VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Win 7 Security 2012

https://forum.viry.cz:443/viewtopic.php?t=118275

Stránka 1 z 2

Win 7 Security 2012

Napsal: 01 led 2012 14:34
od Abcak
Včera kolem půlnoci mi naskočil bublina s textem: "Aktualizace dokončena" Ihned poté se zapl nový program Win 7 Security 2012, který nahradil centrum akcí. Hned začal automaticky vyhledávat viry a našel jich 32, přitom před týdnem jsem měl zaplý uplný antivyrový test a ten nenalezl žádnou hrozbu. win 7 Security 2012 mi zabraňuje nainstalovat noví antivirový program nebo program na zničení virů. Pokaždé, když chci zapnout jakýkolic program tak mi to píše že je infikovaný : Trojan-BNK.Win32.Keylogger.gen. to stejné je i když si ze zdravého PC přes flešku donesu instalační program antivirových programu.

Díky za brzkouu odpověd

Re: Win 7 Security 2012

Napsal: 01 led 2012 14:47
od Abcak
Promiň, ale nepochopil jsi mne. Mně nejde vůbec nic spustit, pokaždé tam naskočí že je soubor infikovaný tímto virem: Trojan-BNK.Win32.Keylogger.gen

Re: Win 7 Security 2012

Napsal: 01 led 2012 15:09
od Abcak
Omlouvám se jsem na tohle laik. Jak ten režim zapnu?

Re: Win 7 Security 2012

Napsal: 01 led 2012 15:43
od Abcak
OTL logfile created on: 1.1.2012 15:24:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Pavel\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 82,46% Memory free
3,98 Gb Paging File | 3,66 Gb Available in Paging File | 92,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,81 Gb Total Space | 165,21 Gb Free Space | 55,47% Space Free | Partition Type: NTFS
Drive D: | 2,70 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 7,46 Gb Total Space | 0,62 Gb Free Space | 8,28% Space Free | Partition Type: FAT32

Computer Name: PAVEL-PC | User Name: Pavel | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.01.01 14:43:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
PRC - [2011.12.31 20:52:18 | 000,291,328 | ---- | M] (Microsoft Corporation) -- C:\Users\Pavel\AppData\Local\upl.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.09.05 21:01:38 | 000,106,832 | ---- | M] (SoftGate, s.r.o.) -- C:\Program Files\SoftGate\SoftGate Download Manager\SoftGate.DownloadManagerUI.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.13 02:20:24 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.13 02:20:11 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MOD - [2011.10.13 02:19:59 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.13 02:19:56 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.13 02:19:48 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.13 02:19:43 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2009.07.14 09:43:16 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (avast! Antivirus)
SRV - [2011.08.15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.08.25 07:49:20 | 000,049,152 | ---- | M] (UltiDev LLC) [Auto | Stopped] -- C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe -- (UltiDev Cassini Web Server for ASP.NET 2.0)
SRV - [2010.06.26 23:06:40 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.04.14 10:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Stopped] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


========== Driver Services (SafeList) ==========

DRV - [2011.07.04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.07.04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.07.04 12:32:32 | 000,025,432 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.07.04 12:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.07.04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.11.19 10:23:10 | 000,914,816 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700)
DRV - [2010.07.28 11:09:12 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.13 23:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2008.09.17 13:36:26 | 000,013,824 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modrc.sys -- (MODRC)
DRV - [2008.05.02 09:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.05.02 09:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.05.02 09:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.05.02 09:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2006.03.01 18:51:15 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.02.21 13:48:05 | 000,049,664 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.02.14 15:48:36 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMV0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tsbohemia.cz
IE - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2612669
IE - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMV0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.7.108
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?clien ... e=en_US&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)


[2011.12.31 21:37:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions
[2010.06.25 23:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2011.11.07 19:02:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\extensions
[2010.12.16 17:23:28 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.16 17:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}12162010172328
[2010.08.27 19:40:02 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\extensions\battlefieldheroespatcher@ea.com
[2010.08.29 10:58:22 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\extensions\radiobar@toolbar
[2010.10.18 14:00:43 | 000,002,252 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\searchplugins\askcom.xml
[2010.10.19 16:32:33 | 000,000,950 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\searchplugins\icqplugin-1.xml
[2010.09.16 21:38:12 | 000,000,950 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\searchplugins\icqplugin-2.xml
[2010.06.27 10:11:15 | 000,000,168 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\searchplugins\icqplugin.gif
[2010.06.27 10:11:15 | 000,000,618 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\searchplugins\icqplugin.src
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\searchplugins\icqplugin.xml
[2011.12.31 21:37:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.10.26 12:30:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\USERS\PAVEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8VXYQXNO.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2011.07.04 22:39:33 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMV0.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMV0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files\IMVU_Inc\prxtbIMV0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002..\Run: [OscarEditor] C:\Program Files\OSCAR Editor X7\OscarEditor.exe ()
O4 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002..\Run: [RemoTerm.exe] C:\Program Files\Common Files\PCTV Systems\RemoTerm\remoterm.exe (PCTV Systems S.à r.l.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1F60D0D-1FC3-40AD-9BBB-1940E6023D17}: DhcpNameServer = 192.168.10.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004.02.15 16:20:09 | 000,000,058 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{6f47c1a1-809b-11df-941a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6f47c1a1-809b-11df-941a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\FarCryAutoCD.exe -- [2004.04.23 10:09:29 | 003,231,744 | R--- | M] (Crytek)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3654916310-1201210475-2310256920-1002\...exe [@ = 0i4] -- "C:\Users\Pavel\AppData\Local\upl.exe" -a "%1" %* (Microsoft Corporation)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2012.01.01 14:45:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2011.12.31 22:00:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.12.31 20:52:18 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Users\Pavel\AppData\Local\upl.exe
[2011.12.31 17:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2011.12.31 15:53:08 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Application Data
[2011.12.29 19:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
[2011.12.29 12:40:40 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Creative Assembly
[2011.12.27 00:25:36 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\DivX
[2011.12.25 01:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sanny Builder 3
[2011.12.22 19:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.12.22 19:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.12.18 18:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011.12.17 15:46:44 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\PCTV Systems
[2011.12.17 15:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTV Systems
[2011.12.17 15:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\PCTV Systems
[2011.12.17 15:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCTV Systems
[2011.12.17 15:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems
[2011.12.17 15:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011.12.17 15:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011.12.14 13:41:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.12.14 13:41:13 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.12.14 13:41:13 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.12.14 13:41:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.12.14 13:41:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.14 13:41:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.12.14 13:41:12 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.14 13:41:12 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.12.14 13:41:12 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.14 13:41:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.14 13:41:12 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.12.14 13:41:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.12.14 13:39:46 | 002,340,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.12.14 13:39:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.12.14 13:39:37 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.12.14 13:39:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011.12.14 13:39:34 | 003,957,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.12.14 13:39:34 | 003,901,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.12.09 18:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011.12.09 18:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011.12.09 18:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011.12.03 17:01:07 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\GTA San Andreas Crack
[2011.12.03 16:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011.12.03 16:26:15 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2011.12.03 16:01:10 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\GTA
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.01.01 15:25:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.01 15:19:33 | 000,011,280 | -HS- | M] () -- C:\Users\Pavel\AppData\Local\v4i7rk6gq0374i6162f0a3o28lp28gpxxrqu33
[2012.01.01 15:19:33 | 000,011,280 | -HS- | M] () -- C:\ProgramData\v4i7rk6gq0374i6162f0a3o28lp28gpxxrqu33
[2012.01.01 15:18:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.01 15:18:44 | 1602,347,008 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.01 15:16:44 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\iMeshNAG.job
[2012.01.01 14:43:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2012.01.01 14:38:08 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.01 14:38:08 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.01 14:31:15 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.01 13:28:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.01 03:35:59 | 000,634,308 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.01.01 03:35:59 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.01 03:35:59 | 000,122,898 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.01.01 03:35:59 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.31 21:12:02 | 000,502,712 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.31 20:52:18 | 000,291,328 | ---- | M] (Microsoft Corporation) -- C:\Users\Pavel\AppData\Local\upl.exe
[2011.12.31 17:33:08 | 000,000,611 | ---- | M] () -- C:\Users\Public\Desktop\Far Cry.lnk
[2011.12.31 15:54:43 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.12.21 13:08:28 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.12.18 18:49:48 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.12.18 18:49:48 | 000,001,810 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.12.17 15:40:58 | 000,002,431 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Vyhledat aktualizace.lnk
[2011.12.17 15:40:58 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\TVCenter.lnk
[2011.12.15 19:03:34 | 000,619,898 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2011.12.06 23:46:00 | 000,000,590 | ---- | M] () -- C:\Users\Pavel\Documents\cc_20111206_234557.reg
[2011.12.06 23:45:46 | 000,017,316 | ---- | M] () -- C:\Users\Pavel\Documents\cc_20111206_234541.reg
[2011.12.03 16:57:33 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.01 15:25:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.31 20:52:24 | 000,011,280 | -HS- | C] () -- C:\Users\Pavel\AppData\Local\v4i7rk6gq0374i6162f0a3o28lp28gpxxrqu33
[2011.12.31 20:52:24 | 000,011,280 | -HS- | C] () -- C:\ProgramData\v4i7rk6gq0374i6162f0a3o28lp28gpxxrqu33
[2011.12.31 17:33:08 | 000,000,611 | ---- | C] () -- C:\Users\Public\Desktop\Far Cry.lnk
[2011.12.18 18:49:48 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.12.17 15:41:40 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.12.17 15:40:58 | 000,002,431 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Vyhledat aktualizace.lnk
[2011.12.17 15:40:58 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\TVCenter.lnk
[2011.12.09 18:48:55 | 000,001,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011.12.06 23:45:59 | 000,000,590 | ---- | C] () -- C:\Users\Pavel\Documents\cc_20111206_234557.reg
[2011.12.06 23:45:44 | 000,017,316 | ---- | C] () -- C:\Users\Pavel\Documents\cc_20111206_234541.reg
[2011.07.31 15:57:02 | 000,025,432 | ---- | C] () -- C:\Windows\System32\drivers\aswRdr.sys
[2011.07.24 14:40:44 | 000,016,864 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.07.01 21:03:48 | 000,007,680 | ---- | C] () -- C:\Users\Pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.22 21:18:46 | 000,020,480 | ---- | C] () -- C:\Windows\System32\H@tKeysH@@k.DLL
[2010.10.25 18:03:44 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010.10.24 09:05:30 | 000,000,019 | ---- | C] () -- C:\Windows\D.ini
[2010.08.24 07:12:54 | 000,000,500 | ---- | C] () -- C:\Windows\eReg.dat
[2010.08.02 16:31:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.08.02 07:42:11 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.08.02 07:42:11 | 000,138,056 | ---- | C] () -- C:\Users\Pavel\AppData\Roaming\PnkBstrK.sys
[2010.08.02 07:41:50 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.08.02 07:41:46 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.08.02 07:41:46 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.07.03 19:19:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.06.29 18:06:08 | 000,000,048 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.11.18 10:26:38 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009.11.18 10:01:47 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2009.07.14 09:44:22 | 000,634,308 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 09:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 09:44:22 | 000,122,898 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 09:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,502,712 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,618,714 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,107,034 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008.12.17 23:30:06 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.12.17 23:30:06 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007.09.06 01:01:22 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007.08.23 17:55:34 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2002.10.15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2011.03.17 19:38:20 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\602Installer
[2011.03.17 19:38:23 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\602XML
[2011.07.21 17:21:14 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\AVG10
[2010.10.18 15:57:44 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\IrfanView
[2011.02.02 22:59:20 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\SoftGate
[2011.07.18 13:44:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\AVG10
[2011.11.07 21:31:37 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\AVI ReComp
[2010.09.12 17:56:19 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2011.07.13 15:09:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\go
[2011.10.20 21:15:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Hornil
[2011.12.31 21:10:01 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ICQ
[2011.01.24 19:02:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\IrfanView
[2011.09.21 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Jane s Hotel 3
[2010.07.03 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Leadertech
[2011.12.31 11:17:39 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Opera
[2011.09.11 15:57:42 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Red Alert 3
[2011.09.10 21:44:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Red Alert 3 Demo
[2011.11.09 16:51:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Serif
[2010.12.21 08:23:54 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\SoftGate
[2011.05.14 16:55:12 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TS3Client
[2010.06.26 16:58:06 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Vivox
[2012.01.01 15:16:44 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\iMeshNAG.job
[2011.11.18 08:05:42 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
"OscarEditor" = "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum -- [2010.07.22 14:18:08 | 002,636,800 | ---- | M] ()
"ISUSPM Startup" = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -- [2004.06.16 05:03:26 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.10.13 08:27:14 | 017,351,304 | R--- | M] (Skype Technologies S.A.)
"RemoTerm.exe" = C:\Program Files\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe -- [2009.09.02 16:29:58 | 000,218,384 | ---- | M] (PCTV Systems S.à r.l.)

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc /s >
"DisplayName" = @%SystemRoot%\system32\cryptsvc.dll,-1001
"ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\cryptsvc.dll,-1002
"ObjectName" = NT Authority\NetworkService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = RpcSs [binary data] -- [2009.07.14 02:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation)
"ServiceSidType" = 1
"RequiredPrivileges" = [Binary data over 100 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Parameters]
"ServiceDll" = %SystemRoot%\system32\cryptsvc.dll -- [2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation)
"ServiceMain" = CryptServiceMain
"ServiceDllUnloadOnStop" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Security]
"Security" = 00 00 0E 00 01 [binary data]

< >


< MD5 for: ACPI.SYS >
[2010.11.20 13:29:15 | 000,274,304 | ---- | M] (Microsoft Corporation) MD5=CEA80C80BED809AA0DA6FEBC04733349 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_acpi.inf_31bf3856ad364e35_6.1.7601.17514_none_24902def2c49e853\acpi.sys
[2009.07.14 02:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) MD5=F0E07D144C8685B8774BC32FC8DA4DF0 -- C:\Windows\System32\drivers\acpi.sys
[2009.07.14 02:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) MD5=F0E07D144C8685B8774BC32FC8DA4DF0 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_x86_neutral_ddd3c514822f1b21\acpi.sys
[2009.07.14 02:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) MD5=F0E07D144C8685B8774BC32FC8DA4DF0 -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.1.7600.16385_none_225f1a272f5b64b9\acpi.sys

< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CMD.EXE >
[2009.07.14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) MD5=8AE6DD9A6D246004DA047F704F0CC487 -- C:\Windows\System32\cmd.exe
[2009.07.14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) MD5=8AE6DD9A6D246004DA047F704F0CC487 -- C:\Windows\winsxs\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7600.16385_none_8ae31ce07bb01ee0\cmd.exe
[2010.11.20 13:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) MD5=AD7B9C14083B52BC532FBA5948342B98 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_8d1430a8789ea27a\cmd.exe

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\System32\drivers\fastfat.sys
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_ae8981a3b8b7be50\fastfat.sys

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: I8042PRT.SYS >
[2009.07.14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\drivers\i8042prt.sys
[2009.07.14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_0c4a1880f2aa5a72\i8042prt.sys
[2009.07.14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\i8042prt.sys
[2009.07.14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\i8042prt.sys
[2009.07.14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\i8042prt.sys
[2009.07.14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\i8042prt.sys

< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2009.07.14 02:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) MD5=ADEF52CA1AEAE82B50DF86B56413107E -- C:\Windows\System32\drivers\kbdclass.sys
[2009.07.14 02:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) MD5=ADEF52CA1AEAE82B50DF86B56413107E -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_0c4a1880f2aa5a72\kbdclass.sys
[2009.07.14 02:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) MD5=ADEF52CA1AEAE82B50DF86B56413107E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\kbdclass.sys
[2009.07.14 02:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) MD5=ADEF52CA1AEAE82B50DF86B56413107E -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\kbdclass.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NTFS.SYS >
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\System32\drivers\ntfs.sys
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010.11.20 13:30:06 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009.07.14 02:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011.03.11 06:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011.03.11 06:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2011.03.11 06:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: REGEDIT.EXE >
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.20 05:25:14 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=2FB4CE429488156B19C0D8E5C4552043 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe
[2009.07.14 02:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010.11.20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\System32\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USER32.DLL >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WIN32K.SYS >
[2011.11.24 05:21:21 | 002,350,080 | ---- | M] (Microsoft Corporation) MD5=02BFBA93CCF65EDD3BE36AFBD1551987 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21866_none_bb507535120d3b46\win32k.sys
[2011.06.11 03:40:56 | 002,341,376 | ---- | M] (Microsoft Corporation) MD5=124B16EC7B6EFEE21F2B6AF9930C5D9D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20983_none_b951759314f9be10\win32k.sys
[2010.10.20 04:00:24 | 002,327,552 | ---- | M] (Microsoft Corporation) MD5=2A289486AC840210526D55F457DDB03C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16691_none_b8bb047bfbe60d3b\win32k.sys
[2010.06.19 05:13:29 | 002,327,552 | ---- | M] (Microsoft Corporation) MD5=2DD6DCA5E68661380FC13F73D854618A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20738_none_b98c82d514ccb6c0\win32k.sys
[2011.09.06 03:28:37 | 002,334,720 | ---- | M] (Microsoft Corporation) MD5=316B6B871CD99CDBBA3813EFB5D3593F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17685_none_bab03661f900bce0\win32k.sys
[2009.07.14 00:26:52 | 002,326,528 | ---- | M] (Microsoft Corporation) MD5=34999766FBCAB11BA5C4D26CE0378903 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16385_none_b8c9cfddfbda5f31\win32k.sys
[2011.01.05 04:35:48 | 002,330,624 | ---- | M] (Microsoft Corporation) MD5=5C9B4781279418319F999D75379166EB -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21634_none_bb6ee09911f6ba77\win32k.sys
[2011.03.03 04:49:55 | 002,340,352 | ---- | M] (Microsoft Corporation) MD5=5EB944CB356805A9D17932D26D87BBBC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20914_none_b99e255114c013d0\win32k.sys
[2011.09.29 04:37:56 | 002,341,888 | ---- | M] (Microsoft Corporation) MD5=68086561B077267552496314B3730BAA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17697_none_baa76709f9070b7f\win32k.sys
[2010.11.20 10:09:20 | 002,329,088 | ---- | M] (Microsoft Corporation) MD5=687464342342B933D6B7FAA4A907AF4C -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_bafae3a5f8c8e2cb\win32k.sys
[2011.03.03 04:31:32 | 002,331,136 | ---- | M] (Microsoft Corporation) MD5=6941E265224A6A3C9F5F116696190B14 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16772_none_b8d1a683fbd4ebd7\win32k.sys
[2011.09.06 04:46:28 | 002,342,400 | ---- | M] (Microsoft Corporation) MD5=6C6EBCFCBCB1416C8E6C9E316C61AABA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21811_none_bb81835f11e930de\win32k.sys
[2011.06.11 03:29:25 | 002,334,208 | ---- | M] (Microsoft Corporation) MD5=7057358F26265EB5DEE28ED36C504D7A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17630_none_bae1448bf8dcb278\win32k.sys
[2011.09.29 05:49:54 | 002,349,568 | ---- | M] (Microsoft Corporation) MD5=7D19B17342D31690A1F1F0668A383385 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21828_none_bb7db57911eafe30\win32k.sys
[2011.11.24 05:23:31 | 002,340,352 | ---- | M] (Microsoft Corporation) MD5=7FB4FC007502796CA9C23E2DE37AF966 -- C:\Windows\System32\win32k.sys
[2011.11.24 05:23:31 | 002,340,352 | ---- | M] (Microsoft Corporation) MD5=7FB4FC007502796CA9C23E2DE37AF966 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16920_none_b905b957fbae27c2\win32k.sys
[2010.05.01 15:38:59 | 002,327,040 | ---- | M] (Microsoft Corporation) MD5=8C90AB796EFEB63FD079D0323BC3E52B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20704_none_b9a8f17114b7fd91\win32k.sys
[2011.09.29 04:35:42 | 002,349,056 | ---- | M] (Microsoft Corporation) MD5=8EC950ADC497690D344DFA8B489A30B5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21060_none_b963ecaf14ec6d6b\win32k.sys
[2011.06.11 03:37:19 | 002,332,672 | ---- | M] (Microsoft Corporation) MD5=950D9E5CBB7D7307A4AE199B10C73FE3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16830_none_b8fae785fbb6468c\win32k.sys
[2011.01.05 04:37:38 | 002,329,088 | ---- | M] (Microsoft Corporation) MD5=99C83825A46B97CE5F69586D23F928B1 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16732_none_b8fce633fbb47c13\win32k.sys
[2011.09.29 05:20:25 | 002,339,840 | ---- | M] (Microsoft Corporation) MD5=9FEFA3577816CE56046A88E7AF46DFD4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16889_none_b8cdda83fbd6b650\win32k.sys
[2010.09.01 03:34:52 | 002,327,552 | ---- | M] (Microsoft Corporation) MD5=B1CA529E534D6B1607D5ABDAE570744F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16667_none_b8e175fbfbc85172\win32k.sys
[2011.06.11 04:28:14 | 002,341,888 | ---- | M] (Microsoft Corporation) MD5=B50256D1F720191264F0F7425942DBD9 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21744_none_bb64129311fed38f\win32k.sys
[2011.11.24 05:26:56 | 002,349,568 | ---- | M] (Microsoft Corporation) MD5=BCA764B7CB22449A803D4149F5028A97 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21097_none_b94a7ef114fe729f\win32k.sys
[2011.03.03 04:18:52 | 002,340,864 | ---- | M] (Microsoft Corporation) MD5=C750F2271D87EB809ADD947A7C56FF1C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21673_none_bb42a09f121810e4\win32k.sys
[2010.09.01 07:16:51 | 002,328,064 | ---- | M] (Microsoft Corporation) MD5=C78BEE7964C8D99180B9D19EDF6F53CE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20792_none_b945a1911502c65c\win32k.sys
[2011.09.06 03:29:33 | 002,341,376 | ---- | M] (Microsoft Corporation) MD5=CECF871EE0D4E92440175EBCE24F1F5E -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.21046_none_b97f8e4314d6cd93\win32k.sys
[2011.01.05 04:36:49 | 002,330,112 | ---- | M] (Microsoft Corporation) MD5=D1F9C481FD1410D92036605CFD54DC84 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20873_none_b95c439914f1a4f8\win32k.sys
[2011.03.03 04:42:34 | 002,333,184 | ---- | M] (Microsoft Corporation) MD5=D5E6EDABF7B7DCD7FC7E1C173F9901FA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17570_none_bab602f5f8fd2515\win32k.sys
[2011.11.24 05:25:27 | 002,342,912 | ---- | M] (Microsoft Corporation) MD5=DE73113D7FBE0C48B4DCD63E1D56184A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17730_none_bae14671f8dcaf9f\win32k.sys
[2011.09.06 03:38:14 | 002,332,672 | ---- | M] (Microsoft Corporation) MD5=E6A94C3E7AF173F76186FA759BAC539C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16878_none_b8d7aa25fbcf8108\win32k.sys
[2011.01.05 04:51:01 | 002,330,624 | ---- | M] (Microsoft Corporation) MD5=EC67D8A1DE09BC61300FD2245E37620B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17535_none_bae64417f8d83404\win32k.sys
[2010.10.20 03:54:54 | 002,329,088 | ---- | M] (Microsoft Corporation) MD5=F0B5915007EEBCE94616C5E235206BF6 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.20821_none_b99052a114cae695\win32k.sys
[2010.05.01 15:49:25 | 002,326,528 | ---- | M] (Microsoft Corporation) MD5=F4CFFCE8B56D8FD895CA505A98EAE018 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16585_none_b8c9d3a9fbda597f\win32k.sys
[2010.06.19 05:07:18 | 002,326,016 | ---- | M] (Microsoft Corporation) MD5=F97031D1F370E3A82F2B684BB426CF87 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.1.7600.16617_none_b9178597fb9fc5bd\win32k.sys

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

Re: Win 7 Security 2012

Napsal: 01 led 2012 15:44
od Abcak
< MD5 for: WINSRV.DLL >
[2011.07.16 05:37:32 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=008F51AE989C3DF1CBAF8B39DC423CCC -- C:\Windows\System32\winsrv.dll
[2011.07.16 05:37:32 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=008F51AE989C3DF1CBAF8B39DC423CCC -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16850_none_b6706495fd94ea59\winsrv.dll
[2011.06.24 05:27:01 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=183B4188D5D91B271613EC3EFD1B3CEF -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_b86291d1fab253ab\winsrv.dll
[2011.06.02 06:59:55 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=5D64830655890B64D717392CFE4CEDA7 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16823_none_b693d537fd79e28b\winsrv.dll
[2011.06.03 07:04:17 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=69DE8C799BA07A0EF6B834F76B4C0711 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20978_none_b6ec63d916bb8cbd\winsrv.dll
[2009.07.14 02:16:19 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=827E4F75901CA3F990B1487D3301841E -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16385_none_b654ecc5fda8cb1c\winsrv.dll
[2011.06.03 08:19:33 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=83873E04B9C4192C7CC06C2BBAD6B85D -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_b8fe008f13c188e5\winsrv.dll
[2011.05.14 07:35:55 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=955CDF38E16B659DD7E1DF48C75E962C -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.16816_none_b6a1a601fd6f129f\winsrv.dll
[2010.11.20 13:21:36 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=A9F564F254E9DDDE120A7135767EC24B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_b886008dfa974eb6\winsrv.dll
[2011.06.24 07:05:56 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=AB00D1D5B8C4D59D641A626240E90589 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_b8e6602313d38e19\winsrv.dll
[2011.06.24 05:31:50 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=BA5584A89EEB75FC2942CFD7C90766F7 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7600.20995_none_b6d3c32316ce789a\winsrv.dll
[2011.05.14 07:30:30 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=BA64A75A87C78D60D2A5919F5FB6A90A -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17617_none_b8890351fa9497e2\winsrv.dll
[2011.05.14 08:43:29 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=C47DE705BE85D4E6D7FC24E8F86B3612 -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21728_none_b908d07b13b96cf4\winsrv.dll
[2011.06.03 07:01:04 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=EFCAEF8437ED81CE4AEF7465011D090C -- C:\Windows\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_b87c32d1fa9e8125\winsrv.dll

< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006.10.26 18:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
[2009.07.14 02:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009.07.14 09:43:31 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\Spool\prtprocs\*.* /s >
[2009.07.14 02:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2006.10.26 18:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
[2009.07.14 02:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\winprint.dll
[2009.07.14 09:43:31 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /10 >

< %systemroot%\system32\drivers\*.sys /X >
[1999.11.02 10:01:32 | 000,006,173 | ---- | M] () -- C:\Windows\system32\drivers\Entech.vxd
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009.06.10 22:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.08.07 18:16:33 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[2009.11.18 09:59:08 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.07.13 15:58:33 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /10 >
[2012.01.01 14:38:08 | 000,014,816 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.01 14:38:08 | 000,014,816 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.31 21:12:02 | 000,502,712 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2012.01.01 03:35:59 | 000,122,898 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.01.01 03:35:59 | 000,107,034 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.01.01 03:35:59 | 000,634,308 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.01.01 03:35:59 | 000,618,714 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.01.01 03:35:59 | 001,478,586 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.* /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job >
[2012.01.01 14:31:15 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.01.01 13:28:00 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.01.01 15:16:44 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\iMeshNAG.job

< %systemroot%\*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\376fc3e3\c0362a59\*.tmp files -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\376fc3e3\c0362a59\*.tmp -> ]
[1 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\93a10de6\c715adc6\*.tmp files -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\93a10de6\c715adc6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\537ab976666a76e993668ec972deb307\*.tmp files -> C:\Windows\SoftwareDistribution\Download\537ab976666a76e993668ec972deb307\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %systemroot%\*. /rp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Nabídka Start\*.lnk /x >

< %ALLUSERSPROFILE%\Data Aplikácií\*.* >

< %ALLUSERSPROFILE%\Data Aplikácií\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %APPDATA%\*. >
[2010.06.25 22:26:10 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Adobe
[2011.07.18 13:44:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\AVG10
[2011.11.07 21:31:37 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\AVI ReComp
[2010.09.12 17:56:19 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2011.12.27 00:25:36 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DivX
[2011.07.13 15:09:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\go
[2011.10.20 21:15:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Hornil
[2011.12.31 21:10:01 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ICQ
[2010.06.25 21:02:03 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Identities
[2011.01.24 19:02:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\IrfanView
[2011.09.21 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Jane s Hotel 3
[2010.07.03 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Leadertech
[2010.06.25 22:26:10 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Macromedia
[2009.07.14 10:19:24 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Media Center Programs
[2011.11.29 17:46:40 | 000,000,000 | --SD | M] -- C:\Users\Pavel\AppData\Roaming\Microsoft
[2010.06.25 21:23:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Mozilla
[2011.12.31 11:17:39 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Opera
[2011.09.11 15:57:42 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Red Alert 3
[2011.09.10 21:44:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Red Alert 3 Demo
[2010.10.10 19:02:26 | 000,000,000 | RH-D | M] -- C:\Users\Pavel\AppData\Roaming\SecuROM
[2011.11.09 16:51:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Serif
[2012.01.01 15:14:53 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Skype
[2011.05.28 15:02:41 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\skypePM
[2010.12.21 08:23:54 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\SoftGate
[2010.10.13 18:11:19 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\teamspeak2
[2011.05.14 16:55:12 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TS3Client
[2010.06.26 16:58:06 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Vivox
[2010.07.03 18:12:32 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2010.12.17 21:40:08 | 000,138,056 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\PnkBstrK.sys

< %APPDATA%\*.exe /s >
[2011.11.10 15:54:19 | 000,003,638 | R--- | M] () -- C:\Users\Pavel\AppData\Roaming\Microsoft\Installer\{40247AAC-AB0D-449C-882F-90401C3351E8}\_69525f90.exe
[2010.10.23 08:02:45 | 000,010,134 | R--- | M] () -- C:\Users\Pavel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.12.21 08:23:08 | 000,004,286 | R--- | M] () -- C:\Users\Pavel\AppData\Roaming\Microsoft\Installer\{D6615307-A73A-49C5-B90F-D97E027F034A}\_6FEFF9B68218417F98F549.exe
[2010.08.19 22:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\8vxyqxno.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32|bak;true;false;false /fp >

< %PROGRAMFILES%|bak;true;false;false /fp >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.11.05 05:38:00 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=8ED7C19AEFA3673AADB0D6864B03FBCE -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2011.04.18 07:31:28 | 000,941,936 | ---- | M] (Opera Software) MD5=A1751C5FB748F3408093EC26D447856A -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-15 02:03:11

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.07.14 02:14:59 | 000,039,936 | ---- | M] (Microsoft Corporation)
"StateIndex" = 1

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" /v Windows /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\SUBSYSTEMS
WINDOWS REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< >

