5 -- C:\Windows\system32\drivers\iirsp.sys
[2008.01.21 03:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\system32\drivers\intelide.sys
[2008.01.21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=224191001E78C89DFA78924C3EA595FF -- C:\Windows\system32\drivers\intelppm.sys
[2008.01.21 03:24:45 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=62C265C38769B864CB25B4BCF62DF6C3 -- C:\Windows\system32\drivers\ipfltdrv.sys
[2008.01.21 03:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=B25AAF203552B7B3491139D582B39AD1 -- C:\Windows\system32\drivers\IPMIDrv.sys
[2008.01.21 03:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=8793643A67B42CEC66490B2A0CF92D68 -- C:\Windows\system32\drivers\ipnat.sys
[2008.01.21 03:24:31 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=E50A95179211B12946F7E035D60AF560 -- C:\Windows\system32\drivers\irda.sys
[2008.01.21 03:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=109C0DFB82C3632FBD11949B73AEEAC9 -- C:\Windows\system32\drivers\irenum.sys
[2008.01.21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\system32\drivers\isapnp.sys
[2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) MD5=BCED60D16156E428F8DF8CF27B0DF150 -- C:\Windows\system32\drivers\iteatapi.sys
[2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) MD5=06FA654504A498C30ADCA8BEC4E87E7E -- C:\Windows\system32\drivers\iteraid.sys
[2008.01.21 03:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\system32\drivers\kbdclass.sys
[2009.04.11 05:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=EDE59EC70E25C24581ADD1FBEC7325F7 -- C:\Windows\system32\drivers\kbdhid.sys
[2009.04.11 05:38:49 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=EF73C1E29FBE7B0FD0274BF4394E346A -- C:\Windows\system32\drivers\ks.sys
[2009.06.16 00:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) MD5=86165728AF9BF72D6442A894FDFB4F8B -- C:\Windows\system32\drivers\ksecdd.sys
[2008.01.21 03:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) MD5=D1C5883087A0C3F1344D9D55A44901F6 -- C:\Windows\system32\drivers\lltdio.sys
[2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) MD5=C7E15E82879BF3235B559563D4185365 -- C:\Windows\system32\drivers\lsi_fc.sys
[2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) MD5=EE01EBAE8C9BF0FA072E0FF68718920A -- C:\Windows\system32\drivers\lsi_sas.sys
[2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) MD5=912A04696E9CA30146A62AFA1463DD5C -- C:\Windows\system32\drivers\lsi_scsi.sys
[2008.01.21 03:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) MD5=8F5C7426567798E62A3B3614965D62CC -- C:\Windows\system32\drivers\luafv.sys
[2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) MD5=A3E700D78EEC390F1208098CDCA5C6B6 -- C:\Windows\system32\drivers\MarvinBus.sys
[2008.01.21 03:24:47 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B271EC02E71271A2DA28B3B7BC4E4F15 -- C:\Windows\system32\drivers\mcd.sys
[2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) MD5=0001CE609D66632FA17B84705F658879 -- C:\Windows\system32\drivers\megasas.sys
[2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) MD5=C252F32CD9A49DBFC25ECF26EBD51A99 -- C:\Windows\system32\drivers\MegaSR.sys
[2008.01.21 03:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=E13B5EA0F51BA5B1512EC671393D09BA -- C:\Windows\system32\drivers\modem.sys
[2008.01.21 03:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=0A9BB33B56E294F686ABB7C1E4E2D8A8 -- C:\Windows\system32\drivers\monitor.sys
[2008.01.21 03:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) MD5=5BF6A1326A335C5298477754A506D263 -- C:\Windows\system32\drivers\mouclass.sys
[2008.01.21 03:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=93B8D4869E12CFBE663915502900876F -- C:\Windows\system32\drivers\mouhid.sys
[2008.01.21 03:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\system32\drivers\mountmgr.sys
[2008.01.21 03:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) MD5=511D011289755DD9F9A7579FB0B064E6 -- C:\Windows\system32\drivers\mpio.sys
[2008.01.21 03:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=22241FEBA9B2DEFA669C8CB0A8DD7D2E -- C:\Windows\system32\drivers\mpsdrv.sys
[2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) MD5=4FBBB70D30FD20EC51F80061703B001E -- C:\Windows\system32\drivers\Mraid35x.sys
[2009.04.11 05:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=82CEA0395524AACFEB58BA1448E8325C -- C:\Windows\system32\drivers\mrxdav.sys
[2011.04.29 14:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=1E94971C4B446AB2290DEB71D01CF0C2 -- C:\Windows\system32\drivers\mrxsmb.sys