< type c:\boot.ini >> test.txt /c >

< bcdedit /enum all /v >C:\boot.txt /c >
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
default {f67d8732-d41e-11de-b777-d0cad2872b36}
resumeobject {f67d8731-d41e-11de-b777-d0cad2872b36}
displayorder {f67d8732-d41e-11de-b777-d0cad2872b36}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {f67d8732-d41e-11de-b777-d0cad2872b36}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence {f67d8737-d41e-11de-b777-d0cad2872b36}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {f67d8731-d41e-11de-b777-d0cad2872b36}
nx OptIn
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {f67d8737-d41e-11de-b777-d0cad2872b36}
device ramdisk=[C:]\Recovery\f67d8737-d41e-11de-b777-d0cad2872b36\Winre.wim,{f67d8738-d41e-11de-b777-d0cad2872b36}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice ramdisk=[C:]\Recovery\f67d8737-d41e-11de-b777-d0cad2872b36\Winre.wim,{f67d8738-d41e-11de-b777-d0cad2872b36}
systemroot \windows
nx OptIn
winpe Yes
custom:46000010 Yes
Obnovenˇ z hibernace
---------------------
identifik tor {f67d8731-d41e-11de-b777-d0cad2872b36}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {1afa9c49-16ab-4a5c-901b-212802da9460}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No
Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {b2721d73-1db4-4c62-bf78-c548a880142d}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
badmemoryaccess Yes
Nastavenˇ slu§by EMS
------------
identifik tor {0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
bootems Yes
Nastavenˇ ladicˇho programu
-----------------
identifik tor {4636856e-540f-4170-a130-a84776f4c654}
debugtype Serial
debugport 1
baudrate 115200
Chyby pamŘti RAM
-----------
identifik tor {5189b25c-5558-4bf2-bca4-289b11bd29e2}
Glob lnˇ nastavenˇ
---------------
identifik tor {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
inherit {4636856e-540f-4170-a130-a84776f4c654}
{0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
{5189b25c-5558-4bf2-bca4-289b11bd29e2}
Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
{7ff607e0-4395-11db-b0de-0800200c9a66}
Nastavenˇ hypervisoru
-------------------
identifik tor {7ff607e0-4395-11db-b0de-0800200c9a66}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {1afa9c49-16ab-4a5c-901b-212802da9460}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
Parametry zaýˇzenˇ
--------------
identifik tor {f67d8738-d41e-11de-b777-d0cad2872b36}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\f67d8737-d41e-11de-b777-d0cad2872b36\boot.sdi

< type C:\boot.txt >> test1.txt /c >

< echo list vol > C:\prikaz.txt | diskpart /s C:\prikaz.txt > C:\test2.txt /c >
Microsoft DiskPart verze 6.1.7600
Copyright (C) 1999-2008 Microsoft Corporation.
V poźˇtaźi: PAVEL-PC
Svazek ### Ltr Jmenovka Fs Typ Velikost Stav Info
---------- --- ----------- ----- ---------- -------- --------- --------
Svazek 0 D FAR CRY_01 CDFS DVD-ROM 2768 MB V poý dku
Svazek 1 Rezervov no NTFS Oddˇl 283 MB V poý dku Syst‚m
Svazek 2 C NTFS Oddˇl 297 GB V poý dku SpouçtŘc
Svazek 3 F KINGSTON FAT32 VymŘniteln 7652 MB V poý dku

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.01 15:25:12 | 000,000,512 | ---- | M] () MD5=D59A836CDF7FD4F24F6304E5F7F79C88 -- C:\PhysicalMBR.bin

< %systemroot%\system32\drivers\*.sys /md5 >
[2009.07.14 00:51:21 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FBCE2F43185104AE8BF4D32571B19203 -- C:\Windows\system32\drivers\1394bus.sys
[2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=6D2ACA41739BFE8CB86EE8E85F29697D -- C:\Windows\system32\drivers\1394ohci.sys
[2009.07.14 02:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) MD5=F0E07D144C8685B8774BC32FC8DA4DF0 -- C:\Windows\system32\drivers\acpi.sys
[2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=98D81CA942D19F7D9153B095162AC013 -- C:\Windows\system32\drivers\acpipmi.sys
[2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) MD5=21E785EBD7DC90A06391141AAC7892FB -- C:\Windows\system32\drivers\adp94xx.sys
[2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) MD5=0C676BC278D5B59FF5ABD57BBE9123F2 -- C:\Windows\system32\drivers\adpahci.sys
[2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) MD5=7C7B5EE4B7B822EC85321FE23A27DB33 -- C:\Windows\system32\drivers\adpu320.sys
[2011.04.25 03:35:40 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=0DB7A48388D54D154EBEC120461A0FCD -- C:\Windows\system32\drivers\afd.sys
[2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=57EC4AEF73660166074D8F7F31C0D4FD -- C:\Windows\system32\drivers\agilevpn.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\system32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) MD5=0D40BCF52EA90FC7DF2AEAB6503DEA44 -- C:\Windows\system32\drivers\aliide.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=3C6600A0696E90A463771C7422E23AB5 -- C:\Windows\system32\drivers\AMDAGP.SYS
[2009.07.14 02:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) MD5=CD5914170297126B6266860198D1D4F0 -- C:\Windows\system32\drivers\amdide.sys
[2009.07.14 00:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=00DDA200D71BAC534BF56A9DB5DFD666 -- C:\Windows\system32\drivers\amdk8.sys
[2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=3CBF30F5370FDA40DD3E87DF38EA53B6 -- C:\Windows\system32\drivers\amdppm.sys
[2011.03.11 06:43:46 | 000,080,256 | ---- | M] (Advanced Micro Devices) MD5=19CE906B4CDC11FC4FEF5745F33A63B6 -- C:\Windows\system32\drivers\amdsata.sys
[2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) MD5=EA43AF0C423FF267355F74E7A53BDABA -- C:\Windows\system32\drivers\amdsbs.sys
[2011.03.11 06:43:46 | 000,022,400 | ---- | M] (Advanced Micro Devices) MD5=869E67D66BE326A5A9159FBA8746FA70 -- C:\Windows\system32\drivers\amdxata.sys
[2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FEB834C02CE1E84B6A38F953CA067706 -- C:\Windows\system32\drivers\appid.sys
[2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) MD5=2932004F49677BD84DBC72EDB754FFB3 -- C:\Windows\system32\drivers\arc.sys
[2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) MD5=5D6F36C46FD283AE1B57BD2E9FEB0BC7 -- C:\Windows\system32\drivers\arcsas.sys
[2011.07.04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software) MD5=861CB512E4E850E87DD2316F88D69330 -- C:\Windows\system32\drivers\aswFsBlk.sys
[2011.07.04 12:32:20 | 000,054,104 | ---- | M] (AVAST Software) MD5=FF83C93AEEE8B0CF4B464CA667A67ACD -- C:\Windows\system32\drivers\aswMonFlt.sys
[2011.07.04 12:32:32 | 000,025,432 | ---- | M] () MD5=AA96492DF3A150BF0741F7D5201E7DD0 -- C:\Windows\system32\drivers\aswRdr.sys
[2011.07.04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software) MD5=17230708A2028CD995656DF455F2E303 -- C:\Windows\system32\drivers\aswSnx.sys
[2011.07.04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software) MD5=DBEDD9D43B00630966EF05D2D8D04CEE -- C:\Windows\system32\drivers\aswSP.sys
[2009.07.14 00:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=ADD2ADE1C2B285AB8378D2DAAF991481 -- C:\Windows\system32\drivers\asyncmac.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\system32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,133,200 | ---- | M] (Microsoft Corporation) MD5=BCA15585EFDDE7EBA8568BDFB75983A3 -- C:\Windows\system32\drivers\ataport.sys
[2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) MD5=BD8869EB9CDE6BBE4508D869929869EE -- C:\Windows\system32\drivers\b57nd60x.sys
[2009.07.14 02:26:15 | 000,025,168 | ---- | M] (Microsoft Corporation) MD5=2B8EE031FD700AB942EBE60665440E83 -- C:\Windows\system32\drivers\battc.sys
[2009.07.14 00:51:23 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=195F3A7A28A63AA819A551E8B09EC3B6 -- C:\Windows\system32\drivers\BdaSup.sys
[2009.07.14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\system32\drivers\beep.sys
[2009.07.14 00:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=2287078ED48FCFC477B05B20CF38F36F -- C:\Windows\system32\drivers\blbdrive.sys
[2011.02.23 06:05:25 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=9A5C671B7FBAE4865149BB11F59B91B2 -- C:\Windows\system32\drivers\bowser.sys
[2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) MD5=9F9ACC7F7CCDE8A15C282D3F88B43309 -- C:\Windows\system32\drivers\BrFiltLo.sys
[2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) MD5=56801AD62213A41F6497F96DEE83755A -- C:\Windows\system32\drivers\BrFiltUp.sys
[2009.07.14 01:41:26 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=77361D72A04F18809D0EFB6CCEB74D4B -- C:\Windows\system32\drivers\bridge.sys
[2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) MD5=845B8CE732E67F3B4133164868C666EA -- C:\Windows\system32\drivers\BrSerId.sys
[2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) MD5=203F0B1E73ADADBBB7B7B1FABD901F6B -- C:\Windows\system32\drivers\BrSerWdm.sys
[2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) MD5=BD456606156BA17E60A04E18016AE54B -- C:\Windows\system32\drivers\BrUsbMdm.sys
[2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) MD5=AF72ED54503F717A43268B3CC5FAEC2E -- C:\Windows\system32\drivers\BrUsbSer.sys
[2009.07.14 00:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=ED3DF7C56CE0084EB2034432FC56565A -- C:\Windows\system32\drivers\bthmodem.sys
[2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) MD5=1A231ABEC60FD316EC54C66715543CEC -- C:\Windows\system32\drivers\bxvbdx.sys
[2008.05.02 09:58:12 | 000,017,536 | ---- | M] (Nokia) MD5=C82F4CC10AD315B6D6BCB14D0A7CAD66 -- C:\Windows\system32\drivers\ccdcmb.sys
[2008.05.02 09:58:14 | 000,020,864 | ---- | M] (Nokia) MD5=60EF5F5621D7832F00A3F190A0C905E2 -- C:\Windows\system32\drivers\ccdcmbo.sys
[2009.07.14 00:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=77EA11B065E0A8AB902D78145CA51E10 -- C:\Windows\system32\drivers\cdfs.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\system32\drivers\cdrom.sys
[2009.07.14 00:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) MD5=3FE3FE94A34DF6FB06E6418D0F6A0060 -- C:\Windows\system32\drivers\circlass.sys
[2009.07.14 02:26:15 | 000,140,864 | ---- | M] (Microsoft Corporation) MD5=A6388A5ABF92C7927C085DB0A958125F -- C:\Windows\system32\drivers\Classpnp.sys
[2009.07.14 00:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) MD5=DEA805815E587DAD1DD2C502220B5616 -- C:\Windows\system32\drivers\CmBatt.sys
[2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) MD5=C537B1DB64D495B9B4717B4D6D9EDBF2 -- C:\Windows\system32\drivers\cmdide.sys
[2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) MD5=1B675691ED940766149C93E8F4488D68 -- C:\Windows\system32\drivers\cng.sys
[2009.07.14 02:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) MD5=A6023D3823C37043986713F118A89BEE -- C:\Windows\system32\drivers\compbatt.sys
[2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F1724BA27E97D627F808FB0BA77A28A6 -- C:\Windows\system32\drivers\CompositeBus.sys
[2009.07.14 02:20:28 | 000,035,408 | ---- | M] (Microsoft Corporation) MD5=B7EFEF22FF426EC4158A177CB3B558D3 -- C:\Windows\system32\drivers\crashdmp.sys
[2009.07.14 02:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) MD5=2C4EBCFC84A9B44F209DFF6C6E6C61D1 -- C:\Windows\system32\drivers\crcdisk.sys
[2011.04.27 03:33:46 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=83D1ECEA8FAAE75604C0FA49AC7AD996 -- C:\Windows\system32\drivers\dfsc.sys
[2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=1A050B0274BFB3890703D490F330C0DA -- C:\Windows\system32\drivers\discache.sys
[2009.07.14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\system32\drivers\disk.sys
[2011.04.22 20:36:05 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=C78EA24CE267EAA6BF67CAAEB11C0520 -- C:\Windows\system32\drivers\Diskdump.sys
[2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) MD5=8B30250D573A8F6B4BD23195160D8707 -- C:\Windows\system32\drivers\djsvs.sys
[2009.07.14 01:41:37 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=27F9288AF019E6DACA281EDE51FF5928 -- C:\Windows\system32\drivers\drmk.sys
[2009.07.14 00:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=B918E7C5F9BF77202F89E1A9539F2EB4 -- C:\Windows\system32\drivers\drmkaud.sys
[2009.07.14 02:20:28 | 000,026,704 | ---- | M] (Microsoft Corporation) MD5=5428227D4730EBDFC842E9FB593F8C8A -- C:\Windows\system32\drivers\Dumpata.sys
[2009.07.14 02:17:54 | 000,055,584 | ---- | M] (Microsoft Corporation) MD5=62A63EF2F3053B461CB327E4D69AAA74 -- C:\Windows\system32\drivers\dumpfve.sys
[2009.07.14 00:25:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=5FCD3320AAE71506B43F9E12E4E72172 -- C:\Windows\system32\drivers\dxapi.sys
[2009.07.14 00:25:25 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=1B6242B20CB56F85A158E67F09EE84FE -- C:\Windows\system32\drivers\dxg.sys
[2010.11.02 05:46:34 | 000,728,448 | ---- | M] (Microsoft Corporation) MD5=1679A4669326CB1A67CC95658D273234 -- C:\Windows\system32\drivers\dxgkrnl.sys
[2011.02.03 06:45:07 | 000,219,008 | ---- | M] (Microsoft Corporation) MD5=CF519D46E5B8BDE8D7BA981BA9A174CD -- C:\Windows\system32\drivers\dxgmms1.sys
[2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) MD5=0ED67910C8C326796FAA00B2BF6D9D3C -- C:\Windows\system32\drivers\elxstor.sys
[2007.08.20 10:05:02 | 000,027,672 | R--- | M] (EnTech Taiwan) MD5=16EBD8BF1D5090923694CC972C7CE1B4 -- C:\Windows\system32\drivers\Entech.sys
[2004.06.22 15:44:50 | 000,005,632 | ---- | M] (EnTech Taiwan) MD5=4FC3498AAB35E5B78993B2AAFBCCFB62 -- C:\Windows\system32\drivers\Entech64.sys
[2009.07.14 00:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=8FC3208352DD3912C94367A206AB3F11 -- C:\Windows\system32\drivers\errdev.sys
[2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) MD5=024E1B5CAC09731E4D868E64DBFB4AB0 -- C:\Windows\system32\drivers\evbdx.sys
[2009.07.14 00:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=2DC9108D74081149CC8B651D3A26207F -- C:\Windows\system32\drivers\exfat.sys
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\system32\drivers\fastfat.sys
[2009.07.14 00:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=E817A017F82DF2A1F8CFDBDA29388B29 -- C:\Windows\system32\drivers\fdc.sys
[2009.07.14 02:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) MD5=6CF00369C97F3CF563BE99BE983D13D8 -- C:\Windows\system32\drivers\fileinfo.sys
[2009.07.14 00:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=42C51DC94C91DA21CB9196EB64C45DB9 -- C:\Windows\system32\drivers\filetrace.sys
[2009.07.14 00:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=87907AA70CB3C56600F1C2FB8841579B -- C:\Windows\system32\drivers\flpydisk.sys
[2009.07.14 02:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) MD5=7520EC808E0C35E0EE6F841294316653 -- C:\Windows\system32\drivers\fltMgr.sys
[2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) MD5=1A16B57943853E598CFF37FE2B8CBF1D -- C:\Windows\system32\drivers\fsdepends.sys
[2009.02.06 18:08:52 | 000,055,280 | ---- | M] (Microsoft Corporation) MD5=574CEA4D3510EC905C0163C42D305BA5 -- C:\Windows\system32\drivers\fssfltr.sys
[2009.07.14 02:20:28 | 000,019,536 | ---- | M] (Microsoft Corporation) MD5=A574B4360E438977038AAE4BF60D79A2 -- C:\Windows\system32\drivers\fs_rec.sys
[2009.09.26 06:58:35 | 000,194,488 | ---- | M] (Microsoft Corporation) MD5=DAFBD9FE39197495AED6D51F3B85B5D2 -- C:\Windows\system32\drivers\fvevol.sys
[2009.07.14 02:20:28 | 000,187,472 | ---- | M] (Microsoft Corporation) MD5=5A50439AAC7BB7763237A88F0F3A337F -- C:\Windows\system32\drivers\FWPKCLNT.SYS
[2009.07.14 02:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) MD5=65EE0C7A58B65E74AE05637418153938 -- C:\Windows\system32\drivers\GAGP30KX.SYS
[2010.02.03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) MD5=833051C6C6C42117191935F734CFBD97 -- C:\Windows\system32\drivers\hamachi.sys
[2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) MD5=C44E3C2BAB6837DB337DDEE7544736DB -- C:\Windows\system32\drivers\hcw85cir.sys
[2009.07.14 00:50:56 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=717A2207FD6F13AD3E664C7D5A43C7BF -- C:\Windows\system32\drivers\hdaudbus.sys
[2009.07.14 00:51:47 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=3530CAD25DEBA7DC7DE8BB51632CBC5F -- C:\Windows\system32\drivers\HdAudio.sys
[2009.07.14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=1D58A7F3E11A9731D0EAAAA8405ACC36 -- C:\Windows\system32\drivers\hidbatt.sys
[2009.07.14 00:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) MD5=89448F40E6DF260C206A193A4683BA78 -- C:\Windows\system32\drivers\hidbth.sys
[2009.07.14 00:51:01 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B682E1CC0FDC7AC04B71D1FA9A07EF21 -- C:\Windows\system32\drivers\hidclass.sys
[2009.07.14 00:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) MD5=CF50B4CF4A4F229B9F3C08351F99CA5E -- C:\Windows\system32\drivers\hidir.sys
[2009.07.14 00:51:00 | 000,025,728 | ---- | M] (Microsoft Corporation) MD5=6C26122F1931D4D7810240F32DDCE890 -- C:\Windows\system32\drivers\hidparse.sys
[2009.07.14 00:51:04 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=25072FB35AC90B25F9E4E3BACF774102 -- C:\Windows\system32\drivers\hidusb.sys
[2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) MD5=295FDC419039090EB8B49FFDBB374549 -- C:\Windows\system32\drivers\HpSAMD.sys
[2009.07.14 00:12:59 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=C531C7FD9E8B62021112787C4E2C5A5A -- C:\Windows\system32\drivers\http.sys
[2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) MD5=8305F33CDE89AD6C7A0763ED0B5A8D42 -- C:\Windows\system32\drivers\hwpolicy.sys
[2009.07.14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\system32\drivers\i8042prt.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\system32\drivers\iaStorV.sys
[2009.09.23 18:18:14 | 004,808,192 | ---- | M] (Intel Corporation) MD5=9467514EA189475A6E7FDC5D7BDE9D3F -- C:\Windows\system32\drivers\igdkmd32.sys
[2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) MD5=4173FF5708F3236CF25195FECD742915 -- C:\Windows\system32\drivers\iirsp.sys
[2009.07.14 02:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) MD5=A0F12F2C9BA6C72F3987CE780E77C130 -- C:\Windows\system32\drivers\intelide.sys
[2009.07.14 00:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) MD5=3B514D27BFC4ACCB4037BC6685F766E0 -- C:\Windows\system32\drivers\intelppm.sys
[2009.07.14 00:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=709D1761D3B19A932FF0238EA6D50200 -- C:\Windows\system32\drivers\ipfltdrv.sys
[2009.07.14 00:30:59 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=E4454B6C37D7FFD5649611F6496308A7 -- C:\Windows\system32\drivers\IPMIDrv.sys
[2009.07.14 00:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=A5FA468D67ABCDAA36264E463A7BB0CD -- C:\Windows\system32\drivers\ipnat.sys
[2009.07.14 00:53:32 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=9F7E491FB0BA0F9E370163834FC1FE31 -- C:\Windows\system32\drivers\irda.sys
[2009.07.14 00:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=42996CFF20A3084A56017B7902307E9F -- C:\Windows\system32\drivers\irenum.sys
[2008.01.19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5896B5FF6332AB2BE1582523E9656A67 -- C:\Windows\system32\drivers\irsir.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\system32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) MD5=ADEF52CA1AEAE82B50DF86B56413107E -- C:\Windows\system32\drivers\kbdclass.sys
[2009.07.14 00:45:09 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=3D9F0EBF350EDCFD6498057301455964 -- C:\Windows\system32\drivers\kbdhid.sys
[2010.03.04 04:57:55 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=9E79E2354301783D5E0D48411C2A7466 -- C:\Windows\system32\drivers\ks.sys
[2009.07.14 02:20:36 | 000,067,664 | ---- | M] (Microsoft Corporation) MD5=E36A061EC11B373826905B21BE10948F -- C:\Windows\system32\drivers\ksecdd.sys
[2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) MD5=365C6154BBBC5377173F1CA7BFB6CC59 -- C:\Windows\system32\drivers\ksecpkg.sys
[2009.07.13 23:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) MD5=6C32BFEAB708915D6BBF4B20D4F3EF7B -- C:\Windows\system32\drivers\L1C62x86.sys
[2009.07.14 00:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=F7611EC07349979DA9B0AE1F18CCC7A6 -- C:\Windows\system32\drivers\lltdio.sys
[2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) MD5=EB119A53CCF2ACC000AC71B065B78FEF -- C:\Windows\system32\drivers\lsi_fc.sys
[2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) MD5=8ADE1C877256A22E49B75D1CC9161F9C -- C:\Windows\system32\drivers\lsi_sas.sys
[2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) MD5=DC9DC3D3DAA0E276FD2EC262E38B11E9 -- C:\Windows\system32\drivers\lsi_sas2.sys
[2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) MD5=0A036C7D7CAB643A7F07135AC47E0524 -- C:\Windows\system32\drivers\lsi_scsi.sys
[2009.07.14 00:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) MD5=6703E366CC18D3B6E534F5CF7DF39CEE -- C:\Windows\system32\drivers\luafv.sys
[2009.07.14 00:45:57 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=EF08D2EBE3EABBA43CC57EEE001027B6 -- C:\Windows\system32\drivers\mcd.sys
[2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) MD5=0FFF5B045293002AB38EB1FD1FC2FB74 -- C:\Windows\system32\drivers\megasas.sys
[2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) MD5=DCBAB2920C75F390CAF1D29F675D03D6 -- C:\Windows\system32\drivers\MegaSR.sys
[2010.11.19 10:23:10 | 000,914,816 | ---- | M] (DiBcom SA) MD5=89684CF71D4AEF8AC0732318CDA2D9D2 -- C:\Windows\system32\drivers\mod7700.sys
[2009.07.14 00:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=F001861E5700EE84E2D4E52C712F4964 -- C:\Windows\system32\drivers\modem.sys
[2008.09.17 13:36:26 | 000,013,824 | ---- | M] (DiBcom S.A.) MD5=370E88453EC0D7BEA6EB24BE8D865DBE -- C:\Windows\system32\drivers\modrc.sys
[2009.07.14 00:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=79D10964DE86B292320E9DFE02282A23 -- C:\Windows\system32\drivers\monitor.sys
[2009.07.14 02:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) MD5=FB18CC1D4C2E716B6B903B0AC0CC0609 -- C:\Windows\system32\drivers\mouclass.sys
[2009.07.14 00:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=2C388D2CD01C9042596CF3C8F3C7B24D -- C:\Windows\system32\drivers\mouhid.sys
[2009.07.14 02:20:44 | 000,078,416 | ---- | M] (Microsoft Corporation) MD5=921C18727C5920D6C0300736646931C2 -- C:\Windows\system32\drivers\mountmgr.sys
[2009.07.14 02:20:44 | 000,130,624 | ---- | M] (Microsoft Corporation) MD5=2AF5997438C55FB79D33D015C30E1974 -- C:\Windows\system32\drivers\mpio.sys
[2009.07.14 00:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=AD2723A7B53DD1AACAE6AD8C0BFBF4D0 -- C:\Windows\system32\drivers\mpsdrv.sys
[2009.07.14 00:14:26 | 000,115,712 | ---- | M] (Microsoft Corporation) MD5=B1BE47008D20E43DA3ADC37C24CDB89D -- C:\Windows\system32\drivers\mrxdav.sys
[2011.05.04 03:43:41 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=CA7570E42522E24324A12161DB14EC02 -- C:\Windows\system32\drivers\mrxsmb.sys
[2011.07.09 03:26:10 | 000,222,720 | ---- | M] (Microsoft Corporation) MD5=F965C3AB2B2AE5C378F4562486E35051 -- C:\Windows\system32\drivers\mrxsmb10.sys
[2011.05.04 03:43:48 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=25C38264A3C72594DD21D355D70D7A5D -- C:\Windows\system32\drivers\mrxsmb20.sys
[2009.07.14 02:20:44 | 000,027,712 | ---- | M] (Microsoft Corporation) MD5=4326D168944123F38DD3B2D9C37A0B12 -- C:\Windows\system32\drivers\msahci.sys
[2009.07.14 02:20:44 | 000,115,792 | ---- | M] (Microsoft Corporation) MD5=455029C7174A2DBB03DBA8A0D8BDDD9A -- C:\Windows\system32\drivers\msdsm.sys
[2009.07.14 00:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DAEFB28E3AF5A76ABCC2C3078C07327F -- C:\Windows\system32\drivers\msfs.sys
[2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=3E1E5767043C5AF9367F0056295E9F84 -- C:\Windows\system32\drivers\mshidkmdf.sys
[2009.07.14 02:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) MD5=0A4E5757AE09FA9622E3158CC1AEF114 -- C:\Windows\system32\drivers\msisadrv.sys
[2009.07.14 02:20:44 | 000,186,960 | ---- | M] (Microsoft Corporation) MD5=ED46C223AE46C6866AB77CDC41C404B7 -- C:\Windows\system32\drivers\msiscsi.sys
[2009.07.14 00:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) MD5=8C0860D6366AAFFB6C5BB9DF9448E631 -- C:\Windows\system32\drivers\mskssrv.sys
[2009.07.14 00:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=3EA8B949F963562CEDBB549EAC0C11CE -- C:\Windows\system32\drivers\mspclock.sys
[2009.07.14 00:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=F456E973590D663B1073E9C463B40932 -- C:\Windows\system32\drivers\mspqm.sys
[2009.07.14 02:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) MD5=0E008FC4819D238C51D7C93E7B41E560 -- C:\Windows\system32\drivers\msrpc.sys
[2009.07.14 02:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) MD5=FC6B9FF600CC585EA38B12589BD4E246 -- C:\Windows\system32\drivers\mssmbios.sys
[2009.07.14 00:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B42C6B921F61A6E55159B8BE6CD54A36 -- C:\Windows\system32\drivers\mstee.sys
[2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=33599130F44E1F34631CEA241DE8AC84 -- C:\Windows\system32\drivers\MTConfig.sys
[2009.07.14 02:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) MD5=159FAD02F64E6381758C990F753BCC80 -- C:\Windows\system32\drivers\mup.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\system32\drivers\ndis.sys
[2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=0E1787AA6C9191D3D319E8BAFE86F80C -- C:\Windows\system32\drivers\ndiscap.sys
[2009.07.14 00:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=E4A8AEC125A2E43A9E32AFEEA7C9C888 -- C:\Windows\system32\drivers\ndistapi.sys
[2009.07.14 00:53:51 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=B30AE7F2B6D7E343B0DF32E6C08FCE75 -- C:\Windows\system32\drivers\ndisuio.sys
[2009.07.14 00:54:35 | 000,118,784 | ---- | M] (Microsoft Corporation) MD5=267C415EADCBE53C9CA873DEE39CF3A4 -- C:\Windows\system32\drivers\ndiswan.sys
[2009.07.14 00:54:27 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=AF7E7C63DCEF3F8772726F86039D6EB4 -- C:\Windows\system32\drivers\ndproxy.sys
[2009.07.14 00:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=80B275B1CE3B0E79909DB7B39AF74D51 -- C:\Windows\system32\drivers\netbios.sys
[2009.07.14 00:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=DD52A733BF4CA5AF84562A5E2F963B91 -- C:\Windows\system32\drivers\netbt.sys
[2009.07.14 02:20:44 | 000,240,208 | ---- | M] (Microsoft Corporation) MD5=E87FE6DAF5A1B0845A0E376F4269F75B -- C:\Windows\system32\drivers\netio.sys
[2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) MD5=1D85C4B390B0EE09C7A46B91EFB2C097 -- C:\Windows\system32\drivers\nfrd960.sys
[2009.07.14 00:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=1DB262A9F8C087E8153D89BEF3D2235F -- C:\Windows\system32\drivers\npfs.sys
[2009.07.14 00:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=E9A0A4D07E53D8FEA2BB8387A3293C58 -- C:\Windows\system32\drivers\nsiproxy.sys
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\system32\drivers\ntfs.sys
[2009.07.14 00:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=F9756A98D69098DCA8945D62858A812C -- C:\Windows\system32\drivers\null.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\system32\drivers\nvraid.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\system32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) MD5=5A0983915F02BAE73267CC2A041F717D -- C:\Windows\system32\drivers\NV_AGP.SYS
[2009.07.14 00:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) MD5=26384429FCD85D83746F63E798AB1480 -- C:\Windows\system32\drivers\nwifi.sys
[2009.07.14 00:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=08A70A1F2CDDE9BB49B885CB817A66EB -- C:\Windows\system32\drivers\ohci1394.sys
[2009.07.14 00:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) MD5=6270CCAE2A86DE6D146529FE55B3246A -- C:\Windows\system32\drivers\pacer.sys
[2009.07.14 00:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=2EA877ED5DD9713C5AC74E8EA7348D14 -- C:\Windows\system32\drivers\parport.sys
[2009.07.14 02:20:44 | 000,056,912 | ---- | M] (Microsoft Corporation) MD5=FF4218952B51DE44FE910953A3E686B9 -- C:\Windows\system32\drivers\partmgr.sys
[2009.07.14 00:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=EB0A59F29C19B86479D36B35983DAADC -- C:\Windows\system32\drivers\parvdm.sys
[2009.07.14 02:20:45 | 000,153,680 | ---- | M] (Microsoft Corporation) MD5=C858CB77C577780ECC456A892E7E7D0F -- C:\Windows\system32\drivers\pci.sys
[2001.11.19 19:05:18 | 000,003,972 | ---- | M] () MD5=D6829ACFA6315DB9A963D3EDE2BCBCFF -- C:\Windows\system32\drivers\PciBus.sys
[2009.07.14 02:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) MD5=AFE86F419014DB4E5593F69FFE26CE0A -- C:\Windows\system32\drivers\pciide.sys
[2009.07.14 02:19:03 | 000,042,560 | ---- | M] (Microsoft Corporation) MD5=EDE040D666FF81BF1978D0F19F799E7A -- C:\Windows\system32\drivers\pciidex.sys
[2009.07.14 02:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) MD5=F396431B31693E71E8A80687EF523506 -- C:\Windows\system32\drivers\pcmcia.sys
[2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) MD5=250F6B43D2B613172035C6747AEEB19F -- C:\Windows\system32\drivers\pcw.sys
[2009.07.14 01:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) MD5=9E0104BA49F4E6973749A02BF41344ED -- C:\Windows\system32\drivers\PEAuth.sys
[2011.03.05 12:42:13 | 000,139,080 | ---- | M] () MD5=5A511EA02ADB74CC303578C127F30975 -- C:\Windows\system32\drivers\PnkBstrK.sys
[2009.07.14 00:51:02 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=D72708C9F49500C13D7D067E169B7715 -- C:\Windows\system32\drivers\portcls.sys
[2009.07.14 00:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=85B1E3A0C7585BC4AAE6899EC6FCF011 -- C:\Windows\system32\drivers\processr.sys
[2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) MD5=AB95ECF1F6659A60DDC166D8315B0751 -- C:\Windows\system32\drivers\ql2300.sys
[2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) MD5=B4DD51DD25182244B86737DC51AF2270 -- C:\Windows\system32\drivers\ql40xx.sys
[2009.07.14 00:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=584078CA1B95CA72DF2A27C336F9719D -- C:\Windows\system32\drivers\qwavedrv.sys
[2009.07.14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\system32\drivers\rasacd.sys
[2009.07.14 00:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=D9F91EAFEC2815365CBE6D167E4E332A -- C:\Windows\system32\drivers\rasl2tp.sys
[2009.07.14 00:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=0FE8B15916307A6AC12BFB6A63E45507 -- C:\Windows\system32\drivers\raspppoe.sys
[2009.07.14 00:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=631E3E205AD6D86F2AED6A4A8E69F2DB -- C:\Windows\system32\drivers\raspptp.sys
[2009.07.14 00:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=44101F495A83EA6401D886E7FD70096B -- C:\Windows\system32\drivers\rassstp.sys
[2009.07.14 00:14:29 | 000,241,664 | ---- | M] (Microsoft Corporation) MD5=835D7E81BF517A3B72384BDCC85E1CE6 -- C:\Windows\system32\drivers\rdbss.sys
[2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0D8F05481CB76E70E1DA06EE9F0DA9DF -- C:\Windows\system32\drivers\rdpbus.sys
[2009.07.14 01:01:40 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=1E016846895B15A99F9A176A05029075 -- C:\Windows\system32\drivers\RDPCDD.sys
[2009.07.14 01:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=5A53CA1598DD4156D44196D200C94B8A -- C:\Windows\system32\drivers\RDPENCDD.sys
[2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=44B0A53CD4F27D50ED461DAE0C0B4E1F -- C:\Windows\system32\drivers\RDPREFMP.sys
[2009.07.14 01:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\system32\drivers\rdpwd.sys
[2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) MD5=4EA225BF1CF05E158853F30A99CA29A7 -- C:\Windows\system32\drivers\rdyboost.sys
[2009.07.14 00:53:40 | 000,117,248 | ---- | M] (Microsoft Corporation) MD5=B4090006A82EEB608C358AB5D37DE85A -- C:\Windows\system32\drivers\rmcast.sys
[2009.07.14 00:54:09 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=7400CFAB5CF36F2294E80B3F3BDA3EBC -- C:\Windows\system32\drivers\RNDISMP.sys
[2009.07.14 00:55:21 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=564297827D213F52C7A3A2FF749568CA -- C:\Windows\system32\drivers\rootmdm.sys
[2009.07.14 00:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=032B0D36AD92B582D869879F5AF5B928 -- C:\Windows\system32\drivers\rspndr.sys
[2009.03.01 23:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) MD5=3983CEA05BB855351D75F5482B6C42CE -- C:\Windows\system32\drivers\Rt86win7.sys
[2009.03.04 10:57:04 | 002,334,240 | ---- | M] (Realtek Semiconductor Corp.) MD5=8832E6BE80EDFD3AFCF9241AA982AD3C -- C:\Windows\system32\drivers\RTKVHDA.sys
[2009.07.14 02:19:04 | 000,085,568 | ---- | M] (Microsoft Corporation) MD5=34EE0C44B724E3E4CE2EFF29126DE5B5 -- C:\Windows\system32\drivers\sbp2port.sys
[2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=A95C54B2AC3CC9C73FCDF9E51A1D6B51 -- C:\Windows\system32\drivers\scfilter.sys
[2009.07.14 02:19:04 | 000,140,368 | ---- | M] (Microsoft Corporation) MD5=F9882099E58ECF8B0E1C7AFA5D2CC56D -- C:\Windows\system32\drivers\scsiport.sys
[2009.07.13 21:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\Windows\system32\drivers\secdrv.sys
[2009.07.14 00:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=9AD8B8B515E3DF6ACD4212EF465DE2D1 -- C:\Windows\system32\drivers\serenum.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) MD5=5FB7FCEA0490D821F26F39CC5EA3D1E2 -- C:\Windows\system32\drivers\serial.sys
[2009.07.14 00:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=79BFFB520327FF916A582DFEA17AA813 -- C:\Windows\system32\drivers\sermouse.sys
[2006.03.01 18:51:15 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) MD5=ADEB7DB47A6F3412283259176F408BE5 -- C:\Windows\system32\drivers\sfdrv01.sys
[2009.07.14 00:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=9F976E1EB233DF46FCE808D9DEA3EB9C -- C:\Windows\system32\drivers\sffdisk.sys
[2009.07.14 00:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=932A68EE27833CFD57C1639D375F2731 -- C:\Windows\system32\drivers\sffp_mmc.sys
[2009.07.14 00:45:52 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=4F1E5B0FE7C8050668DBFADE8999AEFB -- C:\Windows\system32\drivers\sffp_sd.sys
[2006.02.14 15:48:36 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) MD5=C1376A954899D98488A19396EA3AAE2B -- C:\Windows\system32\drivers\sfhlp02.sys
[2009.07.14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\system32\drivers\sfloppy.sys
[2006.02.21 13:48:05 | 000,049,664 | ---- | M] (Protection Technology (StarForce)) MD5=7261F6191827134D249A6462D833AF8D -- C:\Windows\system32\drivers\sfsync04.sys
[2009.07.14 02:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) MD5=2565CAC0DC9FE0371BDCE60832582B2E -- C:\Windows\system32\drivers\SISAGP.SYS
[2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) MD5=A9F0486851BECB6DDA1D89D381E71055 -- C:\Windows\system32\drivers\sisraid2.sys
[2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) MD5=3727097B55738E2F554972C3BE5BC1AA -- C:\Windows\system32\drivers\sisraid4.sys
[2009.07.14 00:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=3E21C083B8A01CB70BA1F09303010FCE -- C:\Windows\system32\drivers\smb.sys
[2009.07.14 00:45:28 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=2E467E6CA8E0A140C08011844C0D3936 -- C:\Windows\system32\drivers\smclib.sys
[2009.07.14 02:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) MD5=95CF1AE7527FB70F7816563CBC09D942 -- C:\Windows\system32\drivers\spldr.sys
[2009.07.13 21:34:43 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=D16D818E9930A6E5B4F6476DD0998D1A -- C:\Windows\system32\drivers\spsys.sys
[2010.07.28 11:09:12 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) MD5=CDDDEC541BC3C96F91ECB48759673505 -- C:\Windows\system32\drivers\sptd.sys
[2011.04.29 03:57:34 | 000,311,296 | ---- | M] (Microsoft Corporation) MD5=C4A027B8C0BD3FC0699F41FA5E9E0C87 -- C:\Windows\system32\drivers\srv.sys
[2011.04.29 03:57:21 | 000,309,760 | ---- | M] (Microsoft Corporation) MD5=414BB592CAD8A79649D01F9D94318FB3 -- C:\Windows\system32\drivers\srv2.sys
[2011.04.29 03:57:13 | 000,114,176 | ---- | M] (Microsoft Corporation) MD5=FF207D67700AA18242AAF985D3E7D8F4 -- C:\Windows\system32\drivers\srvnet.sys
[2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) MD5=DB32D325C192B801DF274BFD12A7E72B -- C:\Windows\system32\drivers\stexstor.sys
[2011.03.11 06:44:09 | 000,146,304 | ---- | M] (Microsoft Corporation) MD5=32C8E15E6F1EF98949A96451D42CEC70 -- C:\Windows\system32\drivers\storport.sys
[2009.07.14 00:50:57 | 000,053,632 | ---- | M] (Microsoft Corporation) MD5=45B44FC9E5AC0DB02B19D515EE809DE5 -- C:\Windows\system32\drivers\stream.sys
[2009.07.14 02:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) MD5=E58C78A848ADD9610A4DB6D214AF5224 -- C:\Windows\system32\drivers\swenum.sys
[2009.07.14 00:45:53 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=949C35BF4AE6C110A924AB5E2175DDA7 -- C:\Windows\system32\drivers\tape.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\system32\drivers\tcpip.sys
[2009.07.14 00:54:14 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=E64444523ADD154F86567C469BC0B17F -- C:\Windows\system32\drivers\tcpipreg.sys
[2009.07.14 00:12:12 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=52639C994FE3CD975BFE7428B939B320 -- C:\Windows\system32\drivers\tdi.sys
[2009.07.14 01:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\system32\drivers\tdpipe.sys
[2009.07.14 01:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\system32\drivers\tdtcp.sys
[2009.07.14 00:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\system32\drivers\tdx.sys
[2009.07.14 02:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) MD5=C36F41EE20E6999DBF4B0425963268A5 -- C:\Windows\system32\drivers\termdd.sys
[2009.07.14 01:01:51 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=98AE6FA07D12CB4EC5CF4A9BFA5F4242 -- C:\Windows\system32\drivers\tssecsrv.sys
[2009.07.14 00:54:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=3E461D890A97F9D4C168F5FDA36E1D00 -- C:\Windows\system32\drivers\tunnel.sys
[2009.07.14 02:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) MD5=750FBCB269F4D7DD2E420C56B795DB6D -- C:\Windows\system32\drivers\UAGP35.SYS
[2009.07.14 00:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) MD5=09CC3E16F8E5EE7168E01CF8FCBE061A -- C:\Windows\system32\drivers\udfs.sys
[2009.07.14 02:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=44E8048ACE47BEFBFDC2E9BE4CBC8880 -- C:\Windows\system32\drivers\ULIAGPKX.SYS
[2009.07.14 00:51:39 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=049B3A50B3D646BAEEEE9EEC9B0668DC -- C:\Windows\system32\drivers\umbus.sys
[2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=7550AD0C6998BA1CB4843E920EE0FEAC -- C:\Windows\system32\drivers\umpass.sys
[2009.07.14 00:54:16 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=B71DA871254D96D0349639D03E4C1CC1 -- C:\Windows\system32\drivers\usb8023.sys
[2009.07.14 00:51:15 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=47D88F155EB4E4BE60EBD76AC8D17DB7 -- C:\Windows\system32\drivers\USBCAMD.sys
[2009.07.14 00:51:16 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=2190F65EC7E9AE7A301E01E4261ACEF8 -- C:\Windows\system32\drivers\USBCAMD2.sys
[2011.03.25 04:06:23 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=C31AE588E403042632DC796CF09E30B0 -- C:\Windows\system32\drivers\usbccgp.sys
[2009.07.14 00:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=04EC7CEC62EC3B6D9354EEE93327FC82 -- C:\Windows\system32\drivers\usbcir.sys
[2011.03.25 04:06:06 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=675C1D745F68343F372897F761F999E3 -- C:\Windows\system32\drivers\usbd.sys
[2011.03.25 04:06:12 | 000,043,008 | ---- | M] (Microsoft Corporation) MD5=E4C436D914768CE965D5E659BA7EEBD8 -- C:\Windows\system32\drivers\usbehci.sys
[2011.03.25 04:06:46 | 000,258,560 | ---- | M] (Microsoft Corporation) MD5=BDCD7156EC37448F08633FD899823620 -- C:\Windows\system32\drivers\usbhub.sys
[2011.03.25 04:06:11 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=EB2D819A639015253C871CDA09D91D58 -- C:\Windows\system32\drivers\usbohci.sys
[2011.03.25 04:06:25 | 000,284,160 | ---- | M] (Microsoft Corporation) MD5=3D0074A19D16A9944BE32EE1FFBBB554 -- C:\Windows\system32\drivers\usbport.sys
[2009.07.14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\system32\drivers\usbprint.sys
[2009.07.14 01:14:30 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=FB9F340ECACDAEB939372CC543E72C6D -- C:\Windows\system32\drivers\usbrpm.sys
[2009.07.14 00:51:17 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=88701ECA76145E2C011C0EEFF0F7B70E -- C:\Windows\system32\drivers\usbser.sys
[2008.05.02 09:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) MD5=BB16932A4189E82D6C455042C11849B6 -- C:\Windows\system32\drivers\usbser_lowerflt.sys
[2008.05.02 09:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) MD5=E748D50B3B2EC7F40A2BA67FB094CF01 -- C:\Windows\system32\drivers\usbser_lowerfltj.sys
[2011.03.11 05:08:24 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=1C4287739A93594E57E2A9E6A3ED7353 -- C:\Windows\system32\drivers\USBSTOR.SYS
[2011.03.25 04:06:10 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=22480BF4E5A09192E5E30BA4DDE79FA4 -- C:\Windows\system32\drivers\usbuhci.sys
[2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) MD5=A059C4C3EDB09E07D21A8E5C0AABD3CB -- C:\Windows\system32\drivers\vdrvroot.sys
[2009.07.14 00:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=8E38096AD5C8570A6F1570A61E251561 -- C:\Windows\system32\drivers\vga.sys
[2009.07.14 00:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=17C408214EA61696CEC9C66E388B14F3 -- C:\Windows\system32\drivers\vgapnp.sys
[2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) MD5=3BE6E1F3A4F1AFEC8CEE0D7883F93583 -- C:\Windows\system32\drivers\vhdmp.sys
[2009.07.14 02:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) MD5=C829317A37B4BEA8F39735D4B076E923 -- C:\Windows\system32\drivers\VIAAGP.SYS
[2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=E02F079A6AA107F06B16549C6E5C7B74 -- C:\Windows\system32\drivers\viac7.sys
[2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) MD5=E43574F6A56A0EE11809B48C09E4FD3C -- C:\Windows\system32\drivers\viaide.sys
[2009.07.14 00:25:51 | 000,111,616 | ---- | M] (Microsoft Corporation) MD5=15C126D1B55814B9E5CAB10A9C1F4C67 -- C:\Windows\system32\drivers\videoprt.sys
[2009.07.14 02:19:10 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=384E5A2AA49934295171E499F86BA6F3 -- C:\Windows\system32\drivers\volmgr.sys
[2009.07.14 02:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) MD5=B5BB72067DDDDBBFB04B2F89FF8C3C87 -- C:\Windows\system32\drivers\volmgrx.sys
[2009.07.14 02:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\system32\drivers\volsnap.sys
[2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=9DFA0CC2F8855A04816729651175B631 -- C:\Windows\system32\drivers\vsmraid.sys
[2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=90567B1E658001E79D7C8BBD3DDE5AA6 -- C:\Windows\system32\drivers\vwifibus.sys
[2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=7090D3436EEB4E7DA3373090A23448F7 -- C:\Windows\system32\drivers\vwififlt.sys
[2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=A3F04CBEA6C2A10E6CB01F8B47611882 -- C:\Windows\system32\drivers\vwifimp.sys
[2009.07.14 00:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) MD5=DE3721E89C653AA281428C8A69745D90 -- C:\Windows\system32\drivers\wacompen.sys
[2009.07.14 00:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) MD5=692A712062146E96D28BA0B7D75DE31B -- C:\Windows\system32\drivers\wanarp.sys
[2009.07.14 00:24:11 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=CB45A417C8EF7BA6BAC67EDCDDED8700 -- C:\Windows\system32\drivers\watchdog.sys
[2009.07.14 02:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) MD5=1112A9BADACB47B7C0BB0392E3158DFF -- C:\Windows\system32\drivers\wd.sys
[2009.07.14 02:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) MD5=9950E3D0F08141C7E89E64456AE7DC73 -- C:\Windows\system32\drivers\Wdf01000.sys
[2009.07.14 02:19:11 | 000,038,480 | ---- | M] (Microsoft Corporation) MD5=FE7A7675C26FE936226641EF32AE9BB5 -- C:\Windows\system32\drivers\WdfLdr.sys
[2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=8B9A943F3B53861F2BFAF6C186168F79 -- C:\Windows\system32\drivers\wfplwf.sys
[2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=5CF95B35E59E2A38023836FFF31BE64C -- C:\Windows\system32\drivers\wimmount.sys
[2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) MD5=30FC6E5448D0CBAAA95280EEEF7FEDAE -- C:\Windows\system32\drivers\winusb.sys
[2009.07.14 00:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=0217679B8FCA58714C3BF2726D2CA84E -- C:\Windows\system32\drivers\wmiacpi.sys
[2009.07.14 02:19:10 | 000,014,912 | ---- | M] (Microsoft Corporation) MD5=9A5B1059FE015DB5269FBB25ACBF841D -- C:\Windows\system32\drivers\wmilib.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\system32\drivers\ws2ifsl.sys
[2009.07.14 00:50:17 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=6F9B6C0C93232CFF47D0F72D6DB1D21E -- C:\Windows\system32\drivers\WUDFPf.sys
[2009.07.14 00:50:45 | 000,132,224 | ---- | M] (Microsoft Corporation) MD5=F91FF1E51FCA30B3C3981DB7D5924252 -- C:\Windows\system32\drivers\WUDFRd.sys