[2011.07.06 16:31:47 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=4FCCB34D793B116423209C0F8B7A3B03 -- C:\Windows\system32\drivers\mrxsmb10.sys
[2011.04.29 14:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C3CB1B40AD4A0124D617A1199B0B9D7C -- C:\Windows\system32\drivers\mrxsmb20.sys
[2008.01.21 03:23:00 | 000,028,728 | ---- | M] (Microsoft Corporation) MD5=28023E86F17001F7CD9B15A5BC9AE07D -- C:\Windows\system32\drivers\msahci.sys
[2008.01.21 03:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) MD5=4468B0F385A86ECDDAF8D3CA662EC0E7 -- C:\Windows\system32\drivers\msdsm.sys
[2008.01.21 03:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A9927F4A46B816C92F461ACB90CF8515 -- C:\Windows\system32\drivers\msfs.sys
[2008.01.21 03:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) MD5=0F400E306F385C56317357D6DEA56F62 -- C:\Windows\system32\drivers\msisadrv.sys
[2009.04.11 07:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) MD5=232FA340531D940AAC623B121A595034 -- C:\Windows\system32\drivers\msiscsi.sys
[2008.01.21 03:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=D8C63D34D9C9E56C059E24EC7185CC07 -- C:\Windows\system32\drivers\mskssrv.sys
[2008.01.21 03:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=1D373C90D62DDB641D50E55B9E78D65E -- C:\Windows\system32\drivers\mspclock.sys
[2008.01.21 03:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=B572DA05BF4E098D4BBA3A4734FB505B -- C:\Windows\system32\drivers\mspqm.sys
[2009.04.11 07:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) MD5=B49456D70555DE905C311BCDA6EC6ADB -- C:\Windows\system32\drivers\msrpc.sys
[2008.01.21 03:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) MD5=E384487CB84BE41D09711C30CA79646C -- C:\Windows\system32\drivers\mssmbios.sys
[2008.01.21 03:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) MD5=7199C1EEC1E4993CAF96B8C0A26BD58A -- C:\Windows\system32\drivers\mstee.sys
[2009.04.11 07:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) MD5=6A57B5733D4CB702C8EA4542E836B96C -- C:\Windows\system32\drivers\mup.sys
[2009.04.11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\system32\drivers\ndis.sys
[2008.01.21 03:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=0E186E90404980569FB449BA7519AE61 -- C:\Windows\system32\drivers\ndistapi.sys
[2008.01.21 03:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D6973AA34C4D5D76C0430B181C3CD389 -- C:\Windows\system32\drivers\ndisuio.sys
[2009.04.11 05:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) MD5=818F648618AE34F729FDB47EC68345C3 -- C:\Windows\system32\drivers\ndiswan.sys
[2008.01.21 03:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=71DAB552B41936358F3B541AE5997FB3 -- C:\Windows\system32\drivers\ndproxy.sys
[2008.01.21 03:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=BCD093A5A6777CF626434568DC7DBA78 -- C:\Windows\system32\drivers\netbios.sys
[2009.04.11 05:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=ECD64230A59CBD93C85F1CD1CAB9F3F6 -- C:\Windows\system32\drivers\netbt.sys
[2009.04.11 07:32:46 | 000,223,208 | ---- | M] (Microsoft Corporation) MD5=063EE4D3CB88A14EAB9901875CEE98B1 -- C:\Windows\system32\drivers\netio.sys
[2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) MD5=2E7FB731D4790A1BC6270ACCEFACB36E -- C:\Windows\system32\drivers\nfrd960.sys
[2009.04.11 05:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=D36F239D7CCE1931598E8FB90A0DBC26 -- C:\Windows\system32\drivers\npfs.sys
[2008.01.21 03:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=609773E344A97410CE4EBF74A8914FCF -- C:\Windows\system32\drivers\nsiproxy.sys
[2009.04.11 07:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\system32\drivers\ntfs.sys
[2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) MD5=E875C093AEC0C978A90F30C9E0DFBB72 -- C:\Windows\system32\drivers\ntrigdigi.sys
[2008.01.21 03:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=C5DBBCDA07D780BDA9B685DF333BB41E -- C:\Windows\system32\drivers\null.sys
[2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\system32\drivers\nvraid.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\system32\drivers\nvstor.sys
[2008.01.21 03:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) MD5=18BBDF913916B71BD54575BDB6EEAC0B -- C:\Windows\system32\drivers\NV_AGP.SYS
[2009.04.11 05:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=85C44FDFF9CF7E72A40DCB7EC06A4416 -- C:\Windows\system32\drivers\nwifi.sys
[2006.11.02 09:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) MD5=BE32DA025A0BE1878F0EE8D6D9386CD5 -- C:\Windows\system32\drivers\ohci1394.sys
[2009.04.28 10:08:40 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) MD5=AD66BC56DD6A030174C03395B3DC0720 -- C:\Windows\system32\drivers\PAC7302.SYS