< %systemroot%\system32\*.sys /md5 >
[2009.07.13 22:40:41 | 000,009,029 | ---- | M] () MD5=8AAD333C876590293F72B315E162BCC7 -- C:\Windows\system32\ANSI.SYS
[2009.07.14 02:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) MD5=635181E0E9BBF16871BF5380D71DB02D -- C:\Windows\system32\clfs.sys
[2009.07.13 22:40:44 | 000,027,097 | ---- | M] () MD5=0FE9F16075C9ACB941C957B7C649176E -- C:\Windows\system32\country.sys
[2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) MD5=833051C6C6C42117191935F734CFBD97 -- C:\Windows\system32\hamachi.sys
[2009.07.13 22:40:40 | 000,004,768 | ---- | M] () MD5=E6BC0F98FECEF245A0010D350C1A0B9B -- C:\Windows\system32\HIMEM.SYS
[2009.07.13 22:40:43 | 000,042,809 | ---- | M] () MD5=492090267B9608C62B956CD29BE3AFB7 -- C:\Windows\system32\KEY01.SYS
[2009.07.13 22:40:43 | 000,042,537 | ---- | M] () MD5=FBBCFEC1379C5C02D88A361993EDF1B8 -- C:\Windows\system32\KEYBOARD.SYS
[2009.07.13 22:40:23 | 000,027,866 | ---- | M] () MD5=FFFF296A08DBF2AC0126C62E3778AC0D -- C:\Windows\system32\NTDOS.SYS
[2009.07.13 22:40:31 | 000,029,146 | ---- | M] () MD5=CF9ED169FF86D935E47999E82359E898 -- C:\Windows\system32\NTDOS404.SYS
[2009.07.13 22:40:35 | 000,029,370 | ---- | M] () MD5=03B945AC0481CD8BB161C3569D8ED1C3 -- C:\Windows\system32\NTDOS411.SYS
[2009.07.13 22:40:39 | 000,029,274 | ---- | M] () MD5=BBC957DC18C17CC027EB80B7C77F2AEA -- C:\Windows\system32\NTDOS412.SYS
[2009.07.13 22:40:27 | 000,029,146 | ---- | M] () MD5=3CFFAEFFF23B0D208214A6D3061A5B1B -- C:\Windows\system32\NTDOS804.SYS
[2009.07.13 22:40:11 | 000,033,952 | ---- | M] () MD5=2E4112FB7D1B76E11ADFD7487B5D0E95 -- C:\Windows\system32\NTIO.SYS
[2009.07.13 22:40:15 | 000,034,672 | ---- | M] () MD5=A98EBD4C2DF983665BF2D1AF49949974 -- C:\Windows\system32\NTIO404.SYS
[2009.07.13 22:40:17 | 000,035,776 | ---- | M] () MD5=3F7E6406EDEF197C5CAAB2240EEF6F48 -- C:\Windows\system32\NTIO411.SYS
[2009.07.13 22:40:19 | 000,035,536 | ---- | M] () MD5=3E64D681B776CC57BDC38A46D881F85B -- C:\Windows\system32\NTIO412.SYS
[2009.07.13 22:40:13 | 000,034,672 | ---- | M] () MD5=D86B6435729231C171432B4E77801BDB -- C:\Windows\system32\NTIO804.SYS
[2011.11.24 05:23:31 | 002,340,352 | ---- | M] (Microsoft Corporation) MD5=7FB4FC007502796CA9C23E2DE37AF966 -- C:\Windows\system32\win32k.sys
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programy] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs -> Junction
[C:\Windows\System32\config\systemprofile\Data aplikací] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Filmy] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Hudba] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\System32\config\systemprofile\Documents\Obrázky] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\System32\config\systemprofile\Dokumenty] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\Nabídka Start] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\System32\config\systemprofile\Okolní síť] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Okolní tiskárny] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Poslední] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\System32\config\systemprofile\Soubory cookie] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\System32\config\systemprofile\Šablony] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

========== Alternate Data Streams ==========

@Alternate Data Stream - 424 bytes -> C:\Users\Pavel\Documents\Publikace2.ppp:SummaryInformation

< End of report >

Re: Win 7 Security 2012

Napsal: 01 led 2012 16:00
od Abcak
Zde je odkaz na výsledek testování toho souboru.

http://www.virustotal.com/file-scan/rep ... 1325429325

Re: Win 7 Security 2012

Napsal: 01 led 2012 16:32
od Abcak
========== OTL ==========
Process upl.exe killed successfully!
Registry value HKEY_USERS\S-1-5-21-3654916310-1201210475-2310256920-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\\{90b49673-5506-483e-b92b-ca0265bd9ca8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90b49673-5506-483e-b92b-ca0265bd9ca8}\ deleted successfully.
C:\Program Files\IMVU_Inc\prxtbIMV0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90b49673-5506-483e-b92b-ca0265bd9ca8}\ not found.
File C:\Program Files\IMVU_Inc\prxtbIMV0.dll not found.
Registry value HKEY_USERS\S-1-5-21-3654916310-1201210475-2310256920-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_USERS\S-1-5-21-3654916310-1201210475-2310256920-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B49673-5506-483E-B92B-CA0265BD9CA8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}\ not found.
File C:\Program Files\IMVU_Inc\prxtbIMV0.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_USERS\S-1-5-21-3654916310-1201210475-2310256920-1002_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3654916310-1201210475-2310256920-1002_Classes\0i4\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Users\Pavel\AppData\Local\upl.exe moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.31.0 log created on 01012012_161340




Vše se zdá být v pořádku. Moc Vám děkuji

Re: Win 7 Security 2012

Napsal: 01 led 2012 16:46
od Abcak

Kód: Vybrat vše

MBRScan v1.0.1

OS        : Windows 7  (32 bit)
PROCESSOR : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT      : Normal Boot

================================================================================

\Device\Harddisk0\DR0     	298 Go	 [Fixed]  ==> 7 MBR Code.....

MBR_MD5   : D59A836CDF7FD4F24F6304E5F7F79C88
MBR_SHA-1 : 2886EDBC13F8170E0FC4396E44254BCBA46EF401

\Device\Harddisk0\Partition1	283 Mo	 [Fixed]  0x07 NTFS / HPFS ___ BOOTABLE ___
\Device\Harddisk0\Partition2	297 Go	 [Fixed]  0x07 NTFS / HPFS

================================================================================

\Device\Harddisk1\DR1     	7.5 Go	 [Removable]  ==> Unknown MBR Code ......

MBR_MD5   : 832905AB8BEC9CF7F9888B2585FBCC8B
MBR_SHA-1 : 5092A6034307880C1F6A79EF2D35D2B7B66C7979

\Device\Harddisk1\Partition1	7.5 Go	 [Removable]  0x0C FAT32 [LBA]  ___ BOOTABLE ___

================================================================================


_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 47 3E D0 D6 00 00 80 20   em...c{.G>ÐÖ... 
0x000001C0   21 00 07 70 10 26 00 08 00 00 00 D8 08 00 00 70   !..p.&.....Ø...p
0x000001D0   11 26 07 EF FF FF 00 E0 08 00 00 F8 39 25 00 00   .&.ï...à...ø9%..
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR1  

0x00000000   FA BE 00 7C BF 00 7A B9 00 01 FC 0E 1F 0E 07 F3   ú¾.|¿.z¹..ü....ó
0x00000010   A5 EA 16 7A 00 00 BB BE 7B 33 C9 80 3F 80 75 06   ¥ê.z..»¾{3É.?.u.
0x00000020   FE C5 8B F3 EB 07 80 3F 00 75 02 FE C1 83 C3 10   þÅ.óë..?.u.þÁ.Ã.
0x00000030   81 FB FE 7B 72 E5 83 F9 04 74 0B 81 F9 03 01 74   .ûþ{rå.ù.t..ù..t
0x00000040   0A BB A5 7A EB 2C BB 87 7A EB 27 8B 4C 02 8B 14   .»¥zë,».zë'.L...
0x00000050   B8 01 02 BB 00 7C CD 13 73 05 BB BC 7A EB 13 2E   ¸..».|Í.s.»¼zë..
0x00000060   A1 FE 7D 3D 55 AA 74 05 BB BC 7A EB 05 EA 00 7C   ¡þ}=Uªt.»¼zë.ê.|
0x00000070   00 00 2E 8A 07 3C 00 74 0C 53 BB 07 00 B4 0E CD   .....<.t.S»..´.Í
0x00000080   10 5B 43 EB ED EB FE 4E 6F 20 62 6F 6F 74 61 62   .[CëíëþNo bootab
0x00000090   6C 65 20 70 61 72 74 69 74 6F 6E 20 69 6E 20 74   le partiton in t
0x000000A0   61 62 6C 65 00 49 6E 76 61 6C 69 64 20 50 61 72   able.Invalid Par
0x000000B0   74 69 74 6F 6E 20 74 61 62 6C 65 00 49 6E 76 61   titon table.Inva
0x000000C0   6C 69 64 20 6F 72 20 64 61 6D 61 67 65 64 20 42   lid or damaged B
0x000000D0   6F 6F 74 61 62 6C 65 20 70 61 72 74 69 74 69 6F   ootable partitio
0x000000E0   6E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   n...............
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 01   ................
0x000001C0   0C 0F 0C 04 E0 90 80 1F 00 00 80 20 EF 00 00 00   ....à...... ï...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

Re: Win 7 Security 2012

Napsal: 01 led 2012 17:06
od Abcak
To předtím z MbrScan
Tohle je z toho ComboFixu.

ComboFix 11-12-31.03 - Pavel 01.01.2012 16:57:01.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2037.1192 [GMT 1:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\d.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-01 do 2012-01-01 )))))))))))))))))))))))))))))))
.
.
2012-01-01 15:15 . 2012-01-01 15:15 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-01-01 15:15 . 2012-01-01 15:15 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-01-01 15:15 . 2012-01-01 15:15 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-01-01 15:15 . 2012-01-01 15:15 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-01-01 15:13 . 2012-01-01 15:13 -------- d-----w- C:\_OTL
2012-01-01 14:25 . 2012-01-01 14:25 512 ----a-w- C:\PhysicalMBR.bin
2011-12-31 14:53 . 2011-12-31 14:53 -------- d-----w- c:\users\Pavel\AppData\Local\Application Data
2011-12-26 23:25 . 2011-12-26 23:25 -------- d-----w- c:\users\Pavel\AppData\Roaming\DivX
2011-12-22 18:51 . 2011-12-22 18:51 -------- d-----w- c:\program files\LogMeIn Hamachi
2011-12-17 14:46 . 2011-12-17 14:46 -------- d-----w- c:\users\Pavel\AppData\Local\PCTV Systems
2011-12-17 14:38 . 2011-12-17 14:40 -------- d-----w- c:\program files\Common Files\PCTV Systems
2011-12-17 14:38 . 2011-12-17 14:38 -------- d-----w- c:\program files\PCTV Systems
2011-12-17 14:36 . 2011-12-17 14:47 -------- d-----w- c:\programdata\PCTV Systems
2011-12-17 14:35 . 2011-12-17 14:35 -------- d-----w- c:\program files\DivX
2011-12-14 12:39 . 2011-11-24 04:23 2340352 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 12:39 . 2011-11-05 04:30 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 12:39 . 2011-10-15 05:48 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 12:39 . 2011-10-26 04:25 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 12:39 . 2011-10-26 04:42 3901808 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-14 12:39 . 2011-10-26 04:42 3957104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-09 17:49 . 2011-12-09 17:49 -------- d-----w- c:\programdata\McAfee
2011-12-09 17:49 . 2011-12-09 17:49 -------- d-----w- c:\programdata\McAfee Security Scan
2011-12-09 17:48 . 2011-12-18 17:49 -------- d-----w- c:\program files\McAfee Security Scan
2011-12-03 15:26 . 2011-12-25 00:22 -------- d-----w- c:\program files\Rockstar Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 12:08 . 2011-06-17 16:25 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-03 15:57 . 2010-07-04 22:10 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-10-18 00:28 . 2011-11-19 08:39 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE6C3D1E-17C9-4493-B67A-D3F52A80A4F8}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1acb83b-3713-4784-b2b3-64c6d06565e9}]
2009-11-25 10:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"OscarEditor"="c:\program files\OSCAR Editor X7\OscarEditor.exe" [2010-07-22 2636800]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"RemoTerm.exe"="c:\program files\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe" [2009-09-02 218384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-04 6957600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
.
c:\users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Vyhledat aktualizace.lnk - c:\program files\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe [2009-4-17 238864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-02-06 17:53 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-03-21 18:02 399224 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 aswSnx;aswSnx; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-26 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-28 691696]
S1 aswSP;aswSP; [x]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-25 49152]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
S3 MODRC;PCTV Dib Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys [2008-09-17 13824]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 19:57]
.
2012-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 19:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2612669
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
IE: {{bb7f932c-881f-4b88-837d-cf84adff062b} - {707f6b7e-a2f2-490e-b857-38fcd1a2326b} - mscoree.dll
TCP: DhcpNameServer = 192.168.10.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-avast - c:\program files\AVAST Software\Avast\avastUI.exe
AddRemove-CoD 2 čeština_is1 - f:\hry\Call of Duty 2\Call of Duty 2\unins000.exe
AddRemove-GameSpy Arcade - f:\gamesp~1\UNWISE.EXE
AddRemove-Sanny Builder 3_is1 - c:\program files\Sanny Builder 3\unins000.exe
AddRemove-The Sims - c:\hry\the sims\Uninst.isu
AddRemove-{A8A1C2D4-F5E9-4D8B-90C4-8BFB4D5B95CD}_is1 - f:\hry\Panzers1\unins000.exe
AddRemove-{BCECC8FA-31AD-487A-A8C4-1C9C5454F9C6}_is1 - g:\hry\Mockba to Berlin\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3654916310-1201210475-2310256920-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:71,a7,99,80,e6,47,6f,85,3e,46,2e,fe,10,ad,df,c5,c5,67,27,90,31,a0,31,
f1,e8,6e,c7,a3,dc,e6,be,fc,1c,42,9e,fb,2e,fb,d3,2b,27,52,42,fc,4f,9f,af,6f,\
"??"=hex:b9,aa,1e,dc,83,5c,1b,ef,6b,7a,77,f4,4c,48,f9,eb
.
[HKEY_USERS\S-1-5-21-3654916310-1201210475-2310256920-1002\Software\SecuROM\License information*]
"datasecu"=hex:b6,55,bc,df,a7,7a,8b,d7,b3,32,53,56,e2,8b,7d,2d,00,9b,d3,b3,26,
56,8a,b0,76,8c,75,66,d6,73,61,6c,a0,2b,62,4d,ba,24,63,cd,2d,b5,c4,21,64,e1,\
"rkeysecu"=hex:a7,4a,b9,56,f3,31,e5,6d,16,cd,48,e2,1d,c3,82,25
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-01 17:04:23
ComboFix-quarantined-files.txt 2012-01-01 16:04
.
Před spuštěním: Volných bajtů: 177 271 300 096
Po spuštění: Volných bajtů: 177 329 664 000
.
- - End Of File - - 0C0232E7A1E2700E9387613F88CCCF2F