[2009.04.11 05:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=99514FAA8DF93D34B5589187DB3AA0BA -- C:\Windows\system32\drivers\pacer.sys
[2008.01.21 03:23:01 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=8A79FDF04A73428597E2CAF9D0D67850 -- C:\Windows\system32\drivers\parport.sys
[2009.04.11 07:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) MD5=57389FA59A36D96B3EB09D0CB91E9CDC -- C:\Windows\system32\drivers\partmgr.sys
[2008.01.21 03:23:01 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=6C580025C81CAF3AE9E3617C22CAD00E -- C:\Windows\system32\drivers\parvdm.sys
[2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) MD5=FD2041E9BA03DB7764B2248F02475079 -- C:\Windows\system32\drivers\pccsmcfd.sys
[2009.04.11 07:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) MD5=941DC1D19E7E8620F40BBC206981EFDB -- C:\Windows\system32\drivers\pci.sys
[2008.01.21 03:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) MD5=FC175F5DDAB666D7F4D17449A547626F -- C:\Windows\system32\drivers\pciide.sys
[2009.04.11 07:32:52 | 000,043,496 | ---- | M] (Microsoft Corporation) MD5=6429D10C5D149AC9EB2D95052A390CFF -- C:\Windows\system32\drivers\pciidex.sys
[2006.11.02 10:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) MD5=E6F3FB1B86AA519E7698AD05E58B04E5 -- C:\Windows\system32\drivers\pcmcia.sys
[2009.05.07 19:48:25 | 000,047,360 | ---- | M] (VSO Software) MD5=5B6C11DE7E839C05248CED8825470FEF -- C:\Windows\system32\drivers\pcouffin.sys
[2006.11.02 10:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) MD5=6349F6ED9C623B44B52EA3C63C831A92 -- C:\Windows\system32\drivers\PEAuth.sys
[2009.04.11 05:42:50 | 000,167,936 | ---- | M] (Microsoft Corporation) MD5=218286724EC530FF252648369E05B090 -- C:\Windows\system32\drivers\portcls.sys
[2008.01.21 03:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=2027293619DD0F047C584CF2E7DF4FFD -- C:\Windows\system32\drivers\processr.sys
[2008.11.20 20:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) MD5=49452BFCEC22F36A7A9B9C2181BC3042 -- C:\Windows\system32\drivers\pxhelp20.sys
[2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) MD5=0A6DB55AFB7820C99AA1F3A1D270F4F6 -- C:\Windows\system32\drivers\ql2300.sys
[2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) MD5=81A7E5C076E59995D54BC1ED3A16E60B -- C:\Windows\system32\drivers\ql40xx.sys
[2008.01.21 03:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9F5E0E1926014D17486901C88ECA2DB7 -- C:\Windows\system32\drivers\qwavedrv.sys
[2008.01.21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\system32\drivers\rasacd.sys
[2008.01.21 03:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=A214ADBAF4CB47DD2728859EF31F26B0 -- C:\Windows\system32\drivers\rasl2tp.sys
[2009.04.11 05:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=509A98DD18AF4375E1FC40BC175F1DEF -- C:\Windows\system32\drivers\raspppoe.sys
[2008.01.21 03:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=ECFFFAEC0C1ECD8DBC77F39070EA1DB1 -- C:\Windows\system32\drivers\raspptp.sys
[2009.04.11 05:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=2005F4A1E05FA09389AC85840F0A9E4D -- C:\Windows\system32\drivers\rassstp.sys
[2009.04.11 05:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) MD5=B14C9D5B9ADD2F84F70570BBBFAA7935 -- C:\Windows\system32\drivers\rdbss.sys
[2008.01.21 03:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=89E59BE9A564262A3FB6C4F4F1CD9899 -- C:\Windows\system32\drivers\RDPCDD.sys
[2008.01.21 03:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) MD5=FBC0BACD9C3D7F6956853F64A66E252D -- C:\Windows\system32\drivers\rdpdr.sys
[2008.01.21 03:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=9D91FE5286F748862ECFFA05F8A0710C -- C:\Windows\system32\drivers\RDPENCDD.sys
[2009.04.11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\system32\drivers\rdpwd.sys
[2009.04.11 05:43:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=6482707F9F4DA0ECBAB43B2E0398A101 -- C:\Windows\system32\drivers\rfcomm.sys
[2009.04.11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) MD5=EEC7EE5675294B03E88AA868540007C1 -- C:\Windows\system32\drivers\rmcast.sys
[2009.04.11 05:46:07 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=D9225D107E40D0FA5C5069446759C8E9 -- C:\Windows\system32\drivers\RNDISMP.sys
[2008.01.21 03:24:49 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=75E8A6BFA7374ABA833AE92BF41AE4E6 -- C:\Windows\system32\drivers\rootmdm.sys
[2008.01.21 03:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=9C508F4074A39E8B4B31D27198146FAD -- C:\Windows\system32\drivers\rspndr.sys
[2009.03.30 16:13:42 | 002,350,624 | ---- | M] (Realtek Semiconductor Corp.) MD5=2E4F8AD76CB1203D68DB6E8F02E4AF74 -- C:\Windows\system32\drivers\RTKVHDA.sys
[2008.11.10 20:26:00 | 000,135,680 | ---- | M] (Realtek Corporation ) MD5=F875E277A79EF9D6F3AC89ABB557A689 -- C:\Windows\system32\drivers\Rtlh86.sys
[2006.11.02 10:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) MD5=3CE8F073A557E172B330109436984E30 -- C:\Windows\system32\drivers\sbp2port.sys
[2008.01.21 03:23:54 | 000,142,904 | ---- | M] (Microsoft Corporation) MD5=6F5CA34AE885645ACF8A20D564DB976C -- C:\Windows\system32\drivers\scsiport.sys
[2006.11.02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\Windows\system32\drivers\secdrv.sys
[2008.01.21 03:23:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=CE9EC966638EF0B10B864DDEDF62A099 -- C:\Windows\system32\drivers\serenum.sys
[2008.01.21 03:23:01 | 000,083,456 | ---- | M] (Microsoft Corporation) MD5=6D663022DB3E7058907784AE14B69898 -- C:\Windows\system32\drivers\serial.sys
[2008.01.21 03:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=8AF3D28A879BF75DB53A0EE7A4289624 -- C:\Windows\system32\drivers\sermouse.sys
[2008.01.21 03:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=3EFA810BDCA87F6ECC24F9832243FE86 -- C:\Windows\system32\drivers\sffdisk.sys
[2008.01.21 03:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=E95D451F7EA3E583AEC75F3B3EE42DC5 -- C:\Windows\system32\drivers\sffp_mmc.sys
[2008.01.21 03:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=3D0EA348784B7AC9EA9BD9F317980979 -- C:\Windows\system32\drivers\sffp_sd.sys
[2006.11.02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\system32\drivers\sfloppy.sys
[2008.01.21 03:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) MD5=1D76624A09A054F682D746B924E2DBC3 -- C:\Windows\system32\drivers\SISAGP.SYS
[2008.01.21 03:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) MD5=43CB7AA756C7DB280D01DA9B676CFDE2 -- C:\Windows\system32\drivers\sisraid2.sys
[2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) MD5=A99C6C8B0BAA970D8AA59DDC50B57F94 -- C:\Windows\system32\drivers\sisraid4.sys
[2009.04.11 05:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=7B75299A4D201D6A6533603D6914AB04 -- C:\Windows\system32\drivers\smb.sys
[2008.01.21 03:24:55 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=A7D7EA1771D2ED6F39A8063E79B6C3E8 -- C:\Windows\system32\drivers\smclib.sys
[2008.01.21 03:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) MD5=7AEBDEEF071FE28B0EEF2CDD69102BFF -- C:\Windows\system32\drivers\spldr.sys
[2009.04.11 03:52:40 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=A7F8BAD9590ADDC425B4003E94780DFA -- C:\Windows\system32\drivers\spsys.sys
[2009.12.28 10:45:56 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
[2011.02.18 15:03:32 | 000,305,152 | ---- | M] (Microsoft Corporation) MD5=41987F9FC0E61ADF54F581E15029AD91 -- C:\Windows\system32\drivers\srv.sys
[2011.04.29 14:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=FF33AFF99564B1AA534F58868CBE41EF -- C:\Windows\system32\drivers\srv2.sys
[2011.04.29 14:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=7605C0E1D01A08F3ECD743F38B834A44 -- C:\Windows\system32\drivers\srvnet.sys
[2009.04.11 07:32:54 | 000,122,344 | ---- | M] (Microsoft Corporation) MD5=47E55AFE1ED1D5AFF09690DB226F4A7A -- C:\Windows\system32\drivers\Storport.sys
[2009.04.11 05:42:47 | 000,052,992 | ---- | M] (Microsoft Corporation) MD5=70A92E46A2F459CDEDE3CA558CB26B6A -- C:\Windows\system32\drivers\stream.sys
[2008.01.21 03:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) MD5=7BA58ECF0C0A9A69D44B3DCA62BECF56 -- C:\Windows\system32\drivers\swenum.sys
[2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) MD5=192AA3AC01DF071B541094F251DEED10 -- C:\Windows\system32\drivers\symc8xx.sys
[2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) MD5=8C8EB8C76736EBAF3B13B633B2E64125 -- C:\Windows\system32\drivers\sym_hi.sys
[2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) MD5=8072AF52B5FD103BBBA387A1E49F62CB -- C:\Windows\system32\drivers\sym_u3.sys
[2008.01.21 03:24:44 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1239FD18895040D97B7CDBC19BC2075E -- C:\Windows\system32\drivers\tape.sys
[2011.09.20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\system32\drivers\tcpip.sys
[2009.12.08 18:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=608C345A255D82A6289C2D468EB41FD7 -- C:\Windows\system32\drivers\tcpipreg.sys
[2008.01.21 03:24:05 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=77937EFF009AC696B90E09F671F9D0A4 -- C:\Windows\system32\drivers\tdi.sys
[2008.01.21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\system32\drivers\tdpipe.sys