Re: Win 7 Security 2012

Napsal: 01 led 2012 17:11
od Abcak
Tohle je z toho killera

17:08:07.0743 3108 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
17:08:08.0352 3108 ============================================================
17:08:08.0352 3108 Current date / time: 2012/01/01 17:08:08.0352
17:08:08.0352 3108 SystemInfo:
17:08:08.0352 3108
17:08:08.0352 3108 OS Version: 6.1.7600 ServicePack: 0.0
17:08:08.0352 3108 Product type: Workstation
17:08:08.0352 3108 ComputerName: PAVEL-PC
17:08:08.0352 3108 UserName: Pavel
17:08:08.0352 3108 Windows directory: C:\Windows
17:08:08.0352 3108 System windows directory: C:\Windows
17:08:08.0352 3108 Processor architecture: Intel x86
17:08:08.0352 3108 Number of processors: 2
17:08:08.0352 3108 Page size: 0x1000
17:08:08.0352 3108 Boot type: Normal boot
17:08:08.0352 3108 ============================================================
17:08:09.0085 3108 Initialize success
17:08:35.0948 2656 ============================================================
17:08:35.0948 2656 Scan started
17:08:35.0948 2656 Mode: Manual; SigCheck; TDLFS;
17:08:35.0948 2656 ============================================================
17:08:36.0385 2656 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
17:08:36.0448 2656 1394ohci - ok
17:08:36.0510 2656 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
17:08:36.0510 2656 ACPI - ok
17:08:36.0541 2656 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
17:08:36.0572 2656 AcpiPmi - ok
17:08:36.0619 2656 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
17:08:36.0635 2656 adp94xx - ok
17:08:36.0666 2656 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
17:08:36.0682 2656 adpahci - ok
17:08:36.0713 2656 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
17:08:36.0728 2656 adpu320 - ok
17:08:36.0791 2656 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
17:08:36.0822 2656 AFD - ok
17:08:36.0853 2656 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
17:08:36.0869 2656 agp440 - ok
17:08:36.0884 2656 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
17:08:36.0884 2656 aic78xx - ok
17:08:36.0916 2656 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
17:08:36.0931 2656 aliide - ok
17:08:36.0947 2656 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
17:08:36.0962 2656 amdagp - ok
17:08:36.0978 2656 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
17:08:36.0994 2656 amdide - ok
17:08:37.0009 2656 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
17:08:37.0040 2656 AmdK8 - ok
17:08:37.0056 2656 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
17:08:37.0087 2656 AmdPPM - ok
17:08:37.0134 2656 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
17:08:37.0150 2656 amdsata - ok
17:08:37.0165 2656 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
17:08:37.0181 2656 amdsbs - ok
17:08:37.0196 2656 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
17:08:37.0196 2656 amdxata - ok
17:08:37.0228 2656 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
17:08:37.0274 2656 AppID - ok
17:08:37.0321 2656 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
17:08:37.0337 2656 arc - ok
17:08:37.0352 2656 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
17:08:37.0368 2656 arcsas - ok
17:08:37.0415 2656 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\Windows\system32\drivers\aswFsBlk.sys
17:08:37.0430 2656 aswFsBlk - ok
17:08:37.0462 2656 aswMonFlt (ff83c93aeee8b0cf4b464ca667a67acd) C:\Windows\system32\drivers\aswMonFlt.sys
17:08:37.0477 2656 aswMonFlt - ok
17:08:37.0508 2656 aswRdr (b67f029f10ce690d723af82c1c2c05cd) C:\Windows\system32\drivers\aswRdr.sys
17:08:37.0508 2656 Suspicious file (Forged): C:\Windows\system32\drivers\aswRdr.sys. Real md5: b67f029f10ce690d723af82c1c2c05cd, Fake md5: aa96492df3a150bf0741f7d5201e7dd0
17:08:37.0508 2656 aswRdr ( ForgedFile.Multi.Generic ) - warning
17:08:37.0508 2656 aswRdr - detected ForgedFile.Multi.Generic (1)
17:08:37.0540 2656 aswSnx (17230708a2028cd995656df455f2e303) C:\Windows\system32\drivers\aswSnx.sys
17:08:37.0555 2656 aswSnx - ok
17:08:37.0571 2656 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\Windows\system32\drivers\aswSP.sys
17:08:37.0586 2656 aswSP - ok
17:08:37.0618 2656 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
17:08:37.0633 2656 AsyncMac - ok
17:08:37.0664 2656 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
17:08:37.0680 2656 atapi - ok
17:08:37.0742 2656 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
17:08:37.0805 2656 b06bdrv - ok
17:08:37.0852 2656 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:08:37.0867 2656 b57nd60x - ok
17:08:37.0883 2656 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
17:08:37.0914 2656 Beep - ok
17:08:37.0961 2656 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
17:08:37.0961 2656 blbdrive - ok
17:08:38.0008 2656 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
17:08:38.0023 2656 bowser - ok
17:08:38.0039 2656 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:08:38.0070 2656 BrFiltLo - ok
17:08:38.0086 2656 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:08:38.0101 2656 BrFiltUp - ok
17:08:38.0132 2656 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
17:08:38.0164 2656 Brserid - ok
17:08:38.0210 2656 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
17:08:38.0226 2656 BrSerWdm - ok
17:08:38.0257 2656 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:08:38.0273 2656 BrUsbMdm - ok
17:08:38.0288 2656 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
17:08:38.0320 2656 BrUsbSer - ok
17:08:38.0351 2656 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
17:08:38.0398 2656 BTHMODEM - ok
17:08:38.0522 2656 catchme - ok
17:08:38.0554 2656 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
17:08:38.0600 2656 cdfs - ok
17:08:38.0663 2656 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
17:08:38.0678 2656 cdrom - ok
17:08:38.0725 2656 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
17:08:38.0741 2656 circlass - ok
17:08:38.0772 2656 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
17:08:38.0788 2656 CLFS - ok
17:08:38.0834 2656 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
17:08:38.0866 2656 CmBatt - ok
17:08:38.0881 2656 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
17:08:38.0897 2656 cmdide - ok
17:08:38.0912 2656 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
17:08:38.0944 2656 CNG - ok
17:08:38.0975 2656 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
17:08:38.0990 2656 Compbatt - ok
17:08:39.0022 2656 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:08:39.0053 2656 CompositeBus - ok
17:08:39.0100 2656 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
17:08:39.0115 2656 crcdisk - ok
17:08:39.0178 2656 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
17:08:39.0193 2656 DfsC - ok
17:08:39.0224 2656 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
17:08:39.0256 2656 discache - ok
17:08:39.0302 2656 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
17:08:39.0318 2656 Disk - ok
17:08:39.0349 2656 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
17:08:39.0396 2656 drmkaud - ok
17:08:39.0443 2656 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
17:08:39.0458 2656 DXGKrnl - ok
17:08:39.0490 2656 EagleNT - ok
17:08:39.0599 2656 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
17:08:39.0661 2656 ebdrv - ok
17:08:39.0708 2656 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
17:08:39.0724 2656 elxstor - ok
17:08:39.0739 2656 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
17:08:39.0770 2656 ErrDev - ok
17:08:39.0802 2656 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
17:08:39.0848 2656 exfat - ok
17:08:39.0864 2656 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
17:08:39.0911 2656 fastfat - ok
17:08:39.0958 2656 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
17:08:39.0989 2656 fdc - ok
17:08:40.0004 2656 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
17:08:40.0020 2656 FileInfo - ok
17:08:40.0036 2656 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
17:08:40.0067 2656 Filetrace - ok
17:08:40.0082 2656 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
17:08:40.0114 2656 flpydisk - ok
17:08:40.0129 2656 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
17:08:40.0145 2656 FltMgr - ok
17:08:40.0176 2656 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
17:08:40.0192 2656 FsDepends - ok
17:08:40.0223 2656 fssfltr (574cea4d3510ec905c0163c42d305ba5) C:\Windows\system32\DRIVERS\fssfltr.sys
17:08:40.0238 2656 fssfltr - ok
17:08:40.0270 2656 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
17:08:40.0270 2656 Fs_Rec - ok
17:08:40.0316 2656 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
17:08:40.0332 2656 fvevol - ok
17:08:40.0379 2656 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:08:40.0379 2656 gagp30kx - ok
17:08:40.0472 2656 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
17:08:40.0472 2656 hamachi - ok
17:08:40.0519 2656 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
17:08:40.0566 2656 hcw85cir - ok
17:08:40.0597 2656 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
17:08:40.0628 2656 HdAudAddService - ok
17:08:40.0644 2656 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:08:40.0675 2656 HDAudBus - ok
17:08:40.0706 2656 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
17:08:40.0738 2656 HidBatt - ok
17:08:40.0769 2656 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
17:08:40.0800 2656 HidBth - ok
17:08:40.0831 2656 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
17:08:40.0862 2656 HidIr - ok
17:08:40.0909 2656 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
17:08:40.0925 2656 HidUsb - ok
17:08:40.0972 2656 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:08:40.0987 2656 HpSAMD - ok
17:08:41.0018 2656 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
17:08:41.0065 2656 HTTP - ok
17:08:41.0096 2656 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
17:08:41.0096 2656 hwpolicy - ok
17:08:41.0112 2656 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
17:08:41.0143 2656 i8042prt - ok
17:08:41.0190 2656 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
17:08:41.0206 2656 iaStorV - ok
17:08:41.0362 2656 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
17:08:41.0440 2656 igfx - ok
17:08:41.0486 2656 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
17:08:41.0502 2656 iirsp - ok
17:08:41.0596 2656 IntcAzAudAddService (8832e6be80edfd3afcf9241aa982ad3c) C:\Windows\system32\drivers\RTKVHDA.sys
17:08:41.0642 2656 IntcAzAudAddService - ok
17:08:41.0658 2656 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
17:08:41.0674 2656 intelide - ok
17:08:41.0720 2656 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
17:08:41.0736 2656 intelppm - ok
17:08:41.0783 2656 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:08:41.0814 2656 IpFilterDriver - ok
17:08:41.0845 2656 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:08:41.0876 2656 IPMIDRV - ok
17:08:41.0908 2656 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
17:08:41.0939 2656 IPNAT - ok
17:08:41.0954 2656 irda (9f7e491fb0ba0f9e370163834fc1fe31) C:\Windows\system32\DRIVERS\irda.sys
17:08:41.0986 2656 irda - ok
17:08:42.0032 2656 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
17:08:42.0064 2656 IRENUM - ok
17:08:42.0095 2656 irsir (5896b5ff6332ab2be1582523e9656a67) C:\Windows\system32\DRIVERS\irsir.sys
17:08:42.0142 2656 irsir - ok
17:08:42.0313 2656 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
17:08:42.0313 2656 isapnp - ok
17:08:42.0344 2656 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
17:08:42.0360 2656 iScsiPrt - ok
17:08:42.0422 2656 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:08:42.0438 2656 kbdclass - ok
17:08:42.0469 2656 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
17:08:42.0500 2656 kbdhid - ok
17:08:42.0532 2656 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
17:08:42.0547 2656 KSecDD - ok
17:08:42.0578 2656 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
17:08:42.0594 2656 KSecPkg - ok
17:08:42.0641 2656 L1C (6c32bfeab708915d6bbf4b20d4f3ef7b) C:\Windows\system32\DRIVERS\L1C62x86.sys
17:08:42.0641 2656 L1C - ok
17:08:42.0688 2656 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
17:08:42.0719 2656 lltdio - ok
17:08:42.0781 2656 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:08:42.0797 2656 LSI_FC - ok
17:08:42.0812 2656 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:08:42.0828 2656 LSI_SAS - ok
17:08:42.0859 2656 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:08:42.0859 2656 LSI_SAS2 - ok
17:08:42.0890 2656 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:08:42.0906 2656 LSI_SCSI - ok
17:08:42.0922 2656 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
17:08:42.0968 2656 luafv - ok
17:08:43.0031 2656 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
17:08:43.0046 2656 megasas - ok
17:08:43.0062 2656 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
17:08:43.0078 2656 MegaSR - ok
17:08:43.0140 2656 mod7700 (89684cf71d4aef8ac0732318cda2d9d2) C:\Windows\system32\Drivers\mod7700.sys
17:08:43.0171 2656 mod7700 - ok
17:08:43.0202 2656 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
17:08:43.0234 2656 Modem - ok
17:08:43.0249 2656 MODRC (370e88453ec0d7bea6eb24be8d865dbe) C:\Windows\system32\DRIVERS\modrc.sys
17:08:43.0280 2656 MODRC - ok
17:08:43.0296 2656 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
17:08:43.0343 2656 monitor - ok
17:08:43.0390 2656 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
17:08:43.0390 2656 mouclass - ok
17:08:43.0421 2656 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
17:08:43.0452 2656 mouhid - ok
17:08:43.0468 2656 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
17:08:43.0483 2656 mountmgr - ok
17:08:43.0514 2656 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
17:08:43.0530 2656 mpio - ok
17:08:43.0546 2656 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
17:08:43.0561 2656 mpsdrv - ok
17:08:43.0577 2656 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
17:08:43.0608 2656 MRxDAV - ok
17:08:43.0670 2656 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:08:43.0686 2656 mrxsmb - ok
17:08:43.0733 2656 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:08:43.0733 2656 mrxsmb10 - ok
17:08:43.0748 2656 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:08:43.0764 2656 mrxsmb20 - ok
17:08:43.0795 2656 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
17:08:43.0811 2656 msahci - ok
17:08:43.0842 2656 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
17:08:43.0842 2656 msdsm - ok
17:08:43.0873 2656 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
17:08:43.0904 2656 Msfs - ok
17:08:43.0920 2656 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
17:08:43.0951 2656 mshidkmdf - ok
17:08:43.0998 2656 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
17:08:44.0014 2656 msisadrv - ok
17:08:44.0060 2656 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
17:08:44.0107 2656 MSKSSRV - ok
17:08:44.0107 2656 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
17:08:44.0154 2656 MSPCLOCK - ok
17:08:44.0185 2656 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
17:08:44.0201 2656 MSPQM - ok
17:08:44.0216 2656 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
17:08:44.0232 2656 MsRPC - ok
17:08:44.0263 2656 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
17:08:44.0279 2656 mssmbios - ok
17:08:44.0294 2656 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
17:08:44.0341 2656 MSTEE - ok
17:08:44.0372 2656 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
17:08:44.0372 2656 MTConfig - ok
17:08:44.0388 2656 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
17:08:44.0404 2656 Mup - ok
17:08:44.0435 2656 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
17:08:44.0482 2656 NativeWifiP - ok
17:08:44.0513 2656 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
17:08:44.0528 2656 NDIS - ok
17:08:44.0544 2656 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
17:08:44.0591 2656 NdisCap - ok
17:08:44.0622 2656 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
17:08:44.0669 2656 NdisTapi - ok
17:08:44.0700 2656 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
17:08:44.0716 2656 Ndisuio - ok
17:08:44.0747 2656 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
17:08:44.0778 2656 NdisWan - ok
17:08:44.0794 2656 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
17:08:44.0856 2656 NDProxy - ok
17:08:44.0872 2656 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
17:08:44.0918 2656 NetBIOS - ok
17:08:44.0934 2656 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
17:08:44.0981 2656 NetBT - ok
17:08:45.0043 2656 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
17:08:45.0059 2656 nfrd960 - ok
17:08:45.0106 2656 nmwcd (c82f4cc10ad315b6d6bcb14d0a7cad66) C:\Windows\system32\drivers\ccdcmb.sys
17:08:45.0168 2656 nmwcd - ok
17:08:45.0184 2656 nmwcdc (60ef5f5621d7832f00a3f190a0c905e2) C:\Windows\system32\drivers\ccdcmbo.sys
17:08:45.0230 2656 nmwcdc - ok
17:08:45.0246 2656 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
17:08:45.0293 2656 Npfs - ok
17:08:45.0293 2656 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
17:08:45.0340 2656 nsiproxy - ok
17:08:45.0418 2656 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
17:08:45.0433 2656 Ntfs - ok
17:08:45.0449 2656 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
17:08:45.0480 2656 Null - ok
17:08:45.0527 2656 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
17:08:45.0542 2656 nvraid - ok
17:08:45.0558 2656 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
17:08:45.0574 2656 nvstor - ok
17:08:45.0605 2656 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
17:08:45.0605 2656 nv_agp - ok
17:08:45.0652 2656 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
17:08:45.0683 2656 ohci1394 - ok
17:08:45.0730 2656 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
17:08:45.0761 2656 Parport - ok
17:08:45.0776 2656 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
17:08:45.0792 2656 partmgr - ok
17:08:45.0808 2656 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
17:08:45.0839 2656 Parvdm - ok
17:08:45.0870 2656 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
17:08:45.0886 2656 pci - ok
17:08:45.0901 2656 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
17:08:45.0917 2656 pciide - ok
17:08:45.0932 2656 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
17:08:45.0948 2656 pcmcia - ok
17:08:45.0964 2656 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
17:08:45.0979 2656 pcw - ok
17:08:46.0010 2656 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
17:08:46.0042 2656 PEAUTH - ok
17:08:46.0104 2656 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
17:08:46.0151 2656 PptpMiniport - ok
17:08:46.0182 2656 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
17:08:46.0213 2656 Processor - ok
17:08:46.0260 2656 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
17:08:46.0291 2656 Psched - ok
17:08:46.0338 2656 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
17:08:46.0369 2656 ql2300 - ok
17:08:46.0400 2656 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
17:08:46.0400 2656 ql40xx - ok
17:08:46.0432 2656 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
17:08:46.0447 2656 QWAVEdrv - ok
17:08:46.0463 2656 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
17:08:46.0494 2656 RasAcd - ok
17:08:46.0510 2656 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:08:46.0525 2656 RasAgileVpn - ok
17:08:46.0556 2656 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:08:46.0588 2656 Rasl2tp - ok
17:08:46.0634 2656 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
17:08:46.0666 2656 RasPppoe - ok
17:08:46.0697 2656 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
17:08:46.0744 2656 RasSstp - ok
17:08:46.0759 2656 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
17:08:46.0806 2656 rdbss - ok
17:08:46.0853 2656 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
17:08:46.0868 2656 rdpbus - ok
17:08:46.0884 2656 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:08:46.0900 2656 RDPCDD - ok
17:08:46.0931 2656 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
17:08:46.0962 2656 RDPENCDD - ok
17:08:46.0993 2656 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
17:08:47.0024 2656 RDPREFMP - ok
17:08:47.0040 2656 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
17:08:47.0056 2656 RDPWD - ok
17:08:47.0087 2656 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
17:08:47.0087 2656 rdyboost - ok
17:08:47.0134 2656 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
17:08:47.0165 2656 rspndr - ok
17:08:47.0196 2656 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
17:08:47.0258 2656 RTL8167 - ok
17:08:47.0305 2656 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
17:08:47.0305 2656 sbp2port - ok
17:08:47.0336 2656 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
17:08:47.0368 2656 scfilter - ok
17:08:47.0414 2656 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:08:47.0446 2656 secdrv - ok
17:08:47.0508 2656 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
17:08:47.0508 2656 Serenum - ok
17:08:47.0539 2656 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
17:08:47.0570 2656 Serial - ok
17:08:47.0602 2656 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
17:08:47.0633 2656 sermouse - ok
17:08:47.0695 2656 sfdrv01 (adeb7db47a6f3412283259176f408be5) C:\Windows\system32\drivers\sfdrv01.sys
17:08:47.0726 2656 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
17:08:47.0726 2656 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
17:08:47.0758 2656 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
17:08:47.0773 2656 sffdisk - ok
17:08:47.0789 2656 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:08:47.0820 2656 sffp_mmc - ok
17:08:47.0851 2656 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:08:47.0882 2656 sffp_sd - ok
17:08:47.0914 2656 sfhlp02 (c1376a954899d98488a19396ea3aae2b) C:\Windows\system32\drivers\sfhlp02.sys
17:08:47.0945 2656 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
17:08:47.0945 2656 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
17:08:47.0976 2656 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
17:08:47.0992 2656 sfloppy - ok
17:08:48.0023 2656 sfsync04 (7261f6191827134d249a6462d833af8d) C:\Windows\system32\drivers\sfsync04.sys
17:08:48.0038 2656 sfsync04 ( UnsignedFile.Multi.Generic ) - warning
17:08:48.0038 2656 sfsync04 - detected UnsignedFile.Multi.Generic (1)
17:08:48.0101 2656 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
17:08:48.0116 2656 sisagp - ok
17:08:48.0148 2656 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:08:48.0163 2656 SiSRaid2 - ok
17:08:48.0194 2656 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
17:08:48.0210 2656 SiSRaid4 - ok
17:08:48.0241 2656 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
17:08:48.0288 2656 Smb - ok
17:08:48.0335 2656 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
17:08:48.0335 2656 spldr - ok
17:08:48.0413 2656 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
17:08:48.0413 2656 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
17:08:48.0413 2656 sptd ( LockedFile.Multi.Generic ) - warning
17:08:48.0413 2656 sptd - detected LockedFile.Multi.Generic (1)
17:08:48.0444 2656 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
17:08:48.0460 2656 srv - ok
17:08:48.0491 2656 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
17:08:48.0522 2656 srv2 - ok
17:08:48.0538 2656 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
17:08:48.0569 2656 srvnet - ok
17:08:48.0616 2656 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
17:08:48.0631 2656 stexstor - ok
17:08:48.0662 2656 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
17:08:48.0678 2656 swenum - ok
17:08:48.0740 2656 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
17:08:48.0772 2656 Tcpip - ok
17:08:48.0818 2656 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
17:08:48.0834 2656 TCPIP6 - ok
17:08:48.0865 2656 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
17:08:48.0912 2656 tcpipreg - ok
17:08:48.0943 2656 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
17:08:48.0990 2656 TDPIPE - ok
17:08:49.0006 2656 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
17:08:49.0052 2656 TDTCP - ok
17:08:49.0084 2656 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
17:08:49.0115 2656 tdx - ok
17:08:49.0130 2656 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
17:08:49.0130 2656 TermDD - ok
17:08:49.0177 2656 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:08:49.0208 2656 tssecsrv - ok
17:08:49.0224 2656 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
17:08:49.0240 2656 tunnel - ok
17:08:49.0271 2656 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
17:08:49.0286 2656 uagp35 - ok
17:08:49.0302 2656 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
17:08:49.0349 2656 udfs - ok
17:08:49.0396 2656 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:08:49.0411 2656 uliagpkx - ok
17:08:49.0489 2656 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
17:08:49.0520 2656 umbus - ok
17:08:49.0552 2656 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
17:08:49.0583 2656 UmPass - ok
17:08:49.0645 2656 upperdev (bb16932a4189e82d6c455042c11849b6) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
17:08:49.0676 2656 upperdev - ok
17:08:49.0723 2656 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:49.0739 2656 usbccgp - ok
17:08:49.0770 2656 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
17:08:49.0770 2656 usbcir - ok
17:08:49.0817 2656 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
17:08:49.0848 2656 usbehci - ok
17:08:49.0879 2656 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
17:08:49.0895 2656 usbhub - ok
17:08:49.0910 2656 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
17:08:49.0942 2656 usbohci - ok
17:08:49.0973 2656 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
17:08:49.0988 2656 usbprint - ok
17:08:50.0051 2656 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
17:08:50.0066 2656 usbser - ok
17:08:50.0082 2656 UsbserFilt (e748d50b3b2ec7f40a2ba67fb094cf01) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
17:08:50.0098 2656 UsbserFilt - ok
17:08:50.0144 2656 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:50.0160 2656 USBSTOR - ok
17:08:50.0176 2656 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
17:08:50.0207 2656 usbuhci - ok
17:08:50.0254 2656 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:08:50.0269 2656 vdrvroot - ok
17:08:50.0300 2656 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:50.0316 2656 vga - ok
17:08:50.0332 2656 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
17:08:50.0363 2656 VgaSave - ok
17:08:50.0394 2656 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
17:08:50.0394 2656 vhdmp - ok
17:08:50.0441 2656 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
17:08:50.0456 2656 viaagp - ok
17:08:50.0472 2656 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
17:08:50.0503 2656 ViaC7 - ok
17:08:50.0519 2656 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
17:08:50.0534 2656 viaide - ok
17:08:50.0566 2656 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
17:08:50.0566 2656 volmgr - ok
17:08:50.0597 2656 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
17:08:50.0612 2656 volmgrx - ok
17:08:50.0644 2656 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
17:08:50.0659 2656 volsnap - ok
17:08:50.0690 2656 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
17:08:50.0706 2656 vsmraid - ok
17:08:50.0722 2656 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
17:08:50.0753 2656 vwifibus - ok
17:08:50.0784 2656 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
17:08:50.0800 2656 WacomPen - ok
17:08:50.0815 2656 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:08:50.0846 2656 WANARP - ok
17:08:50.0846 2656 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
17:08:50.0878 2656 Wanarpv6 - ok
17:08:50.0940 2656 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
17:08:50.0940 2656 Wd - ok
17:08:50.0971 2656 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:08:50.0987 2656 Wdf01000 - ok
17:08:51.0034 2656 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
17:08:51.0080 2656 WfpLwf - ok
17:08:51.0096 2656 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
17:08:51.0112 2656 WIMMount - ok
17:08:51.0190 2656 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
17:08:51.0205 2656 WinUsb - ok
17:08:51.0252 2656 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:08:51.0268 2656 WmiAcpi - ok
17:08:51.0314 2656 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
17:08:51.0361 2656 ws2ifsl - ok
17:08:51.0408 2656 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
17:08:51.0455 2656 WudfPf - ok
17:08:51.0486 2656 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:51.0533 2656 WUDFRd - ok
17:08:51.0580 2656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:08:51.0689 2656 \Device\Harddisk0\DR0 - ok
17:08:51.0689 2656 Boot (0x1200) (8fcac07409501f8ed17496687e8b12a0) \Device\Harddisk0\DR0\Partition0
17:08:51.0689 2656 \Device\Harddisk0\DR0\Partition0 - ok
17:08:51.0720 2656 Boot (0x1200) (88b560c3dffcb0623b111e492bb5e8b6) \Device\Harddisk0\DR0\Partition1
17:08:51.0720 2656 \Device\Harddisk0\DR0\Partition1 - ok
17:08:51.0720 2656 ============================================================
17:08:51.0720 2656 Scan finished
17:08:51.0720 2656 ============================================================
17:08:51.0736 2136 Detected object count: 5
17:08:51.0736 2136 Actual detected object count: 5
17:09:48.0364 2136 aswRdr ( ForgedFile.Multi.Generic ) - skipped by user
17:09:48.0364 2136 aswRdr ( ForgedFile.Multi.Generic ) - User select action: Skip
17:09:48.0379 2136 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:48.0379 2136 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:48.0379 2136 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:48.0379 2136 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:48.0379 2136 sfsync04 ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:48.0379 2136 sfsync04 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:48.0379 2136 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:09:48.0379 2136 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Re: Win 7 Security 2012