[2008.01.21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\system32\drivers\tdtcp.sys
[2009.04.11 05:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=76B06EB8A01FC8624D699E7045303E54 -- C:\Windows\system32\drivers\tdx.sys
[2009.04.11 07:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\system32\drivers\termdd.sys
[2008.01.21 03:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=DCF0F056A2E4F52287264F5AB29CF206 -- C:\Windows\system32\drivers\tssecsrv.sys
[2008.01.21 03:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=CAECC0120AC49E3D2F758B9169872D38 -- C:\Windows\system32\drivers\TUNMP.SYS
[2010.02.18 12:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=300DB877AC094FEAB0BE7688C3454A9C -- C:\Windows\system32\drivers\tunnel.sys
[2008.01.21 03:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) MD5=7D33C4DB2CE363C8518D2DFCF533941F -- C:\Windows\system32\drivers\UAGP35.SYS
[2009.04.11 05:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) MD5=D9728AF68C4C7693CB100B8441CBDEC6 -- C:\Windows\system32\drivers\udfs.sys
[2008.01.21 03:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) MD5=B0ACFDC9E4AF279E9116C03E014B2B27 -- C:\Windows\system32\drivers\ULIAGPKX.SYS
[2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) MD5=9224BB254F591DE4CA8D572A5F0D635C -- C:\Windows\system32\drivers\uliahci.sys
[2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) MD5=8514D0E5CD0534467C5FC61BE94A569F -- C:\Windows\system32\drivers\ulsata.sys
[2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) MD5=38C3C6E62B157A6BC46594FADA45C62B -- C:\Windows\system32\drivers\ulsata2.sys
[2008.01.21 03:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=32CFF9F809AE9AED85464492BF3E32D2 -- C:\Windows\system32\drivers\umbus.sys
[2008.01.21 03:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=88BD96A1BAEED33EE8BDF9499C07A841 -- C:\Windows\system32\drivers\umpass.sys
[2009.04.11 05:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=830D5D8456B822C1247C1E59B4C464FA -- C:\Windows\system32\drivers\usb8023.sys
[2011.05.10 07:06:08 | 000,042,496 | ---- | M] (Apple, Inc.) MD5=83CAFCB53201BBAC04D822F32438E244 -- C:\Windows\system32\drivers\usbaapl.sys
[2009.04.11 05:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=D06F193F3E9CC3B356DF97F6A43C054A -- C:\Windows\system32\drivers\USBCAMD.sys
[2009.04.11 05:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=EAE017D3AA298374A1967B96C379C5AB -- C:\Windows\system32\drivers\USBCAMD2.sys
[2008.01.21 03:23:20 | 000,073,216 | ---- | M] (Microsoft Corporation) MD5=CAF811AE4C147FFCD5B51750C7F09142 -- C:\Windows\system32\drivers\usbccgp.sys
[2006.11.02 09:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) MD5=E9476E6C486E76BC4898074768FB7131 -- C:\Windows\system32\drivers\usbcir.sys
[2008.01.21 03:23:03 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=790FDAC6D0C762DF9047C3C625A6FF6C -- C:\Windows\system32\drivers\usbd.sys
[2009.04.11 05:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=79E96C23A97CE7B8F14D310DA2DB0C9B -- C:\Windows\system32\drivers\usbehci.sys
[2009.04.11 05:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) MD5=4673BBCB006AF60E7ABDDBE7A130BA42 -- C:\Windows\system32\drivers\usbhub.sys
[2006.11.02 09:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=38DBC7DD6CC5A72011F187425384388B -- C:\Windows\system32\drivers\usbohci.sys
[2009.04.11 05:42:57 | 000,226,304 | ---- | M] (Microsoft Corporation) MD5=A1C100A87D981AD0774FBC0B4B82E913 -- C:\Windows\system32\drivers\usbport.sys
[2008.01.21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\system32\drivers\usbprint.sys
[2008.01.21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\system32\drivers\usbscan.sys
[2009.04.11 05:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\system32\drivers\USBSTOR.SYS
[2008.01.21 03:23:03 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=814D653EFC4D48BE3B04A307ECEFF56F -- C:\Windows\system32\drivers\usbuhci.sys
[2008.01.21 03:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=2E93AC0A1D8C79D019DB6C51F036636C -- C:\Windows\system32\drivers\vga.sys
[2008.01.21 03:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=87B06E1F30B749A114F74622D013F8D4 -- C:\Windows\system32\drivers\vgapnp.sys
[2008.01.21 03:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) MD5=5D7159DEF58A800D5781BA3A879627BC -- C:\Windows\system32\drivers\VIAAGP.SYS
[2008.01.21 03:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=C4F3A691B5BAD343E6249BD8C2D45DEE -- C:\Windows\system32\drivers\viac7.sys
[2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) MD5=AADF5587A4063F52C2C3FED7887426FC -- C:\Windows\system32\drivers\viaide.sys
[2008.01.21 03:23:42 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=C048D2C33D27441A0CDCAAE2651EB03D -- C:\Windows\system32\drivers\videoprt.sys
[2006.04.07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) MD5=AE01E1ED5A81E0D268B91B4A6DE5A872 -- C:\Windows\system32\drivers\VNUSB.sys
[2008.01.21 03:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) MD5=69503668AC66C77C6CD7AF86FBDF8C43 -- C:\Windows\system32\drivers\volmgr.sys
[2009.04.11 07:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) MD5=23E41B834759917BFD6B9A0D625D0C28 -- C:\Windows\system32\drivers\volmgrx.sys
[2009.04.11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\system32\drivers\volsnap.sys
[2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=587253E09325E6BF226B299774B728A9 -- C:\Windows\system32\drivers\vsmraid.sys
[2006.11.02 09:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) MD5=48DFEE8F1AF7C8235D4E626F0C4FE031 -- C:\Windows\system32\drivers\wacompen.sys
[2008.01.21 03:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=55201897378CCA7AF8B5EFD874374A26 -- C:\Windows\system32\drivers\wanarp.sys
[2009.04.11 05:22:46 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=4A5C31E2C1646034E6A60EBA4C747FF6 -- C:\Windows\system32\drivers\watchdog.sys
[2008.01.21 03:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) MD5=78FE9542363F297B18C027B2D7E7C07F -- C:\Windows\system32\drivers\wd.sys
[2008.01.21 03:23:51 | 000,503,864 | ---- | M] (Microsoft Corporation) MD5=B6F0A7AD6D4BD325FBCD8BAC96CD8D96 -- C:\Windows\system32\drivers\Wdf01000.sys
[2008.01.21 03:23:51 | 000,035,896 | ---- | M] (Microsoft Corporation) MD5=B4FC6DD9167B058E6DBE6CB14ACFA2CB -- C:\Windows\system32\drivers\WdfLdr.sys
[2008.01.21 03:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=2E7255D172DF0B8283CDFB7B433B864E -- C:\Windows\system32\drivers\wmiacpi.sys
[2008.01.21 03:23:42 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=C546864EED786304762D030FEBF6B411 -- C:\Windows\system32\drivers\wmilib.sys
[2009.10.01 02:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=DE9D36F91A4DF3D911626643DEBF11EA -- C:\Windows\system32\drivers\WpdUsb.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\system32\drivers\ws2ifsl.sys
[2009.07.14 18:45:07 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=6F9B6C0C93232CFF47D0F72D6DB1D21E -- C:\Windows\system32\drivers\WUDFPf.sys
[2009.07.14 18:45:07 | 000,132,224 | ---- | M] (Microsoft Corporation) MD5=F91FF1E51FCA30B3C3981DB7D5924252 -- C:\Windows\system32\drivers\WUDFRd.sys
< >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Historie] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programy] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs -> Junction
[C:\Windows\System32\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Filmy] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Hudba] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Obrázky] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\System32\config\systemprofile\Dokumenty] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\Nabídka Start] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\System32\config\systemprofile\Okolní síť] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Okolní tiskárny] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\System32\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\System32\config\systemprofile\Šablony] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Radek\Desktop\30 Rock - 1x05 - Jack-Tor.avi:TOC.WMV
< End of report >
Ten soubor C:\PhysicalMBR.bin se mi bohužel nepodařilo objevit..
- Přílohy
-
- Extras.zip
- (10.5 KiB) Staženo 34 x
Re: Prosím o radu
Zde je výpis:
========== OTL ==========
Process lvvm.exe killed successfully!
Process 20104.exe killed successfully!
Process FCF.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FCF.exe deleted successfully.
C:\Program Files\LP\0497\FCF.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Run\\FCF.exe deleted successfully.
C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe moved successfully.
File \Users\Radek\AppData\Roaming\0D648\lvvm.exe) -C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe not found.
Registry value HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Radek\AppData\Roaming\7E40D\20104.exe deleted successfully.
File \Users\Radek\AppData\Roaming\7E40D\20104.exe) -C:\Users\Radek\AppData\Roaming\7E40D\20104.exe not found.
C:\Users\Radek\AppData\Roaming\0D648 folder moved successfully.
C:\Users\Radek\AppData\Roaming\7E40D folder moved successfully.
C:\Windows\Tasks\At1.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\FCF.exe not found.
========== FILES ==========
C:\Users\Radek\AppData\Roaming\Microsoft\0497 folder moved successfully.
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.31.0 log created on 12112011_125048
Ovšem prohlížeče začaly hlásit tento problém, musel jsem vypnout "proxy":
Proxy server odmítl spojení
Firefox je nastaven, aby používal proxy server, který odmítá spojení.
Zkontrolujte nastavení proxy serveru.
Kontaktujte svého síťového administrátora, zda je proxy server v provozu.
Ten soubor už se po restartu objevil, výsledek jsem dal do přílohy.
========== OTL ==========
Process lvvm.exe killed successfully!
Process 20104.exe killed successfully!
Process FCF.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FCF.exe deleted successfully.
C:\Program Files\LP\0497\FCF.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\Software\Microsoft\Windows\CurrentVersion\Run\\FCF.exe deleted successfully.
C:\Users\Radek\AppData\Roaming\Microsoft\0497\FCF.exe moved successfully.
File \Users\Radek\AppData\Roaming\0D648\lvvm.exe) -C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe not found.
Registry value HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Radek\AppData\Roaming\0D648\lvvm.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Radek\AppData\Roaming\7E40D\20104.exe deleted successfully.
File \Users\Radek\AppData\Roaming\7E40D\20104.exe) -C:\Users\Radek\AppData\Roaming\7E40D\20104.exe not found.
C:\Users\Radek\AppData\Roaming\0D648 folder moved successfully.
C:\Users\Radek\AppData\Roaming\7E40D folder moved successfully.
C:\Windows\Tasks\At1.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\FCF.exe not found.
========== FILES ==========
C:\Users\Radek\AppData\Roaming\Microsoft\0497 folder moved successfully.
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.31.0 log created on 12112011_125048
Ovšem prohlížeče začaly hlásit tento problém, musel jsem vypnout "proxy":
Proxy server odmítl spojení
Firefox je nastaven, aby používal proxy server, který odmítá spojení.
Zkontrolujte nastavení proxy serveru.
Kontaktujte svého síťového administrátora, zda je proxy server v provozu.
Ten soubor už se po restartu objevil, výsledek jsem dal do přílohy.
- Přílohy
-
- VirusTotal - Free Online Virus, Malware and URL Scanner.pdf
- (547.33 KiB) Staženo 33 x
Re: Prosím o radu
ComboFix 11-12-10.01 - Radek 11.12.2011 13:14:12.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1871 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\LP
c:\users\Radek\AppData\Roaming\chrome.exe
c:\users\Radek\AppData\Roaming\inst.exe
c:\users\Radek\AppData\Roaming\java.exe
c:\users\Radek\AppData\Roaming\vso_ts_preview.xml
c:\users\Radek\AppData\Roaming\wmplayer.exe
c:\windows\system32\AF15BDAEX.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-11 do 2011-12-11 )))))))))))))))))))))))))))))))
.
.
2011-12-11 12:23 . 2011-12-11 12:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-11 11:50 . 2011-12-11 11:50 -------- d-----w- C:\_OTL
2011-12-11 10:31 . 2011-12-11 10:31 512 ----a-w- C:\PhysicalMBR.bin
2011-12-11 09:55 . 2011-12-11 09:56 -------- d-----w- C:\rsit
2011-12-11 09:55 . 2011-12-11 09:56 -------- d-----w- c:\program files\trend micro
2011-12-09 05:41 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{32924320-014E-4A20-B865-DE0407274A36}\mpengine.dll
2011-11-20 10:26 . 2011-11-20 10:26 -------- d-----w- c:\users\Radek\AppData\Roaming\Screenshoter
2011-11-15 10:12 . 2011-11-15 10:12 -------- d-----w- c:\program files\iPod
2011-11-15 10:12 . 2011-11-15 10:13 -------- d-----w- c:\program files\iTunes
2011-11-11 15:39 . 2011-11-11 15:40 -------- d-----w- c:\program files\Czech Soccer Manager 2002 FE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-16 17:32 . 2011-05-16 04:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-20 21:02 . 2011-11-09 08:48 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-18 07:08 . 2010-04-18 07:07 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe
2011-11-10 23:06 . 2011-04-01 11:29 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-30 1833504]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"Nike+ Connect"="c:\program files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [2010-10-01 299008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-12 421736]
.
c:\users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2009-11-18 118784]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Folder Castle Support]
@="Driver Group"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 136176]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 136176]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-05-07 47360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-28 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-04-09 731840]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-04-09 93312]
S2 SZASSIST;SecretZone Assist Service;c:\program files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-19 37560]
S3 mdf15;mdf15;c:\program files\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288]
S3 mvd21;mvd21;c:\program files\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 17:48]
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 17:48]
.
2011-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000Core.job
- c:\users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 05:32]
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000UA.job
- c:\users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 05:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:50808
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 192.168.1.254
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKLM-Run-Toolbar_eula_launcher - c:\install\google\eula\EULALauncher.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-11 13:23
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\users\Radek\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\Software\SecuROM\License information*]
"datasecu"=hex:2c,fc,9f,bc,5f,73,63,f3,dd,05,72,d3,d9,02,3b,06,ac,eb,0b,98,13,
a7,c8,87,ff,24,62,95,2c,3d,dd,ff,05,b6,31,86,49,41,b8,43,4a,c3,16,7a,66,83,\
"rkeysecu"=hex:95,c0,ba,d0,32,0f,9f,ec,ba,1d,c2,d7,3f,05,e4,1d
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-12-11 13:26:38
ComboFix-quarantined-files.txt 2011-12-11 12:26
.
Před spuštěním: Volných bajtů: 266 958 098 432
Po spuštění: Volných bajtů: 306 156 412 928
.
- - End Of File - - 22236E0B3611678F462C2E87AE3309C7
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1871 [GMT 1:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\LP
c:\users\Radek\AppData\Roaming\chrome.exe
c:\users\Radek\AppData\Roaming\inst.exe
c:\users\Radek\AppData\Roaming\java.exe
c:\users\Radek\AppData\Roaming\vso_ts_preview.xml
c:\users\Radek\AppData\Roaming\wmplayer.exe
c:\windows\system32\AF15BDAEX.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-11 do 2011-12-11 )))))))))))))))))))))))))))))))
.
.
2011-12-11 12:23 . 2011-12-11 12:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-11 11:50 . 2011-12-11 11:50 -------- d-----w- C:\_OTL
2011-12-11 10:31 . 2011-12-11 10:31 512 ----a-w- C:\PhysicalMBR.bin
2011-12-11 09:55 . 2011-12-11 09:56 -------- d-----w- C:\rsit
2011-12-11 09:55 . 2011-12-11 09:56 -------- d-----w- c:\program files\trend micro
2011-12-09 05:41 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{32924320-014E-4A20-B865-DE0407274A36}\mpengine.dll
2011-11-20 10:26 . 2011-11-20 10:26 -------- d-----w- c:\users\Radek\AppData\Roaming\Screenshoter
2011-11-15 10:12 . 2011-11-15 10:12 -------- d-----w- c:\program files\iPod
2011-11-15 10:12 . 2011-11-15 10:13 -------- d-----w- c:\program files\iTunes
2011-11-11 15:39 . 2011-11-11 15:40 -------- d-----w- c:\program files\Czech Soccer Manager 2002 FE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-16 17:32 . 2011-05-16 04:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-20 21:02 . 2011-11-09 08:48 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-18 07:08 . 2010-04-18 07:07 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe
2011-11-10 23:06 . 2011-04-01 11:29 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-30 1833504]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"Nike+ Connect"="c:\program files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [2010-10-01 299008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-12 421736]
.
c:\users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2009-11-18 118784]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Folder Castle Support]
@="Driver Group"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 136176]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 136176]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-05-07 47360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-28 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-04-09 731840]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-04-09 93312]
S2 SZASSIST;SecretZone Assist Service;c:\program files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-19 37560]
S3 mdf15;mdf15;c:\program files\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288]
S3 mvd21;mvd21;c:\program files\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 17:48]
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-31 17:48]
.
2011-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000Core.job
- c:\users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 05:32]
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162578933-837445269-2599185901-1000UA.job
- c:\users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 05:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:50808
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 192.168.1.254
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\ziriy8kh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKLM-Run-Toolbar_eula_launcher - c:\install\google\eula\EULALauncher.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-11 13:23
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\users\Radek\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2162578933-837445269-2599185901-1000\Software\SecuROM\License information*]
"datasecu"=hex:2c,fc,9f,bc,5f,73,63,f3,dd,05,72,d3,d9,02,3b,06,ac,eb,0b,98,13,
a7,c8,87,ff,24,62,95,2c,3d,dd,ff,05,b6,31,86,49,41,b8,43,4a,c3,16,7a,66,83,\
"rkeysecu"=hex:95,c0,ba,d0,32,0f,9f,ec,ba,1d,c2,d7,3f,05,e4,1d
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-12-11 13:26:38
ComboFix-quarantined-files.txt 2011-12-11 12:26
.
Před spuštěním: Volných bajtů: 266 958 098 432
Po spuštění: Volných bajtů: 306 156 412 928
.
- - End Of File - - 22236E0B3611678F462C2E87AE3309C7
Re: Prosím o radu
Už to začalo fungovat! Děkuji mnohokrát za rady! Mám s tím dělat ještě něco? Já musím bohužel teď počítač opustit, takže kdyžtak se do toho pustím večer až se vrátím.
Re: Prosím o radu
Provedeno, díky!
Přispějete na provoz fóra?