Napsal: 01 led 2012 17:22
od Abcak
Na ploše se mi objevily dva textové soubory:desktop.ini;desktop.ini

To je co zač??


A chtěl sem se zeptat jaký antivir by jste mi doporučil.

Re: Win 7 Security 2012

Napsal: 01 led 2012 17:41
od Abcak
Antivirus Version Last Update Result
AhnLab-V3 2012.01.01.00 2012.01.01 -
AntiVir 7.11.20.97 2011.12.30 -
Antiy-AVL 2.0.3.7 2012.01.01 -
Avast 6.0.1289.0 2012.01.01 -
AVG 10.0.0.1190 2012.01.01 -
BitDefender 7.2 2012.01.01 -
ByteHero 1.0.0.1 2011.12.31 -
CAT-QuickHeal 12.00 2012.01.01 -
ClamAV 0.97.3.0 2012.01.01 -
Commtouch 5.3.2.6 2012.01.01 -
Comodo 11159 2012.01.01 -
DrWeb 5.0.2.03300 2012.01.01 -
Emsisoft 5.1.0.11 2012.01.01 -
eSafe 7.0.17.0 2011.12.29 -
eTrust-Vet 37.0.9655 2011.12.30 -
F-Prot 4.6.5.141 2012.01.01 -
F-Secure 9.0.16440.0 2012.01.01 -
Fortinet 4.3.388.0 2012.01.01 -
GData 22.327/22.618 2012.01.01 -
Ikarus T3.1.1.109.0 2011.12.31 -
Jiangmin 13.0.900 2012.01.01 -
K7AntiVirus 9.123.5823 2011.12.31 -
Kaspersky 9.0.0.837 2012.01.01 -
McAfee 5.400.0.1158 2012.01.01 -
McAfee-GW-Edition 2010.1E 2012.01.01 -
Microsoft 1.7903 2012.01.01 -
NOD32 6758 2012.01.01 -
Norman 6.07.13 2012.01.01 -
nProtect 2012-01-01.01 2012.01.01 -
Panda 10.0.3.5 2012.01.01 -
PCTools 8.0.0.5 2012.01.01 -
Prevx 3.0 2012.01.01 -
Rising 23.90.05.01 2011.12.31 -
Sophos 4.72.0 2012.01.01 -
SUPERAntiSpyware 4.40.0.1006 2011.12.30 -
Symantec 20111.2.0.82 2012.01.01 -
TheHacker 6.7.0.1.368 2011.12.31 -
TrendMicro 9.500.0.1008 2012.01.01 -
TrendMicro-HouseCall 9.500.0.1008 2012.01.01 -
VBA32 3.12.16.4 2011.12.30 -
VIPRE 11337 2012.01.01 -
ViRobot 2011.12.31.4857 2012.01.01 -
VirusBuster 14.1.143.0 2011.12.31 -

Re: Win 7 Security 2012

Napsal: 01 led 2012 17:43
od Abcak
když chci nainstalovat avast tak to napíše:An error 0 (00000000) has occured. Last performed operation was:spawning

Re: Win 7 Security 2012

Napsal: 01 led 2012 17:47
od Abcak
je to zpět :cry: :cry: :cry: :cry: :cry: :cry: :cry:

Re: Win 7 Security 2012

Napsal: 01 led 2012 17:51
od Abcak
Ne, ten avast sem ani nezačal. Je zpět ten hajzl Win 7 Antispyware(prozměnu) 2012 :cry: :cry: :cry:
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz