Dobrý den,
mám problémy s Combofix, se kterým se snažím odstranit problém s infekcí URL:Mal, který mi hlásí avast.
Ačkoli jsem před použitím deaktivoval všechny bezpečnostní programy, tj. avast a firewall a postupoval dle originálního návodu, při průběhu jednotlivých fází programu se mi objevilo, že nastal problém a program se z bezpečnostních důvodů ukončil a restartoval windows. Ten sice naběhl, ale také se mě po spůštění na ploše objevila hláška, že Windows Defender nepodařil inicializovat aplikaci: 0x80070006. Neplatný popisovač.
Prosím o radu jak dokončit prohledání virů pomocí Combofix a zda jsem předchozím pokusem nezpůsobil nějaký vážný problém.
Předem velice děkuji
Honza
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Combofix
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Combofix
Ahoj,
O tom že by mi mohl pomoci Combofix jsem se dočetl tuším na tomto foru.
Udělal jsem ještě to, že jsem si odinstaloval Windows Defender a projel to znovu. Teď se již podařilo projet všech 50 fází prohledávání virů, až se objevila hláška „mažu soubory“. V tu chvíli se opět program ukončil a restartoval se počítač.
Závěrečný log se tedy neobjevil, ale co je pozitívní, po spůštění internetového prohlížeče již nevyskakuje okno s tím že avast zablokoval URL:Mal
Stejně bych to ale raději nechal komplet znovu projet a poslal Vám výstup.
Předem díky
Honza
O tom že by mi mohl pomoci Combofix jsem se dočetl tuším na tomto foru.
Udělal jsem ještě to, že jsem si odinstaloval Windows Defender a projel to znovu. Teď se již podařilo projet všech 50 fází prohledávání virů, až se objevila hláška „mažu soubory“. V tu chvíli se opět program ukončil a restartoval se počítač.
Závěrečný log se tedy neobjevil, ale co je pozitívní, po spůštění internetového prohlížeče již nevyskakuje okno s tím že avast zablokoval URL:Mal
Stejně bych to ale raději nechal komplet znovu projet a poslal Vám výstup.
Předem díky
Honza
Re: Combofix
Tak to se omlouvám, souhlasím že jsem se měl na Vás obrátit dříve.
Omlouvám se, ale nejsem počítačový odborník, můžete mi i pomoci s tím jak mám Cf scripty vytvořit?
H.
Omlouvám se, ale nejsem počítačový odborník, můžete mi i pomoci s tím jak mám Cf scripty vytvořit?
H.
Re: Combofix
asi vypadám jako debil, ale nejde mi to.
Vytvořil jsem textový sobor do které ho jsem vepsal uvedené 3 řádky. Toto jsem uložil poprvé jako CFScript.txt a podruhé bez txt, což po najetí na CF dopadlo, tak že se spustil program který opětovně spadl.
Mimochodem už mi tu zase skáče vyskakovací okno hlásící virus.
Vidím to tak, že pokud mi to nedokážeš nějako step by step popsat tak to budu muset nechat někomu kdo tomu bude víc rozumět.
Jak jsem psal fakt nejsem programátor nebo IT, takže se nemůžeš divit že to neznám.
H
Vytvořil jsem textový sobor do které ho jsem vepsal uvedené 3 řádky. Toto jsem uložil poprvé jako CFScript.txt a podruhé bez txt, což po najetí na CF dopadlo, tak že se spustil program který opětovně spadl.
Mimochodem už mi tu zase skáče vyskakovací okno hlásící virus.
Vidím to tak, že pokud mi to nedokážeš nějako step by step popsat tak to budu muset nechat někomu kdo tomu bude víc rozumět.
Jak jsem psal fakt nejsem programátor nebo IT, takže se nemůžeš divit že to neznám.
H
Re: Combofix
Ahoj,
dříve jsem se k počítači nedostal.
TDSSKiller mi tam objevil nějaký vir. Než pošlu obsah logu, můžu se jen zeptat zda je bezpečné dávat sem jeho kompletní obsah (název počítače atd.)?
H
dříve jsem se k počítači nedostal.
TDSSKiller mi tam objevil nějaký vir. Než pošlu obsah logu, můžu se jen zeptat zda je bezpečné dávat sem jeho kompletní obsah (název počítače atd.)?
H
Re: Combofix
Je, nejsme žádní hackeři.
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Combofix
OTL Extras logfile created on: 30.12.2012 15:59:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\x\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
510,42 Mb Total Physical Memory | 171,87 Mb Available Physical Memory | 33,67% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,71% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 33,42 Gb Free Space | 57,04% Space Free | Partition Type: NTFS
Drive D: | 174,28 Gb Total Space | 31,93 Gb Free Space | 18,32% Space Free | Partition Type: NTFS
.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Dokumenty\PROGRAMY\dc strong\StrongDC.exe" = D:\Dokumenty\PROGRAMY\dc strong\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{43EE631D-41BB-4A05-8709-F5A8C3E9A6CF}" = STORMWARE POHODA CZ Start
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C0A141D-8F4F-4044-A1A8-992F895C1BB0}" = STORMWARE POHODA CZ Start
"{7173DBE9-1FC7-48AA-B4B5-8E7BFE388325}" = Testy Autoškola
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8D774B5B-A1D9-45B3-AFB4-3F85604961BC}" = ODF Add-in for Microsoft Word
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{97A1DE36-FE84-49A9-B281-84AB02EBDBC6}" = STORMWARE POHODA CZ Start
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{BAB4FCEE-B3F0-4E36-AA2B-40D2F843DC66}" = ODF Add-in for Microsoft Excel
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}" = Opera 9.52
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Balíček ovladače systému Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Balíček ovladače systému Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Ares" = Ares 2.1.6
"avast" = avast! Free Antivirus
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileSee_is1" = FileSee 6.6
"ie8" = Windows Internet Explorer 8
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KONICA MINOLTA PagePro 1400W" = KONICA MINOLTA PagePro 1400W
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM KenDASS Pack_is1" = Miranda IM KenDASS Pack v4.1
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"WinGimp-2.0_is1" = GIMP 2.6.11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"PhotoFiltre Studio X" = PhotoFiltre Studio X
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8.12.2012 13:43:25 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.
Error - 8.12.2012 13:43:25 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.
Error - 8.12.2012 13:44:17 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131075
Description = Načtení automatické aktualizace souboru CAB kořenového seznamu jiného
výrobce z: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.
Error - 8.12.2012 13:44:32 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.
Error - 15.12.2012 14:15:28 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Neplatné údaje.
Error - 27.12.2012 13:51:35 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved
Error - 27.12.2012 14:35:32 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved
Error - 27.12.2012 15:48:18 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved
Error - 30.12.2012 10:38:36 | Computer Name = X-9ACA0063EA2B4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 30.12.2012 10:38:37 | Computer Name = X-9ACA0063EA2B4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 27.12.2012 17:17:30 | Computer Name = X-9ACA0063EA2B4 | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 f8e95288, parametr3
f8e956a0, parametr4 1a830001.
Error - 27.12.2012 17:17:41 | Computer Name = X-9ACA0063EA2B4 | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 81db5268, parametr3
81db5680, parametr4 1a830002.
Error - 27.12.2012 17:20:01 | Computer Name = X-9ACA0063EA2B4 | Source = Service Control Manager | ID = 7031
Description = Služba avast! Antivirus byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error - 28.12.2012 8:26:14 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek C: spustit nástroj chkdsk.
Error - 28.12.2012 8:26:14 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 28.12.2012 8:26:14 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 3:40:33 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 3:40:33 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 10:32:27 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 10:32:27 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\x\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
510,42 Mb Total Physical Memory | 171,87 Mb Available Physical Memory | 33,67% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,71% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 33,42 Gb Free Space | 57,04% Space Free | Partition Type: NTFS
Drive D: | 174,28 Gb Total Space | 31,93 Gb Free Space | 18,32% Space Free | Partition Type: NTFS
.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Dokumenty\PROGRAMY\dc strong\StrongDC.exe" = D:\Dokumenty\PROGRAMY\dc strong\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{43EE631D-41BB-4A05-8709-F5A8C3E9A6CF}" = STORMWARE POHODA CZ Start
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C0A141D-8F4F-4044-A1A8-992F895C1BB0}" = STORMWARE POHODA CZ Start
"{7173DBE9-1FC7-48AA-B4B5-8E7BFE388325}" = Testy Autoškola
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8D774B5B-A1D9-45B3-AFB4-3F85604961BC}" = ODF Add-in for Microsoft Word
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{97A1DE36-FE84-49A9-B281-84AB02EBDBC6}" = STORMWARE POHODA CZ Start
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{BAB4FCEE-B3F0-4E36-AA2B-40D2F843DC66}" = ODF Add-in for Microsoft Excel
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}" = Opera 9.52
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Balíček ovladače systému Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Balíček ovladače systému Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"Ares" = Ares 2.1.6
"avast" = avast! Free Antivirus
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileSee_is1" = FileSee 6.6
"ie8" = Windows Internet Explorer 8
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KONICA MINOLTA PagePro 1400W" = KONICA MINOLTA PagePro 1400W
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM KenDASS Pack_is1" = Miranda IM KenDASS Pack v4.1
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"WinGimp-2.0_is1" = GIMP 2.6.11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"PhotoFiltre Studio X" = PhotoFiltre Studio X
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8.12.2012 13:43:25 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.
Error - 8.12.2012 13:43:25 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.
Error - 8.12.2012 13:44:17 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131075
Description = Načtení automatické aktualizace souboru CAB kořenového seznamu jiného
výrobce z: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.
Error - 8.12.2012 13:44:32 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.
Error - 15.12.2012 14:15:28 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Neplatné údaje.
Error - 27.12.2012 13:51:35 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved
Error - 27.12.2012 14:35:32 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved
Error - 27.12.2012 15:48:18 | Computer Name = X-9ACA0063EA2B4 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved
Error - 30.12.2012 10:38:36 | Computer Name = X-9ACA0063EA2B4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 30.12.2012 10:38:37 | Computer Name = X-9ACA0063EA2B4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 27.12.2012 17:17:30 | Computer Name = X-9ACA0063EA2B4 | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 f8e95288, parametr3
f8e956a0, parametr4 1a830001.
Error - 27.12.2012 17:17:41 | Computer Name = X-9ACA0063EA2B4 | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 81db5268, parametr3
81db5680, parametr4 1a830002.
Error - 27.12.2012 17:20:01 | Computer Name = X-9ACA0063EA2B4 | Source = Service Control Manager | ID = 7031
Description = Služba avast! Antivirus byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error - 28.12.2012 8:26:14 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek C: spustit nástroj chkdsk.
Error - 28.12.2012 8:26:14 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 28.12.2012 8:26:14 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 3:40:33 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 3:40:33 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 10:32:27 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
Error - 30.12.2012 10:32:27 | Computer Name = X-9ACA0063EA2B4 | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozena a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.
< End of report >
Re: Combofix
15:51:15.0234 5260 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:51:15.0531 5260 ============================================================
15:51:15.0531 5260 Current date / time: 2012/12/30 15:51:15.0531
15:51:15.0531 5260 SystemInfo:
15:51:15.0531 5260
15:51:15.0531 5260 OS Version: 5.1.2600 ServicePack: 3.0
15:51:15.0531 5260 Product type: Workstation
15:51:15.0531 5260 ComputerName:
15:51:15.0531 5260 UserName:
15:51:15.0531 5260 Windows directory: C:\WINDOWS
15:51:15.0531 5260 System windows directory: C:\WINDOWS
15:51:15.0531 5260 Processor architecture: Intel x86
15:51:15.0531 5260 Number of processors: 2
15:51:15.0531 5260 Page size: 0x1000
15:51:15.0531 5260 Boot type: Normal boot
15:51:15.0531 5260 ============================================================
15:51:16.0109 5260 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
15:51:16.0125 5260 ============================================================
15:51:16.0125 5260 \Device\Harddisk0\DR0:
15:51:16.0125 5260 MBR partitions:
15:51:16.0125 5260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7530462
15:51:16.0140 5260 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x75304E0, BlocksNum 0x15C901E0
15:51:16.0140 5260 ============================================================
15:51:16.0156 5260 C: <-> \Device\Harddisk0\DR0\Partition1
15:51:16.0187 5260 D: <-> \Device\Harddisk0\DR0\Partition2
15:51:16.0218 5260 ============================================================
15:51:16.0218 5260 Initialize success
15:51:16.0218 5260 ============================================================
15:51:18.0078 5320 ============================================================
15:51:18.0078 5320 Scan started
15:51:18.0078 5320 Mode: Manual;
15:51:18.0078 5320 ============================================================
15:51:18.0515 5320 ================ Scan system memory ========================
15:51:18.0531 5320 System memory - ok
15:51:18.0531 5320 ================ Scan services =============================
15:51:18.0671 5320 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
15:51:18.0671 5320 Aavmker4 - ok
15:51:18.0671 5320 Abiosdsk - ok
15:51:18.0671 5320 abp480n5 - ok
15:51:18.0703 5320 [ 7A2A462B010B4E4AF79A1B5D42D33D06 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:51:18.0703 5320 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: 7A2A462B010B4E4AF79A1B5D42D33D06, Fake md5: 4FE34F1F3126B61FCC6B2043AA8112C9
15:51:18.0703 5320 ACPI ( Virus.Win32.Rloader.a ) - infected
15:51:18.0703 5320 ACPI - detected Virus.Win32.Rloader.a (0)
15:51:18.0734 5320 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:51:18.0734 5320 ACPIEC - ok
15:51:18.0750 5320 adpu160m - ok
15:51:18.0765 5320 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:51:18.0781 5320 aec - ok
15:51:18.0812 5320 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:51:18.0812 5320 AFD - ok
15:51:18.0828 5320 Aha154x - ok
15:51:18.0828 5320 aic78u2 - ok
15:51:18.0828 5320 aic78xx - ok
15:51:18.0859 5320 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:51:18.0859 5320 Alerter - ok
15:51:18.0890 5320 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
15:51:18.0890 5320 ALG - ok
15:51:18.0890 5320 AliIde - ok
15:51:18.0906 5320 amsint - ok
15:51:18.0921 5320 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:51:18.0921 5320 AppMgmt - ok
15:51:18.0937 5320 asc - ok
15:51:18.0937 5320 asc3350p - ok
15:51:18.0937 5320 asc3550 - ok
15:51:19.0000 5320 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:51:19.0031 5320 aspnet_state - ok
15:51:19.0062 5320 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:51:19.0062 5320 aswFsBlk - ok
15:51:19.0062 5320 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
15:51:19.0078 5320 aswMon2 - ok
15:51:19.0078 5320 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
15:51:19.0093 5320 AswRdr - ok
15:51:19.0109 5320 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:51:19.0125 5320 aswSnx - ok
15:51:19.0156 5320 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:51:19.0171 5320 aswSP - ok
15:51:19.0187 5320 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
15:51:19.0187 5320 aswTdi - ok
15:51:19.0203 5320 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:51:19.0203 5320 AsyncMac - ok
15:51:19.0218 5320 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:51:19.0234 5320 atapi - ok
15:51:19.0234 5320 Atdisk - ok
15:51:19.0265 5320 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:51:19.0265 5320 Atmarpc - ok
15:51:19.0281 5320 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:51:19.0281 5320 AudioSrv - ok
15:51:19.0296 5320 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:51:19.0296 5320 audstub - ok
15:51:19.0359 5320 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:51:19.0359 5320 avast! Antivirus - ok
15:51:19.0390 5320 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:51:19.0390 5320 Beep - ok
15:51:19.0421 5320 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
15:51:19.0468 5320 BITS - ok
15:51:19.0500 5320 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
15:51:19.0500 5320 Browser - ok
15:51:19.0578 5320 catchme - ok
15:51:19.0609 5320 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:51:19.0609 5320 cbidf2k - ok
15:51:19.0609 5320 cd20xrnt - ok
15:51:19.0625 5320 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:51:19.0625 5320 Cdaudio - ok
15:51:19.0640 5320 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:51:19.0640 5320 Cdfs - ok
15:51:19.0671 5320 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:51:19.0671 5320 Cdrom - ok
15:51:19.0671 5320 Changer - ok
15:51:19.0687 5320 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:51:19.0687 5320 CiSvc - ok
15:51:19.0703 5320 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:51:19.0703 5320 ClipSrv - ok
15:51:19.0734 5320 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:19.0765 5320 clr_optimization_v2.0.50727_32 - ok
15:51:19.0765 5320 CmdIde - ok
15:51:19.0781 5320 COMSysApp - ok
15:51:19.0781 5320 Cpqarray - ok
15:51:19.0812 5320 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:51:19.0812 5320 CryptSvc - ok
15:51:19.0812 5320 dac2w2k - ok
15:51:19.0828 5320 dac960nt - ok
15:51:19.0859 5320 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:51:19.0875 5320 DcomLaunch - ok
15:51:19.0890 5320 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:51:19.0890 5320 Dhcp - ok
15:51:19.0906 5320 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:51:19.0906 5320 Disk - ok
15:51:19.0906 5320 dmadmin - ok
15:51:19.0937 5320 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:51:19.0968 5320 dmboot - ok
15:51:19.0968 5320 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:51:19.0984 5320 dmio - ok
15:51:20.0000 5320 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:51:20.0000 5320 dmload - ok
15:51:20.0015 5320 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:51:20.0015 5320 dmserver - ok
15:51:20.0031 5320 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:51:20.0031 5320 DMusic - ok
15:51:20.0046 5320 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:51:20.0046 5320 Dnscache - ok
15:51:20.0062 5320 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:51:20.0062 5320 Dot3svc - ok
15:51:20.0078 5320 dpti2o - ok
15:51:20.0093 5320 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:51:20.0093 5320 drmkaud - ok
15:51:20.0109 5320 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:51:20.0109 5320 EapHost - ok
15:51:20.0109 5320 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:51:20.0125 5320 ERSvc - ok
15:51:20.0140 5320 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
15:51:20.0171 5320 Eventlog - ok
15:51:20.0203 5320 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
15:51:20.0218 5320 EventSystem - ok
15:51:20.0250 5320 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:51:20.0265 5320 Fastfat - ok
15:51:20.0296 5320 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:51:20.0312 5320 FastUserSwitchingCompatibility - ok
15:51:20.0312 5320 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:51:20.0312 5320 Fdc - ok
15:51:20.0343 5320 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:51:20.0343 5320 Fips - ok
15:51:20.0343 5320 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:51:20.0343 5320 Flpydisk - ok
15:51:20.0375 5320 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:51:20.0390 5320 FltMgr - ok
15:51:20.0421 5320 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:51:20.0421 5320 FontCache3.0.0.0 - ok
15:51:20.0453 5320 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
15:51:20.0453 5320 FsUsbExDisk - ok
15:51:20.0468 5320 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
15:51:20.0484 5320 FsUsbExService - ok
15:51:20.0484 5320 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:51:20.0484 5320 Fs_Rec - ok
15:51:20.0500 5320 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:51:20.0500 5320 Ftdisk - ok
15:51:20.0531 5320 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:51:20.0531 5320 Gpc - ok
15:51:20.0578 5320 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:51:20.0593 5320 gupdate - ok
15:51:20.0593 5320 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:51:20.0593 5320 gupdatem - ok
15:51:20.0625 5320 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:51:20.0625 5320 gusvc - ok
15:51:20.0671 5320 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:51:20.0671 5320 HDAudBus - ok
15:51:20.0703 5320 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:51:20.0703 5320 helpsvc - ok
15:51:20.0718 5320 HidServ - ok
15:51:20.0750 5320 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:51:20.0750 5320 hkmsvc - ok
15:51:20.0765 5320 hpn - ok
15:51:20.0781 5320 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:51:20.0781 5320 HTTP - ok
15:51:20.0812 5320 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:51:20.0828 5320 HTTPFilter - ok
15:51:20.0828 5320 i2omgmt - ok
15:51:20.0828 5320 i2omp - ok
15:51:20.0828 5320 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:51:20.0843 5320 i8042prt - ok
15:51:20.0906 5320 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:51:20.0921 5320 idsvc - ok
15:51:20.0968 5320 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:51:20.0968 5320 Imapi - ok
15:51:20.0984 5320 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:51:21.0000 5320 ImapiService - ok
15:51:21.0000 5320 ini910u - ok
15:51:21.0171 5320 [ B2957D6C1226F029230DAC2C46D34286 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:51:21.0281 5320 IntcAzAudAddService - ok
15:51:21.0281 5320 IntelIde - ok
15:51:21.0296 5320 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:51:21.0296 5320 intelppm - ok
15:51:21.0312 5320 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:51:21.0312 5320 Ip6Fw - ok
15:51:21.0328 5320 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:51:21.0328 5320 IpFilterDriver - ok
15:51:21.0343 5320 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:51:21.0343 5320 IpInIp - ok
15:51:21.0375 5320 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:51:21.0375 5320 IpNat - ok
15:51:21.0375 5320 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:51:21.0375 5320 IPSec - ok
15:51:21.0406 5320 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:51:21.0406 5320 IRENUM - ok
15:51:21.0421 5320 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:51:21.0421 5320 isapnp - ok
15:51:21.0437 5320 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:51:21.0453 5320 JavaQuickStarterService - ok
15:51:21.0468 5320 [ BDCE08E413C98720D23D0A4CD74F6E0C ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
15:51:21.0468 5320 JRAID - ok
15:51:21.0515 5320 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:51:21.0515 5320 Kbdclass - ok
15:51:21.0531 5320 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:51:21.0531 5320 kmixer - ok
15:51:21.0562 5320 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:51:21.0562 5320 KSecDD - ok
15:51:21.0578 5320 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
15:51:21.0593 5320 LanmanServer - ok
15:51:21.0625 5320 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:51:21.0640 5320 lanmanworkstation - ok
15:51:21.0640 5320 lbrtfdc - ok
15:51:21.0671 5320 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:51:21.0671 5320 LmHosts - ok
15:51:21.0687 5320 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:51:21.0703 5320 Messenger - ok
15:51:21.0734 5320 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:51:21.0734 5320 mnmdd - ok
15:51:21.0750 5320 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:51:21.0750 5320 mnmsrvc - ok
15:51:21.0781 5320 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:51:21.0781 5320 Modem - ok
15:51:21.0781 5320 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:51:21.0796 5320 Mouclass - ok
15:51:21.0796 5320 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:51:21.0796 5320 MountMgr - ok
15:51:21.0796 5320 mraid35x - ok
15:51:21.0812 5320 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:51:21.0828 5320 MRxDAV - ok
15:51:21.0859 5320 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:51:21.0859 5320 MRxSmb - ok
15:51:21.0890 5320 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:51:21.0890 5320 MSDTC - ok
15:51:21.0906 5320 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:51:21.0906 5320 Msfs - ok
15:51:21.0906 5320 MSIServer - ok
15:51:21.0921 5320 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:51:21.0921 5320 MSKSSRV - ok
15:51:21.0937 5320 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:51:21.0937 5320 MSPCLOCK - ok
15:51:21.0937 5320 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:51:21.0937 5320 MSPQM - ok
15:51:21.0968 5320 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:51:21.0968 5320 mssmbios - ok
15:51:21.0984 5320 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:51:21.0984 5320 Mup - ok
15:51:22.0015 5320 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:51:22.0031 5320 napagent - ok
15:51:22.0046 5320 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:51:22.0062 5320 NDIS - ok
15:51:22.0062 5320 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:51:22.0078 5320 NdisTapi - ok
15:51:22.0078 5320 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:51:22.0078 5320 Ndisuio - ok
15:51:22.0093 5320 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:51:22.0093 5320 NdisWan - ok
15:51:22.0109 5320 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:51:22.0109 5320 NDProxy - ok
15:51:22.0109 5320 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:51:22.0125 5320 NetBIOS - ok
15:51:22.0140 5320 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:51:22.0140 5320 NetBT - ok
15:51:22.0156 5320 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
15:51:22.0171 5320 NetDDE - ok
15:51:22.0171 5320 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:51:22.0187 5320 NetDDEdsdm - ok
15:51:22.0203 5320 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:51:22.0203 5320 Netlogon - ok
15:51:22.0218 5320 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
15:51:22.0234 5320 Netman - ok
15:51:22.0250 5320 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:51:22.0265 5320 NetTcpPortSharing - ok
15:51:22.0281 5320 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
15:51:22.0312 5320 Nla - ok
15:51:22.0328 5320 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\NPF.sys
15:51:22.0328 5320 NPF - ok
15:51:22.0343 5320 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:51:22.0343 5320 Npfs - ok
15:51:22.0359 5320 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:51:22.0375 5320 Ntfs - ok
15:51:22.0375 5320 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:51:22.0375 5320 NtLmSsp - ok
15:51:22.0406 5320 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:51:22.0421 5320 NtmsSvc - ok
15:51:22.0453 5320 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:51:22.0453 5320 Null - ok
15:51:22.0671 5320 [ 8C0456001B6900114BBB1C548BD8AAF5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:51:22.0843 5320 nv - ok
15:51:22.0859 5320 [ 472A00D2183C9E5EDB3E076272741812 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:51:22.0875 5320 NVSvc - ok
15:51:22.0890 5320 [ ADB82FBC435AE7504082B3C714C3885D ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
15:51:22.0906 5320 NWCWorkstation - ok
15:51:22.0906 5320 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:51:22.0921 5320 NwlnkFlt - ok
15:51:22.0937 5320 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:51:22.0937 5320 NwlnkFwd - ok
15:51:22.0968 5320 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:51:22.0968 5320 NwlnkIpx - ok
15:51:22.0984 5320 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:51:23.0000 5320 NwlnkNb - ok
15:51:23.0015 5320 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:51:23.0015 5320 NwlnkSpx - ok
15:51:23.0031 5320 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
15:51:23.0031 5320 NWRDR - ok
15:51:23.0140 5320 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:51:23.0156 5320 odserv - ok
15:51:23.0187 5320 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:51:23.0187 5320 ose - ok
15:51:23.0203 5320 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:51:23.0218 5320 Parport - ok
15:51:23.0218 5320 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:51:23.0218 5320 PartMgr - ok
15:51:23.0234 5320 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:51:23.0250 5320 ParVdm - ok
15:51:23.0265 5320 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:51:23.0265 5320 pccsmcfd - ok
15:51:23.0281 5320 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:51:23.0296 5320 PCI - ok
15:51:23.0296 5320 PCIDump - ok
15:51:23.0328 5320 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:51:23.0328 5320 PCIIde - ok
15:51:23.0359 5320 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:51:23.0359 5320 Pcmcia - ok
15:51:23.0359 5320 PDCOMP - ok
15:51:23.0375 5320 PDFRAME - ok
15:51:23.0375 5320 PDRELI - ok
15:51:23.0375 5320 PDRFRAME - ok
15:51:23.0390 5320 perc2 - ok
15:51:23.0390 5320 perc2hib - ok
15:51:23.0531 5320 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
15:51:23.0546 5320 PEVSystemStart - ok
15:51:23.0562 5320 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
15:51:23.0562 5320 PlugPlay - ok
15:51:23.0578 5320 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:51:23.0593 5320 PolicyAgent - ok
15:51:23.0625 5320 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:51:23.0625 5320 PptpMiniport - ok
15:51:23.0625 5320 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:51:23.0625 5320 ProtectedStorage - ok
15:51:23.0640 5320 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:51:23.0640 5320 PSched - ok
15:51:23.0656 5320 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:51:23.0656 5320 Ptilink - ok
15:51:23.0656 5320 ql1080 - ok
15:51:23.0656 5320 Ql10wnt - ok
15:51:23.0671 5320 ql12160 - ok
15:51:23.0671 5320 ql1240 - ok
15:51:23.0671 5320 ql1280 - ok
15:51:23.0687 5320 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:51:23.0687 5320 RasAcd - ok
15:51:23.0703 5320 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:51:23.0718 5320 RasAuto - ok
15:51:23.0734 5320 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:51:23.0750 5320 Rasl2tp - ok
15:51:23.0750 5320 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:51:23.0765 5320 RasMan - ok
15:51:23.0781 5320 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:51:23.0781 5320 RasPppoe - ok
15:51:23.0796 5320 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:51:23.0796 5320 Raspti - ok
15:51:23.0828 5320 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:51:23.0828 5320 Rdbss - ok
15:51:23.0828 5320 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:51:23.0828 5320 RDPCDD - ok
15:51:23.0859 5320 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:51:23.0859 5320 rdpdr - ok
15:51:23.0890 5320 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:51:23.0890 5320 RDPWD - ok
15:51:23.0906 5320 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:51:23.0921 5320 RDSessMgr - ok
15:51:23.0953 5320 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:51:23.0953 5320 redbook - ok
15:51:23.0968 5320 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:51:23.0984 5320 RemoteAccess - ok
15:51:24.0000 5320 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:51:24.0000 5320 RemoteRegistry - ok
15:51:24.0015 5320 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:51:24.0015 5320 RpcLocator - ok
15:51:24.0046 5320 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:51:24.0046 5320 RpcSs - ok
15:51:24.0062 5320 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:51:24.0062 5320 RSVP - ok
15:51:24.0078 5320 [ E10F6C9BD09D8DAE26E29D52C65E6E0F ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
15:51:24.0078 5320 RTL8023xp - ok
15:51:24.0093 5320 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
15:51:24.0093 5320 SamSs - ok
15:51:24.0109 5320 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:51:24.0109 5320 SCardSvr - ok
15:51:24.0140 5320 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:51:24.0156 5320 Schedule - ok
15:51:24.0156 5320 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:51:24.0156 5320 Secdrv - ok
15:51:24.0171 5320 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:51:24.0171 5320 seclogon - ok
15:51:24.0187 5320 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
15:51:24.0203 5320 SENS - ok
15:51:24.0203 5320 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:51:24.0203 5320 serenum - ok
15:51:24.0203 5320 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:51:24.0203 5320 Serial - ok
15:51:24.0265 5320 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:51:24.0281 5320 ServiceLayer - ok
15:51:24.0296 5320 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:51:24.0312 5320 Sfloppy - ok
15:51:24.0328 5320 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:51:24.0343 5320 SharedAccess - ok
15:51:24.0359 5320 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:51:24.0375 5320 ShellHWDetection - ok
15:51:24.0375 5320 Simbad - ok
15:51:24.0390 5320 Sparrow - ok
15:51:24.0406 5320 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:51:24.0406 5320 splitter - ok
15:51:24.0437 5320 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:51:24.0453 5320 Spooler - ok
15:51:24.0468 5320 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:51:24.0468 5320 sr - ok
15:51:24.0484 5320 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
15:51:24.0500 5320 srservice - ok
15:51:24.0531 5320 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:51:24.0546 5320 Srv - ok
15:51:24.0562 5320 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:51:24.0578 5320 SSDPSRV - ok
15:51:24.0609 5320 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
15:51:24.0609 5320 ss_bbus - ok
15:51:24.0625 5320 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
15:51:24.0640 5320 ss_bmdfl - ok
15:51:24.0671 5320 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
15:51:24.0671 5320 ss_bmdm - ok
15:51:24.0703 5320 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:51:24.0718 5320 stisvc - ok
15:51:24.0750 5320 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:51:24.0750 5320 swenum - ok
15:51:24.0765 5320 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:51:24.0765 5320 swmidi - ok
15:51:24.0765 5320 SwPrv - ok
15:51:24.0781 5320 symc810 - ok
15:51:24.0781 5320 symc8xx - ok
15:51:24.0781 5320 sym_hi - ok
15:51:24.0796 5320 sym_u3 - ok
15:51:24.0796 5320 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:51:24.0812 5320 sysaudio - ok
15:51:24.0812 5320 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:51:24.0828 5320 SysmonLog - ok
15:51:24.0843 5320 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:51:24.0859 5320 TapiSrv - ok
15:51:24.0890 5320 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:51:24.0906 5320 Tcpip - ok
15:51:24.0921 5320 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:51:24.0921 5320 TDPIPE - ok
15:51:24.0937 5320 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:51:24.0937 5320 TDTCP - ok
15:51:24.0953 5320 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:51:24.0953 5320 TermDD - ok
15:51:24.0984 5320 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
15:51:25.0000 5320 TermService - ok
15:51:25.0015 5320 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:51:25.0015 5320 Themes - ok
15:51:25.0031 5320 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:51:25.0046 5320 TlntSvr - ok
15:51:25.0062 5320 TosIde - ok
15:51:25.0062 5320 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:51:25.0078 5320 TrkWks - ok
15:51:25.0093 5320 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:51:25.0093 5320 Udfs - ok
15:51:25.0093 5320 ultra - ok
15:51:25.0140 5320 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:51:25.0140 5320 Update - ok
15:51:25.0171 5320 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
15:51:25.0187 5320 upnphost - ok
15:51:25.0187 5320 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
15:51:25.0203 5320 UPS - ok
15:51:25.0234 5320 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:51:25.0234 5320 usbehci - ok
15:51:25.0234 5320 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:51:25.0250 5320 usbhub - ok
15:51:25.0265 5320 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:51:25.0281 5320 usbprint - ok
15:51:25.0296 5320 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:51:25.0296 5320 usbscan - ok
15:51:25.0312 5320 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:51:25.0312 5320 usbstor - ok
15:51:25.0328 5320 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:51:25.0328 5320 usbuhci - ok
15:51:25.0343 5320 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:51:25.0343 5320 VgaSave - ok
15:51:25.0343 5320 ViaIde - ok
15:51:25.0359 5320 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:51:25.0359 5320 VolSnap - ok
15:51:25.0359 5320 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
15:51:25.0375 5320 VSS - ok
15:51:25.0390 5320 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
15:51:25.0406 5320 W32Time - ok
15:51:25.0421 5320 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:51:25.0421 5320 Wanarp - ok
15:51:25.0421 5320 WDICA - ok
15:51:25.0437 5320 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:51:25.0437 5320 wdmaud - ok
15:51:25.0453 5320 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:51:25.0453 5320 WebClient - ok
15:51:25.0500 5320 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:51:25.0515 5320 winmgmt - ok
15:51:25.0546 5320 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:51:25.0546 5320 WmdmPmSN - ok
15:51:25.0578 5320 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:51:25.0609 5320 Wmi - ok
15:51:25.0640 5320 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:51:25.0640 5320 WmiApSrv - ok
15:51:25.0687 5320 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:51:25.0718 5320 WMPNetworkSvc - ok
15:51:25.0734 5320 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:51:25.0734 5320 WS2IFSL - ok
15:51:25.0765 5320 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:51:25.0781 5320 wscsvc - ok
15:51:25.0796 5320 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:51:25.0828 5320 wuauserv - ok
15:51:25.0843 5320 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:51:25.0843 5320 WudfPf - ok
15:51:25.0875 5320 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:51:25.0875 5320 WudfRd - ok
15:51:25.0890 5320 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:51:25.0890 5320 WudfSvc - ok
15:51:25.0921 5320 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:51:25.0937 5320 WZCSVC - ok
15:51:25.0968 5320 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:51:25.0984 5320 xmlprov - ok
15:51:25.0984 5320 ================ Scan global ===============================
15:51:26.0000 5320 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
15:51:26.0031 5320 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:51:26.0046 5320 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:51:26.0062 5320 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
15:51:26.0078 5320 [Global] - ok
15:51:26.0078 5320 ================ Scan MBR ==================================
15:51:26.0078 5320 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
15:51:26.0218 5320 \Device\Harddisk0\DR0 - ok
15:51:26.0218 5320 ================ Scan VBR ==================================
15:51:26.0218 5320 [ 33D6CC8CFA0F16D66807CE1127B6AA29 ] \Device\Harddisk0\DR0\Partition1
15:51:26.0218 5320 \Device\Harddisk0\DR0\Partition1 - ok
15:51:26.0234 5320 [ 1D595C0F2BCEB0C603B59673354811BC ] \Device\Harddisk0\DR0\Partition2
15:51:26.0234 5320 \Device\Harddisk0\DR0\Partition2 - ok
15:51:26.0234 5320 ============================================================
15:51:26.0234 5320 Scan finished
15:51:26.0234 5320 ============================================================
15:51:26.0250 5308 Detected object count: 1
15:51:26.0250 5308 Actual detected object count: 1
15:51:59.0859 5308 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
15:52:04.0656 5308 ACPI ( Virus.Win32.Rloader.a ) - User select action: Quarantine
15:53:08.0375 5672 ============================================================
15:53:08.0375 5672 Scan started
15:53:08.0375 5672 Mode: Manual; SigCheck; TDLFS;
15:53:08.0375 5672 ============================================================
15:53:08.0468 5672 ================ Scan system memory ========================
15:53:08.0468 5672 System memory - ok
15:53:08.0468 5672 ================ Scan services =============================
15:53:08.0640 5672 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
15:53:08.0828 5672 Aavmker4 - ok
15:53:08.0828 5672 Abiosdsk - ok
15:53:08.0828 5672 abp480n5 - ok
15:53:08.0859 5672 [ 7A2A462B010B4E4AF79A1B5D42D33D06 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:53:08.0859 5672 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: 7A2A462B010B4E4AF79A1B5D42D33D06, Fake md5: 4FE34F1F3126B61FCC6B2043AA8112C9
15:53:08.0859 5672 ACPI ( Virus.Win32.Rloader.a ) - infected
15:53:08.0859 5672 ACPI - detected Virus.Win32.Rloader.a (0)
15:53:08.0890 5672 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:53:09.0765 5672 ACPIEC - ok
15:53:09.0765 5672 adpu160m - ok
15:53:09.0796 5672 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:53:09.0921 5672 aec - ok
15:53:09.0937 5672 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:53:09.0968 5672 AFD - ok
15:53:09.0984 5672 Aha154x - ok
15:53:09.0984 5672 aic78u2 - ok
15:53:09.0984 5672 aic78xx - ok
15:53:10.0015 5672 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:53:10.0140 5672 Alerter - ok
15:53:10.0140 5672 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
15:53:10.0203 5672 ALG - ok
15:53:10.0203 5672 AliIde - ok
15:53:10.0203 5672 amsint - ok
15:53:10.0218 5672 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:53:10.0296 5672 AppMgmt - ok
15:53:10.0296 5672 asc - ok
15:53:10.0296 5672 asc3350p - ok
15:53:10.0296 5672 asc3550 - ok
15:53:10.0359 5672 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:53:10.0375 5672 aspnet_state - ok
15:53:10.0390 5672 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:53:10.0406 5672 aswFsBlk - ok
15:53:10.0406 5672 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
15:53:10.0421 5672 aswMon2 - ok
15:53:10.0437 5672 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
15:53:10.0453 5672 AswRdr - ok
15:53:10.0468 5672 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:53:10.0500 5672 aswSnx - ok
15:53:10.0531 5672 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:53:10.0546 5672 aswSP - ok
15:53:10.0578 5672 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
15:53:10.0593 5672 aswTdi - ok
15:53:10.0609 5672 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:53:10.0718 5672 AsyncMac - ok
15:53:10.0734 5672 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:53:10.0843 5672 atapi - ok
15:53:10.0859 5672 Atdisk - ok
15:53:10.0875 5672 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:53:11.0000 5672 Atmarpc - ok
15:53:11.0015 5672 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:53:11.0140 5672 AudioSrv - ok
15:53:11.0140 5672 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:53:11.0265 5672 audstub - ok
15:53:11.0328 5672 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:53:11.0343 5672 avast! Antivirus - ok
15:53:11.0375 5672 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:53:11.0500 5672 Beep - ok
15:53:11.0531 5672 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
15:53:11.0656 5672 BITS - ok
15:53:11.0687 5672 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
15:53:11.0718 5672 Browser - ok
15:53:11.0812 5672 catchme - ok
15:53:11.0843 5672 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:53:11.0968 5672 cbidf2k - ok
15:53:11.0968 5672 cd20xrnt - ok
15:53:11.0984 5672 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:53:12.0093 5672 Cdaudio - ok
15:53:12.0109 5672 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:53:12.0234 5672 Cdfs - ok
15:53:12.0250 5672 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:53:12.0375 5672 Cdrom - ok
15:53:12.0375 5672 Changer - ok
15:53:12.0375 5672 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:53:12.0484 5672 CiSvc - ok
15:53:12.0500 5672 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:53:12.0609 5672 ClipSrv - ok
15:53:12.0640 5672 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:53:12.0656 5672 clr_optimization_v2.0.50727_32 - ok
15:53:12.0656 5672 CmdIde - ok
15:53:12.0671 5672 COMSysApp - ok
15:53:12.0671 5672 Cpqarray - ok
15:53:12.0703 5672 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:53:12.0828 5672 CryptSvc - ok
15:53:12.0828 5672 dac2w2k - ok
15:53:12.0828 5672 dac960nt - ok
15:53:12.0875 5672 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:53:12.0906 5672 DcomLaunch - ok
15:53:12.0921 5672 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:53:13.0031 5672 Dhcp - ok
15:53:13.0046 5672 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:53:13.0156 5672 Disk - ok
15:53:13.0171 5672 dmadmin - ok
15:53:13.0203 5672 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:53:13.0359 5672 dmboot - ok
15:53:13.0359 5672 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:53:13.0468 5672 dmio - ok
15:53:13.0484 5672 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:53:13.0593 5672 dmload - ok
15:53:13.0609 5672 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:53:13.0734 5672 dmserver - ok
15:53:13.0750 5672 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:53:13.0875 5672 DMusic - ok
15:53:13.0890 5672 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:53:13.0921 5672 Dnscache - ok
15:53:13.0937 5672 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:53:14.0062 5672 Dot3svc - ok
15:53:14.0062 5672 dpti2o - ok
15:53:14.0078 5672 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:53:14.0203 5672 drmkaud - ok
15:53:14.0218 5672 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:53:14.0343 5672 EapHost - ok
15:53:14.0343 5672 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:53:14.0468 5672 ERSvc - ok
15:53:14.0500 5672 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
15:53:14.0515 5672 Eventlog - ok
15:53:14.0546 5672 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
15:53:14.0562 5672 EventSystem - ok
15:53:14.0578 5672 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:53:14.0687 5672 Fastfat - ok
15:53:14.0718 5672 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:53:14.0750 5672 FastUserSwitchingCompatibility - ok
15:53:14.0750 5672 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:53:14.0875 5672 Fdc - ok
15:53:14.0890 5672 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:53:15.0015 5672 Fips - ok
15:53:15.0015 5672 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:53:15.0125 5672 Flpydisk - ok
15:53:15.0156 5672 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:53:15.0265 5672 FltMgr - ok
15:53:15.0312 5672 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:53:15.0328 5672 FontCache3.0.0.0 - ok
15:53:15.0359 5672 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
15:53:15.0390 5672 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
15:53:15.0390 5672 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
15:53:15.0421 5672 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
15:53:15.0437 5672 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
15:53:15.0437 5672 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
15:53:15.0453 5672 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:53:15.0562 5672 Fs_Rec - ok
15:53:15.0578 5672 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:53:15.0687 5672 Ftdisk - ok
15:53:15.0718 5672 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:53:15.0843 5672 Gpc - ok
15:53:15.0890 5672 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:53:15.0906 5672 gupdate - ok
15:53:15.0906 5672 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:53:15.0921 5672 gupdatem - ok
15:53:15.0953 5672 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:53:15.0968 5672 gusvc - ok
15:53:16.0000 5672 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:53:16.0109 5672 HDAudBus - ok
15:53:16.0140 5672 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:53:16.0250 5672 helpsvc - ok
15:53:16.0265 5672 HidServ - ok
15:53:16.0281 5672 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:53:16.0390 5672 hkmsvc - ok
15:53:16.0406 5672 hpn - ok
15:53:16.0421 5672 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:53:16.0437 5672 HTTP - ok
15:53:16.0453 5672 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:53:16.0578 5672 HTTPFilter - ok
15:53:16.0578 5672 i2omgmt - ok
15:53:16.0578 5672 i2omp - ok
15:53:16.0593 5672 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:53:16.0718 5672 i8042prt - ok
15:53:16.0765 5672 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:53:16.0812 5672 idsvc - ok
15:53:16.0828 5672 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:53:16.0953 5672 Imapi - ok
15:53:16.0968 5672 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:53:17.0078 5672 ImapiService - ok
15:53:17.0093 5672 ini910u - ok
15:53:17.0234 5672 [ B2957D6C1226F029230DAC2C46D34286 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:53:17.0390 5672 IntcAzAudAddService - ok
15:53:17.0406 5672 IntelIde - ok
15:53:17.0421 5672 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:53:17.0531 5672 intelppm - ok
15:53:17.0546 5672 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:53:17.0656 5672 Ip6Fw - ok
15:53:17.0671 5672 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:53:17.0796 5672 IpFilterDriver - ok
15:53:17.0812 5672 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:53:17.0921 5672 IpInIp - ok
15:53:17.0937 5672 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:53:18.0062 5672 IpNat - ok
15:53:18.0078 5672 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:53:18.0203 5672 IPSec - ok
15:53:18.0218 5672 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:53:18.0281 5672 IRENUM - ok
15:53:18.0296 5672 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:53:18.0406 5672 isapnp - ok
15:53:18.0437 5672 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:53:18.0453 5672 JavaQuickStarterService - ok
15:53:18.0453 5672 [ BDCE08E413C98720D23D0A4CD74F6E0C ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
15:53:18.0484 5672 JRAID - ok
15:53:18.0500 5672 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:53:18.0609 5672 Kbdclass - ok
15:53:18.0640 5672 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:53:18.0765 5672 kmixer - ok
15:53:18.0781 5672 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:53:18.0796 5672 KSecDD - ok
15:53:18.0828 5672 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
15:53:18.0843 5672 LanmanServer - ok
15:53:18.0875 5672 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:53:18.0890 5672 lanmanworkstation - ok
15:53:18.0890 5672 lbrtfdc - ok
15:53:18.0906 5672 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:53:19.0015 5672 LmHosts - ok
15:53:19.0031 5672 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:53:19.0156 5672 Messenger - ok
15:53:19.0171 5672 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:53:19.0281 5672 mnmdd - ok
15:53:19.0296 5672 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:53:19.0421 5672 mnmsrvc - ok
15:53:19.0421 5672 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:53:19.0546 5672 Modem - ok
15:53:19.0546 5672 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:53:19.0656 5672 Mouclass - ok
15:53:19.0671 5672 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:53:19.0781 5672 MountMgr - ok
15:53:19.0796 5672 mraid35x - ok
15:53:19.0812 5672 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:53:19.0921 5672 MRxDAV - ok
15:53:19.0953 5672 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:53:19.0968 5672 MRxSmb - ok
15:53:20.0000 5672 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:53:20.0109 5672 MSDTC - ok
15:53:20.0109 5672 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:53:20.0234 5672 Msfs - ok
15:53:20.0234 5672 MSIServer - ok
15:53:20.0250 5672 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:53:20.0359 5672 MSKSSRV - ok
15:53:20.0375 5672 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:53:20.0484 5672 MSPCLOCK - ok
15:53:20.0484 5672 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:53:20.0609 5672 MSPQM - ok
15:53:20.0625 5672 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:53:20.0750 5672 mssmbios - ok
15:53:20.0765 5672 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:53:20.0781 5672 Mup - ok
15:53:20.0796 5672 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:53:20.0921 5672 napagent - ok
15:53:20.0921 5672 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:53:21.0031 5672 NDIS - ok
15:53:21.0046 5672 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:53:21.0062 5672 NdisTapi - ok
15:53:21.0078 5672 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:53:21.0187 5672 Ndisuio - ok
15:53:21.0187 5672 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:53:21.0312 5672 NdisWan - ok
15:53:21.0343 5672 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:53:21.0359 5672 NDProxy - ok
15:53:21.0390 5672 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:53:21.0500 5672 NetBIOS - ok
15:53:21.0515 5672 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:53:21.0625 5672 NetBT - ok
15:53:21.0640 5672 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
15:53:21.0765 5672 NetDDE - ok
15:53:21.0781 5672 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:53:21.0906 5672 NetDDEdsdm - ok
15:53:21.0921 5672 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:53:22.0031 5672 Netlogon - ok
15:53:22.0046 5672 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
15:53:22.0156 5672 Netman - ok
15:53:22.0187 5672 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:53:22.0203 5672 NetTcpPortSharing - ok
15:53:22.0234 5672 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
15:53:22.0250 5672 Nla - ok
15:53:22.0281 5672 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\NPF.sys
15:53:22.0281 5672 NPF - ok
15:53:22.0296 5672 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:53:22.0421 5672 Npfs - ok
15:53:22.0421 5672 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:53:22.0562 5672 Ntfs - ok
15:53:22.0562 5672 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:53:22.0687 5672 NtLmSsp - ok
15:53:22.0718 5672 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:53:22.0843 5672 NtmsSvc - ok
15:53:22.0875 5672 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:53:22.0984 5672 Null - ok
15:53:23.0171 5672 [ 8C0456001B6900114BBB1C548BD8AAF5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:53:23.0390 5672 nv - ok
15:53:23.0437 5672 [ 472A00D2183C9E5EDB3E076272741812 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:53:23.0453 5672 NVSvc - ok
15:53:23.0468 5672 [ ADB82FBC435AE7504082B3C714C3885D ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
15:53:23.0531 5672 NWCWorkstation - ok
15:53:23.0531 5672 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:53:23.0656 5672 NwlnkFlt - ok
15:53:23.0656 5672 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:53:23.0781 5672 NwlnkFwd - ok
15:53:23.0796 5672 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:53:23.0906 5672 NwlnkIpx - ok
15:53:23.0921 5672 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:53:24.0031 5672 NwlnkNb - ok
15:53:24.0046 5672 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:53:24.0171 5672 NwlnkSpx - ok
15:53:24.0171 5672 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
15:53:24.0234 5672 NWRDR - ok
15:53:24.0328 5672 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:53:24.0359 5672 odserv - ok
15:53:24.0390 5672 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:24.0406 5672 ose - ok
15:53:24.0406 5672 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:53:24.0531 5672 Parport - ok
15:53:24.0531 5672 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:53:24.0656 5672 PartMgr - ok
15:53:24.0687 5672 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:53:24.0796 5672 ParVdm - ok
15:53:24.0812 5672 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:53:24.0843 5672 pccsmcfd - ok
15:53:24.0859 5672 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:53:24.0984 5672 PCI - ok
15:53:24.0984 5672 PCIDump - ok
15:53:24.0984 5672 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:53:25.0109 5672 PCIIde - ok
15:53:25.0125 5672 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:53:25.0250 5672 Pcmcia - ok
15:53:25.0250 5672 PDCOMP - ok
15:53:25.0250 5672 PDFRAME - ok
15:53:25.0265 5672 PDRELI - ok
15:53:25.0265 5672 PDRFRAME - ok
15:53:25.0265 5672 perc2 - ok
15:53:25.0281 5672 perc2hib - ok
15:53:25.0421 5672 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
15:53:25.0437 5672 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning
15:53:25.0437 5672 PEVSystemStart - detected UnsignedFile.Multi.Generic (1)
15:53:25.0453 5672 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
15:53:25.0468 5672 PlugPlay - ok
15:53:25.0484 5672 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:53:25.0593 5672 PolicyAgent - ok
15:53:25.0625 5672 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:53:25.0750 5672 PptpMiniport - ok
15:53:25.0750 5672 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:53:25.0875 5672 ProtectedStorage - ok
15:53:25.0875 5672 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:53:25.0984 5672 PSched - ok
15:53:26.0000 5672 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:53:26.0125 5672 Ptilink - ok
15:53:26.0125 5672 ql1080 - ok
15:53:26.0125 5672 Ql10wnt - ok
15:53:26.0125 5672 ql12160 - ok
15:53:26.0140 5672 ql1240 - ok
15:53:26.0140 5672 ql1280 - ok
15:53:26.0156 5672 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:53:26.0296 5672 RasAcd - ok
15:53:26.0312 5672 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:53:26.0437 5672 RasAuto - ok
15:53:26.0453 5672 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:53:26.0578 5672 Rasl2tp - ok
15:53:26.0593 5672 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:53:26.0718 5672 RasMan - ok
15:53:26.0734 5672 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:53:26.0875 5672 RasPppoe - ok
15:53:26.0890 5672 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:53:27.0000 5672 Raspti - ok
15:53:27.0000 5672 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:53:27.0125 5672 Rdbss - ok
15:53:27.0125 5672 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:53:27.0234 5672 RDPCDD - ok
15:53:27.0265 5672 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:53:27.0375 5672 rdpdr - ok
15:53:27.0406 5672 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:53:27.0437 5672 RDPWD - ok
15:53:27.0453 5672 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:53:27.0578 5672 RDSessMgr - ok
15:53:27.0593 5672 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:53:27.0703 5672 redbook - ok
15:53:27.0718 5672 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:53:27.0843 5672 RemoteAccess - ok
15:53:27.0859 5672 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:53:27.0968 5672 RemoteRegistry - ok
15:53:27.0984 5672 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:53:28.0109 5672 RpcLocator - ok
15:53:28.0125 5672 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:53:28.0156 5672 RpcSs - ok
15:53:28.0156 5672 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:53:28.0281 5672 RSVP - ok
15:53:28.0296 5672 [ E10F6C9BD09D8DAE26E29D52C65E6E0F ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
15:53:28.0343 5672 RTL8023xp - ok
15:53:28.0343 5672 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
15:53:28.0453 5672 SamSs - ok
15:53:28.0468 5672 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:53:28.0593 5672 SCardSvr - ok
15:53:28.0609 5672 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:53:28.0734 5672 Schedule - ok
15:53:28.0750 5672 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:53:28.0812 5672 Secdrv - ok
15:53:28.0812 5672 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:53:28.0953 5672 seclogon - ok
15:53:28.0968 5672 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
15:53:29.0078 5672 SENS - ok
15:53:29.0078 5672 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:53:29.0203 5672 serenum - ok
15:53:29.0203 5672 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:53:29.0343 5672 Serial - ok
15:53:29.0375 5672 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:53:29.0390 5672 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
15:53:29.0390 5672 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
15:53:29.0406 5672 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:53:29.0531 5672 Sfloppy - ok
15:53:29.0546 5672 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:53:29.0656 5672 SharedAccess - ok
15:53:29.0671 5672 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:53:29.0734 5672 ShellHWDetection - ok
15:53:29.0734 5672 Simbad - ok
15:53:29.0734 5672 Sparrow - ok
15:53:29.0750 5672 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:53:29.0859 5672 splitter - ok
15:53:29.0890 5672 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:53:29.0921 5672 Spooler - ok
15:53:29.0953 5672 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:53:30.0015 5672 sr - ok
15:53:30.0031 5672 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
15:53:30.0093 5672 srservice - ok
15:53:30.0125 5672 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:53:30.0156 5672 Srv - ok
15:53:30.0187 5672 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:53:30.0234 5672 SSDPSRV - ok
15:53:30.0265 5672 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
15:53:30.0281 5672 ss_bbus - ok
15:53:30.0312 5672 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
15:53:30.0328 5672 ss_bmdfl - ok
15:53:30.0359 5672 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
15:53:30.0375 5672 ss_bmdm - ok
15:53:30.0406 5672 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:53:30.0515 5672 stisvc - ok
15:53:30.0531 5672 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:53:30.0640 5672 swenum - ok
15:53:30.0656 5672 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:53:30.0781 5672 swmidi - ok
15:53:30.0781 5672 SwPrv - ok
15:53:30.0781 5672 symc810 - ok
15:53:30.0796 5672 symc8xx - ok
15:53:30.0796 5672 sym_hi - ok
15:53:30.0828 5672 sym_u3 - ok
15:53:30.0843 5672 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:53:30.0968 5672 sysaudio - ok
15:53:30.0984 5672 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:53:31.0093 5672 SysmonLog - ok
15:53:31.0109 5672 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:53:31.0234 5672 TapiSrv - ok
15:53:31.0265 5672 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:53:31.0312 5672 Tcpip - ok
15:53:31.0328 5672 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:53:31.0437 5672 TDPIPE - ok
15:53:31.0453 5672 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:53:31.0562 5672 TDTCP - ok
15:53:31.0578 5672 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:53:31.0687 5672 TermDD - ok
15:53:31.0718 5672 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
15:53:31.0859 5672 TermService - ok
15:53:31.0859 5672 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:53:31.0890 5672 Themes - ok
15:53:31.0921 5672 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:53:31.0984 5672 TlntSvr - ok
15:53:31.0984 5672 TosIde - ok
15:53:31.0984 5672 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:53:32.0109 5672 TrkWks - ok
15:53:32.0125 5672 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:53:32.0234 5672 Udfs - ok
15:53:32.0250 5672 ultra - ok
15:53:32.0281 5672 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:53:32.0406 5672 Update - ok
15:53:32.0421 5672 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
15:53:32.0500 5672 upnphost - ok
15:53:32.0515 5672 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
15:53:32.0625 5672 UPS - ok
15:53:32.0640 5672 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:53:32.0750 5672 usbehci - ok
15:53:32.0765 5672 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:53:32.0875 5672 usbhub - ok
15:53:32.0875 5672 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:53:33.0000 5672 usbprint - ok
15:53:33.0000 5672 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:53:33.0109 5672 usbscan - ok
15:53:33.0125 5672 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:53:33.0250 5672 usbstor - ok
15:53:33.0265 5672 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:53:33.0375 5672 usbuhci - ok
15:53:33.0390 5672 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:53:33.0515 5672 VgaSave - ok
15:53:33.0515 5672 ViaIde - ok
15:53:33.0531 5672 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:53:33.0640 5672 VolSnap - ok
15:53:33.0640 5672 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
15:53:33.0734 5672 VSS - ok
15:53:33.0750 5672 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
15:53:33.0875 5672 W32Time - ok
15:53:33.0890 5672 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:53:34.0000 5672 Wanarp - ok
15:53:34.0000 5672 WDICA - ok
15:53:34.0015 5672 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:53:34.0125 5672 wdmaud - ok
15:53:34.0140 5672 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:53:34.0250 5672 WebClient - ok
15:53:34.0296 5672 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:53:34.0406 5672 winmgmt - ok
15:53:34.0437 5672 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:53:34.0468 5672 WmdmPmSN - ok
15:53:34.0500 5672 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:53:34.0546 5672 Wmi - ok
15:53:34.0578 5672 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:53:34.0687 5672 WmiApSrv - ok
15:53:34.0750 5672 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:53:34.0781 5672 WMPNetworkSvc - ok
15:53:34.0812 5672 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:53:34.0921 5672 WS2IFSL - ok
15:53:34.0937 5672 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:53:35.0078 5672 wscsvc - ok
15:53:35.0093 5672 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:53:35.0203 5672 wuauserv - ok
15:53:35.0218 5672 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:53:35.0250 5672 WudfPf - ok
15:53:35.0250 5672 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:53:35.0265 5672 WudfRd - ok
15:53:35.0281 5672 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:53:35.0312 5672 WudfSvc - ok
15:53:35.0328 5672 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:53:35.0453 5672 WZCSVC - ok
15:53:35.0468 5672 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:53:35.0593 5672 xmlprov - ok
15:53:35.0593 5672 ================ Scan global ===============================
15:53:35.0609 5672 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
15:53:35.0640 5672 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:53:35.0671 5672 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:53:35.0703 5672 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
15:53:35.0718 5672 [Global] - ok
15:53:35.0718 5672 ================ Scan MBR ==================================
15:53:35.0718 5672 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
15:53:35.0937 5672 \Device\Harddisk0\DR0 - ok
15:53:35.0937 5672 ================ Scan VBR ==================================
15:53:35.0937 5672 [ 33D6CC8CFA0F16D66807CE1127B6AA29 ] \Device\Harddisk0\DR0\Partition1
15:53:35.0937 5672 \Device\Harddisk0\DR0\Partition1 - ok
15:53:35.0968 5672 [ 1D595C0F2BCEB0C603B59673354811BC ] \Device\Harddisk0\DR0\Partition2
15:53:35.0968 5672 \Device\Harddisk0\DR0\Partition2 - ok
15:53:35.0968 5672 ============================================================
15:53:35.0968 5672 Scan finished
15:53:35.0968 5672 ============================================================
15:53:36.0093 5664 Detected object count: 5
15:53:36.0093 5664 Actual detected object count: 5
15:54:51.0546 5664 ACPI ( Virus.Win32.Rloader.a ) - skipped by user
15:54:51.0546 5664 ACPI ( Virus.Win32.Rloader.a ) - User select action: Skip
15:54:51.0546 5664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:54:51.0546 5664 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:54:51.0546 5664 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:54:51.0546 5664 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:51:15.0531 5260 ============================================================
15:51:15.0531 5260 Current date / time: 2012/12/30 15:51:15.0531
15:51:15.0531 5260 SystemInfo:
15:51:15.0531 5260
15:51:15.0531 5260 OS Version: 5.1.2600 ServicePack: 3.0
15:51:15.0531 5260 Product type: Workstation
15:51:15.0531 5260 ComputerName:
15:51:15.0531 5260 UserName:
15:51:15.0531 5260 Windows directory: C:\WINDOWS
15:51:15.0531 5260 System windows directory: C:\WINDOWS
15:51:15.0531 5260 Processor architecture: Intel x86
15:51:15.0531 5260 Number of processors: 2
15:51:15.0531 5260 Page size: 0x1000
15:51:15.0531 5260 Boot type: Normal boot
15:51:15.0531 5260 ============================================================
15:51:16.0109 5260 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
15:51:16.0125 5260 ============================================================
15:51:16.0125 5260 \Device\Harddisk0\DR0:
15:51:16.0125 5260 MBR partitions:
15:51:16.0125 5260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7530462
15:51:16.0140 5260 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x75304E0, BlocksNum 0x15C901E0
15:51:16.0140 5260 ============================================================
15:51:16.0156 5260 C: <-> \Device\Harddisk0\DR0\Partition1
15:51:16.0187 5260 D: <-> \Device\Harddisk0\DR0\Partition2
15:51:16.0218 5260 ============================================================
15:51:16.0218 5260 Initialize success
15:51:16.0218 5260 ============================================================
15:51:18.0078 5320 ============================================================
15:51:18.0078 5320 Scan started
15:51:18.0078 5320 Mode: Manual;
15:51:18.0078 5320 ============================================================
15:51:18.0515 5320 ================ Scan system memory ========================
15:51:18.0531 5320 System memory - ok
15:51:18.0531 5320 ================ Scan services =============================
15:51:18.0671 5320 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
15:51:18.0671 5320 Aavmker4 - ok
15:51:18.0671 5320 Abiosdsk - ok
15:51:18.0671 5320 abp480n5 - ok
15:51:18.0703 5320 [ 7A2A462B010B4E4AF79A1B5D42D33D06 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:51:18.0703 5320 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: 7A2A462B010B4E4AF79A1B5D42D33D06, Fake md5: 4FE34F1F3126B61FCC6B2043AA8112C9
15:51:18.0703 5320 ACPI ( Virus.Win32.Rloader.a ) - infected
15:51:18.0703 5320 ACPI - detected Virus.Win32.Rloader.a (0)
15:51:18.0734 5320 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:51:18.0734 5320 ACPIEC - ok
15:51:18.0750 5320 adpu160m - ok
15:51:18.0765 5320 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:51:18.0781 5320 aec - ok
15:51:18.0812 5320 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:51:18.0812 5320 AFD - ok
15:51:18.0828 5320 Aha154x - ok
15:51:18.0828 5320 aic78u2 - ok
15:51:18.0828 5320 aic78xx - ok
15:51:18.0859 5320 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:51:18.0859 5320 Alerter - ok
15:51:18.0890 5320 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
15:51:18.0890 5320 ALG - ok
15:51:18.0890 5320 AliIde - ok
15:51:18.0906 5320 amsint - ok
15:51:18.0921 5320 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:51:18.0921 5320 AppMgmt - ok
15:51:18.0937 5320 asc - ok
15:51:18.0937 5320 asc3350p - ok
15:51:18.0937 5320 asc3550 - ok
15:51:19.0000 5320 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:51:19.0031 5320 aspnet_state - ok
15:51:19.0062 5320 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:51:19.0062 5320 aswFsBlk - ok
15:51:19.0062 5320 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
15:51:19.0078 5320 aswMon2 - ok
15:51:19.0078 5320 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
15:51:19.0093 5320 AswRdr - ok
15:51:19.0109 5320 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:51:19.0125 5320 aswSnx - ok
15:51:19.0156 5320 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:51:19.0171 5320 aswSP - ok
15:51:19.0187 5320 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
15:51:19.0187 5320 aswTdi - ok
15:51:19.0203 5320 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:51:19.0203 5320 AsyncMac - ok
15:51:19.0218 5320 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:51:19.0234 5320 atapi - ok
15:51:19.0234 5320 Atdisk - ok
15:51:19.0265 5320 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:51:19.0265 5320 Atmarpc - ok
15:51:19.0281 5320 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:51:19.0281 5320 AudioSrv - ok
15:51:19.0296 5320 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:51:19.0296 5320 audstub - ok
15:51:19.0359 5320 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:51:19.0359 5320 avast! Antivirus - ok
15:51:19.0390 5320 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:51:19.0390 5320 Beep - ok
15:51:19.0421 5320 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
15:51:19.0468 5320 BITS - ok
15:51:19.0500 5320 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
15:51:19.0500 5320 Browser - ok
15:51:19.0578 5320 catchme - ok
15:51:19.0609 5320 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:51:19.0609 5320 cbidf2k - ok
15:51:19.0609 5320 cd20xrnt - ok
15:51:19.0625 5320 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:51:19.0625 5320 Cdaudio - ok
15:51:19.0640 5320 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:51:19.0640 5320 Cdfs - ok
15:51:19.0671 5320 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:51:19.0671 5320 Cdrom - ok
15:51:19.0671 5320 Changer - ok
15:51:19.0687 5320 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:51:19.0687 5320 CiSvc - ok
15:51:19.0703 5320 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:51:19.0703 5320 ClipSrv - ok
15:51:19.0734 5320 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:19.0765 5320 clr_optimization_v2.0.50727_32 - ok
15:51:19.0765 5320 CmdIde - ok
15:51:19.0781 5320 COMSysApp - ok
15:51:19.0781 5320 Cpqarray - ok
15:51:19.0812 5320 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:51:19.0812 5320 CryptSvc - ok
15:51:19.0812 5320 dac2w2k - ok
15:51:19.0828 5320 dac960nt - ok
15:51:19.0859 5320 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:51:19.0875 5320 DcomLaunch - ok
15:51:19.0890 5320 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:51:19.0890 5320 Dhcp - ok
15:51:19.0906 5320 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:51:19.0906 5320 Disk - ok
15:51:19.0906 5320 dmadmin - ok
15:51:19.0937 5320 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:51:19.0968 5320 dmboot - ok
15:51:19.0968 5320 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:51:19.0984 5320 dmio - ok
15:51:20.0000 5320 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:51:20.0000 5320 dmload - ok
15:51:20.0015 5320 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:51:20.0015 5320 dmserver - ok
15:51:20.0031 5320 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:51:20.0031 5320 DMusic - ok
15:51:20.0046 5320 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:51:20.0046 5320 Dnscache - ok
15:51:20.0062 5320 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:51:20.0062 5320 Dot3svc - ok
15:51:20.0078 5320 dpti2o - ok
15:51:20.0093 5320 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:51:20.0093 5320 drmkaud - ok
15:51:20.0109 5320 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:51:20.0109 5320 EapHost - ok
15:51:20.0109 5320 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:51:20.0125 5320 ERSvc - ok
15:51:20.0140 5320 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
15:51:20.0171 5320 Eventlog - ok
15:51:20.0203 5320 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
15:51:20.0218 5320 EventSystem - ok
15:51:20.0250 5320 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:51:20.0265 5320 Fastfat - ok
15:51:20.0296 5320 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:51:20.0312 5320 FastUserSwitchingCompatibility - ok
15:51:20.0312 5320 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:51:20.0312 5320 Fdc - ok
15:51:20.0343 5320 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:51:20.0343 5320 Fips - ok
15:51:20.0343 5320 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:51:20.0343 5320 Flpydisk - ok
15:51:20.0375 5320 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:51:20.0390 5320 FltMgr - ok
15:51:20.0421 5320 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:51:20.0421 5320 FontCache3.0.0.0 - ok
15:51:20.0453 5320 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
15:51:20.0453 5320 FsUsbExDisk - ok
15:51:20.0468 5320 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
15:51:20.0484 5320 FsUsbExService - ok
15:51:20.0484 5320 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:51:20.0484 5320 Fs_Rec - ok
15:51:20.0500 5320 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:51:20.0500 5320 Ftdisk - ok
15:51:20.0531 5320 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:51:20.0531 5320 Gpc - ok
15:51:20.0578 5320 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:51:20.0593 5320 gupdate - ok
15:51:20.0593 5320 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:51:20.0593 5320 gupdatem - ok
15:51:20.0625 5320 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:51:20.0625 5320 gusvc - ok
15:51:20.0671 5320 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:51:20.0671 5320 HDAudBus - ok
15:51:20.0703 5320 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:51:20.0703 5320 helpsvc - ok
15:51:20.0718 5320 HidServ - ok
15:51:20.0750 5320 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:51:20.0750 5320 hkmsvc - ok
15:51:20.0765 5320 hpn - ok
15:51:20.0781 5320 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:51:20.0781 5320 HTTP - ok
15:51:20.0812 5320 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:51:20.0828 5320 HTTPFilter - ok
15:51:20.0828 5320 i2omgmt - ok
15:51:20.0828 5320 i2omp - ok
15:51:20.0828 5320 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:51:20.0843 5320 i8042prt - ok
15:51:20.0906 5320 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:51:20.0921 5320 idsvc - ok
15:51:20.0968 5320 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:51:20.0968 5320 Imapi - ok
15:51:20.0984 5320 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:51:21.0000 5320 ImapiService - ok
15:51:21.0000 5320 ini910u - ok
15:51:21.0171 5320 [ B2957D6C1226F029230DAC2C46D34286 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:51:21.0281 5320 IntcAzAudAddService - ok
15:51:21.0281 5320 IntelIde - ok
15:51:21.0296 5320 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:51:21.0296 5320 intelppm - ok
15:51:21.0312 5320 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:51:21.0312 5320 Ip6Fw - ok
15:51:21.0328 5320 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:51:21.0328 5320 IpFilterDriver - ok
15:51:21.0343 5320 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:51:21.0343 5320 IpInIp - ok
15:51:21.0375 5320 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:51:21.0375 5320 IpNat - ok
15:51:21.0375 5320 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:51:21.0375 5320 IPSec - ok
15:51:21.0406 5320 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:51:21.0406 5320 IRENUM - ok
15:51:21.0421 5320 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:51:21.0421 5320 isapnp - ok
15:51:21.0437 5320 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:51:21.0453 5320 JavaQuickStarterService - ok
15:51:21.0468 5320 [ BDCE08E413C98720D23D0A4CD74F6E0C ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
15:51:21.0468 5320 JRAID - ok
15:51:21.0515 5320 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:51:21.0515 5320 Kbdclass - ok
15:51:21.0531 5320 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:51:21.0531 5320 kmixer - ok
15:51:21.0562 5320 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:51:21.0562 5320 KSecDD - ok
15:51:21.0578 5320 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
15:51:21.0593 5320 LanmanServer - ok
15:51:21.0625 5320 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:51:21.0640 5320 lanmanworkstation - ok
15:51:21.0640 5320 lbrtfdc - ok
15:51:21.0671 5320 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:51:21.0671 5320 LmHosts - ok
15:51:21.0687 5320 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:51:21.0703 5320 Messenger - ok
15:51:21.0734 5320 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:51:21.0734 5320 mnmdd - ok
15:51:21.0750 5320 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:51:21.0750 5320 mnmsrvc - ok
15:51:21.0781 5320 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:51:21.0781 5320 Modem - ok
15:51:21.0781 5320 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:51:21.0796 5320 Mouclass - ok
15:51:21.0796 5320 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:51:21.0796 5320 MountMgr - ok
15:51:21.0796 5320 mraid35x - ok
15:51:21.0812 5320 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:51:21.0828 5320 MRxDAV - ok
15:51:21.0859 5320 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:51:21.0859 5320 MRxSmb - ok
15:51:21.0890 5320 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:51:21.0890 5320 MSDTC - ok
15:51:21.0906 5320 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:51:21.0906 5320 Msfs - ok
15:51:21.0906 5320 MSIServer - ok
15:51:21.0921 5320 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:51:21.0921 5320 MSKSSRV - ok
15:51:21.0937 5320 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:51:21.0937 5320 MSPCLOCK - ok
15:51:21.0937 5320 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:51:21.0937 5320 MSPQM - ok
15:51:21.0968 5320 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:51:21.0968 5320 mssmbios - ok
15:51:21.0984 5320 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:51:21.0984 5320 Mup - ok
15:51:22.0015 5320 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:51:22.0031 5320 napagent - ok
15:51:22.0046 5320 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:51:22.0062 5320 NDIS - ok
15:51:22.0062 5320 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:51:22.0078 5320 NdisTapi - ok
15:51:22.0078 5320 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:51:22.0078 5320 Ndisuio - ok
15:51:22.0093 5320 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:51:22.0093 5320 NdisWan - ok
15:51:22.0109 5320 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:51:22.0109 5320 NDProxy - ok
15:51:22.0109 5320 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:51:22.0125 5320 NetBIOS - ok
15:51:22.0140 5320 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:51:22.0140 5320 NetBT - ok
15:51:22.0156 5320 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
15:51:22.0171 5320 NetDDE - ok
15:51:22.0171 5320 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:51:22.0187 5320 NetDDEdsdm - ok
15:51:22.0203 5320 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:51:22.0203 5320 Netlogon - ok
15:51:22.0218 5320 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
15:51:22.0234 5320 Netman - ok
15:51:22.0250 5320 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:51:22.0265 5320 NetTcpPortSharing - ok
15:51:22.0281 5320 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
15:51:22.0312 5320 Nla - ok
15:51:22.0328 5320 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\NPF.sys
15:51:22.0328 5320 NPF - ok
15:51:22.0343 5320 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:51:22.0343 5320 Npfs - ok
15:51:22.0359 5320 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:51:22.0375 5320 Ntfs - ok
15:51:22.0375 5320 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:51:22.0375 5320 NtLmSsp - ok
15:51:22.0406 5320 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:51:22.0421 5320 NtmsSvc - ok
15:51:22.0453 5320 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:51:22.0453 5320 Null - ok
15:51:22.0671 5320 [ 8C0456001B6900114BBB1C548BD8AAF5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:51:22.0843 5320 nv - ok
15:51:22.0859 5320 [ 472A00D2183C9E5EDB3E076272741812 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:51:22.0875 5320 NVSvc - ok
15:51:22.0890 5320 [ ADB82FBC435AE7504082B3C714C3885D ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
15:51:22.0906 5320 NWCWorkstation - ok
15:51:22.0906 5320 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:51:22.0921 5320 NwlnkFlt - ok
15:51:22.0937 5320 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:51:22.0937 5320 NwlnkFwd - ok
15:51:22.0968 5320 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:51:22.0968 5320 NwlnkIpx - ok
15:51:22.0984 5320 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:51:23.0000 5320 NwlnkNb - ok
15:51:23.0015 5320 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:51:23.0015 5320 NwlnkSpx - ok
15:51:23.0031 5320 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
15:51:23.0031 5320 NWRDR - ok
15:51:23.0140 5320 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:51:23.0156 5320 odserv - ok
15:51:23.0187 5320 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:51:23.0187 5320 ose - ok
15:51:23.0203 5320 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:51:23.0218 5320 Parport - ok
15:51:23.0218 5320 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:51:23.0218 5320 PartMgr - ok
15:51:23.0234 5320 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:51:23.0250 5320 ParVdm - ok
15:51:23.0265 5320 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:51:23.0265 5320 pccsmcfd - ok
15:51:23.0281 5320 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:51:23.0296 5320 PCI - ok
15:51:23.0296 5320 PCIDump - ok
15:51:23.0328 5320 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:51:23.0328 5320 PCIIde - ok
15:51:23.0359 5320 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:51:23.0359 5320 Pcmcia - ok
15:51:23.0359 5320 PDCOMP - ok
15:51:23.0375 5320 PDFRAME - ok
15:51:23.0375 5320 PDRELI - ok
15:51:23.0375 5320 PDRFRAME - ok
15:51:23.0390 5320 perc2 - ok
15:51:23.0390 5320 perc2hib - ok
15:51:23.0531 5320 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
15:51:23.0546 5320 PEVSystemStart - ok
15:51:23.0562 5320 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
15:51:23.0562 5320 PlugPlay - ok
15:51:23.0578 5320 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:51:23.0593 5320 PolicyAgent - ok
15:51:23.0625 5320 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:51:23.0625 5320 PptpMiniport - ok
15:51:23.0625 5320 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:51:23.0625 5320 ProtectedStorage - ok
15:51:23.0640 5320 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:51:23.0640 5320 PSched - ok
15:51:23.0656 5320 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:51:23.0656 5320 Ptilink - ok
15:51:23.0656 5320 ql1080 - ok
15:51:23.0656 5320 Ql10wnt - ok
15:51:23.0671 5320 ql12160 - ok
15:51:23.0671 5320 ql1240 - ok
15:51:23.0671 5320 ql1280 - ok
15:51:23.0687 5320 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:51:23.0687 5320 RasAcd - ok
15:51:23.0703 5320 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:51:23.0718 5320 RasAuto - ok
15:51:23.0734 5320 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:51:23.0750 5320 Rasl2tp - ok
15:51:23.0750 5320 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:51:23.0765 5320 RasMan - ok
15:51:23.0781 5320 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:51:23.0781 5320 RasPppoe - ok
15:51:23.0796 5320 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:51:23.0796 5320 Raspti - ok
15:51:23.0828 5320 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:51:23.0828 5320 Rdbss - ok
15:51:23.0828 5320 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:51:23.0828 5320 RDPCDD - ok
15:51:23.0859 5320 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:51:23.0859 5320 rdpdr - ok
15:51:23.0890 5320 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:51:23.0890 5320 RDPWD - ok
15:51:23.0906 5320 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:51:23.0921 5320 RDSessMgr - ok
15:51:23.0953 5320 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:51:23.0953 5320 redbook - ok
15:51:23.0968 5320 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:51:23.0984 5320 RemoteAccess - ok
15:51:24.0000 5320 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:51:24.0000 5320 RemoteRegistry - ok
15:51:24.0015 5320 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:51:24.0015 5320 RpcLocator - ok
15:51:24.0046 5320 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:51:24.0046 5320 RpcSs - ok
15:51:24.0062 5320 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:51:24.0062 5320 RSVP - ok
15:51:24.0078 5320 [ E10F6C9BD09D8DAE26E29D52C65E6E0F ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
15:51:24.0078 5320 RTL8023xp - ok
15:51:24.0093 5320 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
15:51:24.0093 5320 SamSs - ok
15:51:24.0109 5320 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:51:24.0109 5320 SCardSvr - ok
15:51:24.0140 5320 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:51:24.0156 5320 Schedule - ok
15:51:24.0156 5320 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:51:24.0156 5320 Secdrv - ok
15:51:24.0171 5320 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:51:24.0171 5320 seclogon - ok
15:51:24.0187 5320 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
15:51:24.0203 5320 SENS - ok
15:51:24.0203 5320 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:51:24.0203 5320 serenum - ok
15:51:24.0203 5320 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:51:24.0203 5320 Serial - ok
15:51:24.0265 5320 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:51:24.0281 5320 ServiceLayer - ok
15:51:24.0296 5320 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:51:24.0312 5320 Sfloppy - ok
15:51:24.0328 5320 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:51:24.0343 5320 SharedAccess - ok
15:51:24.0359 5320 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:51:24.0375 5320 ShellHWDetection - ok
15:51:24.0375 5320 Simbad - ok
15:51:24.0390 5320 Sparrow - ok
15:51:24.0406 5320 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:51:24.0406 5320 splitter - ok
15:51:24.0437 5320 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:51:24.0453 5320 Spooler - ok
15:51:24.0468 5320 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:51:24.0468 5320 sr - ok
15:51:24.0484 5320 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
15:51:24.0500 5320 srservice - ok
15:51:24.0531 5320 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:51:24.0546 5320 Srv - ok
15:51:24.0562 5320 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:51:24.0578 5320 SSDPSRV - ok
15:51:24.0609 5320 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
15:51:24.0609 5320 ss_bbus - ok
15:51:24.0625 5320 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
15:51:24.0640 5320 ss_bmdfl - ok
15:51:24.0671 5320 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
15:51:24.0671 5320 ss_bmdm - ok
15:51:24.0703 5320 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:51:24.0718 5320 stisvc - ok
15:51:24.0750 5320 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:51:24.0750 5320 swenum - ok
15:51:24.0765 5320 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:51:24.0765 5320 swmidi - ok
15:51:24.0765 5320 SwPrv - ok
15:51:24.0781 5320 symc810 - ok
15:51:24.0781 5320 symc8xx - ok
15:51:24.0781 5320 sym_hi - ok
15:51:24.0796 5320 sym_u3 - ok
15:51:24.0796 5320 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:51:24.0812 5320 sysaudio - ok
15:51:24.0812 5320 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:51:24.0828 5320 SysmonLog - ok
15:51:24.0843 5320 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:51:24.0859 5320 TapiSrv - ok
15:51:24.0890 5320 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:51:24.0906 5320 Tcpip - ok
15:51:24.0921 5320 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:51:24.0921 5320 TDPIPE - ok
15:51:24.0937 5320 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:51:24.0937 5320 TDTCP - ok
15:51:24.0953 5320 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:51:24.0953 5320 TermDD - ok
15:51:24.0984 5320 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
15:51:25.0000 5320 TermService - ok
15:51:25.0015 5320 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:51:25.0015 5320 Themes - ok
15:51:25.0031 5320 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:51:25.0046 5320 TlntSvr - ok
15:51:25.0062 5320 TosIde - ok
15:51:25.0062 5320 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:51:25.0078 5320 TrkWks - ok
15:51:25.0093 5320 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:51:25.0093 5320 Udfs - ok
15:51:25.0093 5320 ultra - ok
15:51:25.0140 5320 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:51:25.0140 5320 Update - ok
15:51:25.0171 5320 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
15:51:25.0187 5320 upnphost - ok
15:51:25.0187 5320 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
15:51:25.0203 5320 UPS - ok
15:51:25.0234 5320 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:51:25.0234 5320 usbehci - ok
15:51:25.0234 5320 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:51:25.0250 5320 usbhub - ok
15:51:25.0265 5320 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:51:25.0281 5320 usbprint - ok
15:51:25.0296 5320 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:51:25.0296 5320 usbscan - ok
15:51:25.0312 5320 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:51:25.0312 5320 usbstor - ok
15:51:25.0328 5320 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:51:25.0328 5320 usbuhci - ok
15:51:25.0343 5320 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:51:25.0343 5320 VgaSave - ok
15:51:25.0343 5320 ViaIde - ok
15:51:25.0359 5320 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:51:25.0359 5320 VolSnap - ok
15:51:25.0359 5320 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
15:51:25.0375 5320 VSS - ok
15:51:25.0390 5320 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
15:51:25.0406 5320 W32Time - ok
15:51:25.0421 5320 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:51:25.0421 5320 Wanarp - ok
15:51:25.0421 5320 WDICA - ok
15:51:25.0437 5320 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:51:25.0437 5320 wdmaud - ok
15:51:25.0453 5320 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:51:25.0453 5320 WebClient - ok
15:51:25.0500 5320 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:51:25.0515 5320 winmgmt - ok
15:51:25.0546 5320 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:51:25.0546 5320 WmdmPmSN - ok
15:51:25.0578 5320 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:51:25.0609 5320 Wmi - ok
15:51:25.0640 5320 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:51:25.0640 5320 WmiApSrv - ok
15:51:25.0687 5320 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:51:25.0718 5320 WMPNetworkSvc - ok
15:51:25.0734 5320 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:51:25.0734 5320 WS2IFSL - ok
15:51:25.0765 5320 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:51:25.0781 5320 wscsvc - ok
15:51:25.0796 5320 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:51:25.0828 5320 wuauserv - ok
15:51:25.0843 5320 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:51:25.0843 5320 WudfPf - ok
15:51:25.0875 5320 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:51:25.0875 5320 WudfRd - ok
15:51:25.0890 5320 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:51:25.0890 5320 WudfSvc - ok
15:51:25.0921 5320 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:51:25.0937 5320 WZCSVC - ok
15:51:25.0968 5320 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:51:25.0984 5320 xmlprov - ok
15:51:25.0984 5320 ================ Scan global ===============================
15:51:26.0000 5320 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
15:51:26.0031 5320 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:51:26.0046 5320 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:51:26.0062 5320 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
15:51:26.0078 5320 [Global] - ok
15:51:26.0078 5320 ================ Scan MBR ==================================
15:51:26.0078 5320 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
15:51:26.0218 5320 \Device\Harddisk0\DR0 - ok
15:51:26.0218 5320 ================ Scan VBR ==================================
15:51:26.0218 5320 [ 33D6CC8CFA0F16D66807CE1127B6AA29 ] \Device\Harddisk0\DR0\Partition1
15:51:26.0218 5320 \Device\Harddisk0\DR0\Partition1 - ok
15:51:26.0234 5320 [ 1D595C0F2BCEB0C603B59673354811BC ] \Device\Harddisk0\DR0\Partition2
15:51:26.0234 5320 \Device\Harddisk0\DR0\Partition2 - ok
15:51:26.0234 5320 ============================================================
15:51:26.0234 5320 Scan finished
15:51:26.0234 5320 ============================================================
15:51:26.0250 5308 Detected object count: 1
15:51:26.0250 5308 Actual detected object count: 1
15:51:59.0859 5308 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
15:52:04.0656 5308 ACPI ( Virus.Win32.Rloader.a ) - User select action: Quarantine
15:53:08.0375 5672 ============================================================
15:53:08.0375 5672 Scan started
15:53:08.0375 5672 Mode: Manual; SigCheck; TDLFS;
15:53:08.0375 5672 ============================================================
15:53:08.0468 5672 ================ Scan system memory ========================
15:53:08.0468 5672 System memory - ok
15:53:08.0468 5672 ================ Scan services =============================
15:53:08.0640 5672 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
15:53:08.0828 5672 Aavmker4 - ok
15:53:08.0828 5672 Abiosdsk - ok
15:53:08.0828 5672 abp480n5 - ok
15:53:08.0859 5672 [ 7A2A462B010B4E4AF79A1B5D42D33D06 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:53:08.0859 5672 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: 7A2A462B010B4E4AF79A1B5D42D33D06, Fake md5: 4FE34F1F3126B61FCC6B2043AA8112C9
15:53:08.0859 5672 ACPI ( Virus.Win32.Rloader.a ) - infected
15:53:08.0859 5672 ACPI - detected Virus.Win32.Rloader.a (0)
15:53:08.0890 5672 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:53:09.0765 5672 ACPIEC - ok
15:53:09.0765 5672 adpu160m - ok
15:53:09.0796 5672 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:53:09.0921 5672 aec - ok
15:53:09.0937 5672 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:53:09.0968 5672 AFD - ok
15:53:09.0984 5672 Aha154x - ok
15:53:09.0984 5672 aic78u2 - ok
15:53:09.0984 5672 aic78xx - ok
15:53:10.0015 5672 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:53:10.0140 5672 Alerter - ok
15:53:10.0140 5672 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
15:53:10.0203 5672 ALG - ok
15:53:10.0203 5672 AliIde - ok
15:53:10.0203 5672 amsint - ok
15:53:10.0218 5672 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:53:10.0296 5672 AppMgmt - ok
15:53:10.0296 5672 asc - ok
15:53:10.0296 5672 asc3350p - ok
15:53:10.0296 5672 asc3550 - ok
15:53:10.0359 5672 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:53:10.0375 5672 aspnet_state - ok
15:53:10.0390 5672 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:53:10.0406 5672 aswFsBlk - ok
15:53:10.0406 5672 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
15:53:10.0421 5672 aswMon2 - ok
15:53:10.0437 5672 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
15:53:10.0453 5672 AswRdr - ok
15:53:10.0468 5672 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:53:10.0500 5672 aswSnx - ok
15:53:10.0531 5672 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:53:10.0546 5672 aswSP - ok
15:53:10.0578 5672 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
15:53:10.0593 5672 aswTdi - ok
15:53:10.0609 5672 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:53:10.0718 5672 AsyncMac - ok
15:53:10.0734 5672 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:53:10.0843 5672 atapi - ok
15:53:10.0859 5672 Atdisk - ok
15:53:10.0875 5672 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:53:11.0000 5672 Atmarpc - ok
15:53:11.0015 5672 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:53:11.0140 5672 AudioSrv - ok
15:53:11.0140 5672 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:53:11.0265 5672 audstub - ok
15:53:11.0328 5672 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:53:11.0343 5672 avast! Antivirus - ok
15:53:11.0375 5672 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:53:11.0500 5672 Beep - ok
15:53:11.0531 5672 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
15:53:11.0656 5672 BITS - ok
15:53:11.0687 5672 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
15:53:11.0718 5672 Browser - ok
15:53:11.0812 5672 catchme - ok
15:53:11.0843 5672 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:53:11.0968 5672 cbidf2k - ok
15:53:11.0968 5672 cd20xrnt - ok
15:53:11.0984 5672 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:53:12.0093 5672 Cdaudio - ok
15:53:12.0109 5672 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:53:12.0234 5672 Cdfs - ok
15:53:12.0250 5672 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:53:12.0375 5672 Cdrom - ok
15:53:12.0375 5672 Changer - ok
15:53:12.0375 5672 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:53:12.0484 5672 CiSvc - ok
15:53:12.0500 5672 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:53:12.0609 5672 ClipSrv - ok
15:53:12.0640 5672 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:53:12.0656 5672 clr_optimization_v2.0.50727_32 - ok
15:53:12.0656 5672 CmdIde - ok
15:53:12.0671 5672 COMSysApp - ok
15:53:12.0671 5672 Cpqarray - ok
15:53:12.0703 5672 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:53:12.0828 5672 CryptSvc - ok
15:53:12.0828 5672 dac2w2k - ok
15:53:12.0828 5672 dac960nt - ok
15:53:12.0875 5672 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:53:12.0906 5672 DcomLaunch - ok
15:53:12.0921 5672 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:53:13.0031 5672 Dhcp - ok
15:53:13.0046 5672 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:53:13.0156 5672 Disk - ok
15:53:13.0171 5672 dmadmin - ok
15:53:13.0203 5672 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:53:13.0359 5672 dmboot - ok
15:53:13.0359 5672 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:53:13.0468 5672 dmio - ok
15:53:13.0484 5672 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:53:13.0593 5672 dmload - ok
15:53:13.0609 5672 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:53:13.0734 5672 dmserver - ok
15:53:13.0750 5672 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:53:13.0875 5672 DMusic - ok
15:53:13.0890 5672 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:53:13.0921 5672 Dnscache - ok
15:53:13.0937 5672 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:53:14.0062 5672 Dot3svc - ok
15:53:14.0062 5672 dpti2o - ok
15:53:14.0078 5672 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:53:14.0203 5672 drmkaud - ok
15:53:14.0218 5672 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:53:14.0343 5672 EapHost - ok
15:53:14.0343 5672 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:53:14.0468 5672 ERSvc - ok
15:53:14.0500 5672 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
15:53:14.0515 5672 Eventlog - ok
15:53:14.0546 5672 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
15:53:14.0562 5672 EventSystem - ok
15:53:14.0578 5672 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:53:14.0687 5672 Fastfat - ok
15:53:14.0718 5672 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:53:14.0750 5672 FastUserSwitchingCompatibility - ok
15:53:14.0750 5672 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:53:14.0875 5672 Fdc - ok
15:53:14.0890 5672 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:53:15.0015 5672 Fips - ok
15:53:15.0015 5672 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:53:15.0125 5672 Flpydisk - ok
15:53:15.0156 5672 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:53:15.0265 5672 FltMgr - ok
15:53:15.0312 5672 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:53:15.0328 5672 FontCache3.0.0.0 - ok
15:53:15.0359 5672 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
15:53:15.0390 5672 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
15:53:15.0390 5672 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
15:53:15.0421 5672 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
15:53:15.0437 5672 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
15:53:15.0437 5672 FsUsbExService - detected UnsignedFile.Multi.Generic (1)
15:53:15.0453 5672 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:53:15.0562 5672 Fs_Rec - ok
15:53:15.0578 5672 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:53:15.0687 5672 Ftdisk - ok
15:53:15.0718 5672 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:53:15.0843 5672 Gpc - ok
15:53:15.0890 5672 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:53:15.0906 5672 gupdate - ok
15:53:15.0906 5672 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:53:15.0921 5672 gupdatem - ok
15:53:15.0953 5672 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:53:15.0968 5672 gusvc - ok
15:53:16.0000 5672 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:53:16.0109 5672 HDAudBus - ok
15:53:16.0140 5672 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:53:16.0250 5672 helpsvc - ok
15:53:16.0265 5672 HidServ - ok
15:53:16.0281 5672 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:53:16.0390 5672 hkmsvc - ok
15:53:16.0406 5672 hpn - ok
15:53:16.0421 5672 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:53:16.0437 5672 HTTP - ok
15:53:16.0453 5672 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:53:16.0578 5672 HTTPFilter - ok
15:53:16.0578 5672 i2omgmt - ok
15:53:16.0578 5672 i2omp - ok
15:53:16.0593 5672 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:53:16.0718 5672 i8042prt - ok
15:53:16.0765 5672 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:53:16.0812 5672 idsvc - ok
15:53:16.0828 5672 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:53:16.0953 5672 Imapi - ok
15:53:16.0968 5672 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:53:17.0078 5672 ImapiService - ok
15:53:17.0093 5672 ini910u - ok
15:53:17.0234 5672 [ B2957D6C1226F029230DAC2C46D34286 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:53:17.0390 5672 IntcAzAudAddService - ok
15:53:17.0406 5672 IntelIde - ok
15:53:17.0421 5672 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:53:17.0531 5672 intelppm - ok
15:53:17.0546 5672 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:53:17.0656 5672 Ip6Fw - ok
15:53:17.0671 5672 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:53:17.0796 5672 IpFilterDriver - ok
15:53:17.0812 5672 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:53:17.0921 5672 IpInIp - ok
15:53:17.0937 5672 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:53:18.0062 5672 IpNat - ok
15:53:18.0078 5672 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:53:18.0203 5672 IPSec - ok
15:53:18.0218 5672 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:53:18.0281 5672 IRENUM - ok
15:53:18.0296 5672 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:53:18.0406 5672 isapnp - ok
15:53:18.0437 5672 [ 126A16F569122AE00AD3D12EF831D651 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:53:18.0453 5672 JavaQuickStarterService - ok
15:53:18.0453 5672 [ BDCE08E413C98720D23D0A4CD74F6E0C ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
15:53:18.0484 5672 JRAID - ok
15:53:18.0500 5672 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:53:18.0609 5672 Kbdclass - ok
15:53:18.0640 5672 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:53:18.0765 5672 kmixer - ok
15:53:18.0781 5672 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:53:18.0796 5672 KSecDD - ok
15:53:18.0828 5672 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
15:53:18.0843 5672 LanmanServer - ok
15:53:18.0875 5672 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:53:18.0890 5672 lanmanworkstation - ok
15:53:18.0890 5672 lbrtfdc - ok
15:53:18.0906 5672 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:53:19.0015 5672 LmHosts - ok
15:53:19.0031 5672 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:53:19.0156 5672 Messenger - ok
15:53:19.0171 5672 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:53:19.0281 5672 mnmdd - ok
15:53:19.0296 5672 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:53:19.0421 5672 mnmsrvc - ok
15:53:19.0421 5672 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:53:19.0546 5672 Modem - ok
15:53:19.0546 5672 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:53:19.0656 5672 Mouclass - ok
15:53:19.0671 5672 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:53:19.0781 5672 MountMgr - ok
15:53:19.0796 5672 mraid35x - ok
15:53:19.0812 5672 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:53:19.0921 5672 MRxDAV - ok
15:53:19.0953 5672 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:53:19.0968 5672 MRxSmb - ok
15:53:20.0000 5672 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:53:20.0109 5672 MSDTC - ok
15:53:20.0109 5672 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:53:20.0234 5672 Msfs - ok
15:53:20.0234 5672 MSIServer - ok
15:53:20.0250 5672 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:53:20.0359 5672 MSKSSRV - ok
15:53:20.0375 5672 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:53:20.0484 5672 MSPCLOCK - ok
15:53:20.0484 5672 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:53:20.0609 5672 MSPQM - ok
15:53:20.0625 5672 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:53:20.0750 5672 mssmbios - ok
15:53:20.0765 5672 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:53:20.0781 5672 Mup - ok
15:53:20.0796 5672 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:53:20.0921 5672 napagent - ok
15:53:20.0921 5672 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:53:21.0031 5672 NDIS - ok
15:53:21.0046 5672 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:53:21.0062 5672 NdisTapi - ok
15:53:21.0078 5672 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:53:21.0187 5672 Ndisuio - ok
15:53:21.0187 5672 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:53:21.0312 5672 NdisWan - ok
15:53:21.0343 5672 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:53:21.0359 5672 NDProxy - ok
15:53:21.0390 5672 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:53:21.0500 5672 NetBIOS - ok
15:53:21.0515 5672 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:53:21.0625 5672 NetBT - ok
15:53:21.0640 5672 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
15:53:21.0765 5672 NetDDE - ok
15:53:21.0781 5672 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:53:21.0906 5672 NetDDEdsdm - ok
15:53:21.0921 5672 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:53:22.0031 5672 Netlogon - ok
15:53:22.0046 5672 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
15:53:22.0156 5672 Netman - ok
15:53:22.0187 5672 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:53:22.0203 5672 NetTcpPortSharing - ok
15:53:22.0234 5672 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
15:53:22.0250 5672 Nla - ok
15:53:22.0281 5672 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\NPF.sys
15:53:22.0281 5672 NPF - ok
15:53:22.0296 5672 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:53:22.0421 5672 Npfs - ok
15:53:22.0421 5672 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:53:22.0562 5672 Ntfs - ok
15:53:22.0562 5672 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:53:22.0687 5672 NtLmSsp - ok
15:53:22.0718 5672 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:53:22.0843 5672 NtmsSvc - ok
15:53:22.0875 5672 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:53:22.0984 5672 Null - ok
15:53:23.0171 5672 [ 8C0456001B6900114BBB1C548BD8AAF5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:53:23.0390 5672 nv - ok
15:53:23.0437 5672 [ 472A00D2183C9E5EDB3E076272741812 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:53:23.0453 5672 NVSvc - ok
15:53:23.0468 5672 [ ADB82FBC435AE7504082B3C714C3885D ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
15:53:23.0531 5672 NWCWorkstation - ok
15:53:23.0531 5672 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:53:23.0656 5672 NwlnkFlt - ok
15:53:23.0656 5672 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:53:23.0781 5672 NwlnkFwd - ok
15:53:23.0796 5672 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
15:53:23.0906 5672 NwlnkIpx - ok
15:53:23.0921 5672 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
15:53:24.0031 5672 NwlnkNb - ok
15:53:24.0046 5672 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
15:53:24.0171 5672 NwlnkSpx - ok
15:53:24.0171 5672 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
15:53:24.0234 5672 NWRDR - ok
15:53:24.0328 5672 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:53:24.0359 5672 odserv - ok
15:53:24.0390 5672 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:24.0406 5672 ose - ok
15:53:24.0406 5672 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:53:24.0531 5672 Parport - ok
15:53:24.0531 5672 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:53:24.0656 5672 PartMgr - ok
15:53:24.0687 5672 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:53:24.0796 5672 ParVdm - ok
15:53:24.0812 5672 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:53:24.0843 5672 pccsmcfd - ok
15:53:24.0859 5672 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:53:24.0984 5672 PCI - ok
15:53:24.0984 5672 PCIDump - ok
15:53:24.0984 5672 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:53:25.0109 5672 PCIIde - ok
15:53:25.0125 5672 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:53:25.0250 5672 Pcmcia - ok
15:53:25.0250 5672 PDCOMP - ok
15:53:25.0250 5672 PDFRAME - ok
15:53:25.0265 5672 PDRELI - ok
15:53:25.0265 5672 PDRFRAME - ok
15:53:25.0265 5672 perc2 - ok
15:53:25.0281 5672 perc2hib - ok
15:53:25.0421 5672 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
15:53:25.0437 5672 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning
15:53:25.0437 5672 PEVSystemStart - detected UnsignedFile.Multi.Generic (1)
15:53:25.0453 5672 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
15:53:25.0468 5672 PlugPlay - ok
15:53:25.0484 5672 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:53:25.0593 5672 PolicyAgent - ok
15:53:25.0625 5672 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:53:25.0750 5672 PptpMiniport - ok
15:53:25.0750 5672 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:53:25.0875 5672 ProtectedStorage - ok
15:53:25.0875 5672 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:53:25.0984 5672 PSched - ok
15:53:26.0000 5672 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:53:26.0125 5672 Ptilink - ok
15:53:26.0125 5672 ql1080 - ok
15:53:26.0125 5672 Ql10wnt - ok
15:53:26.0125 5672 ql12160 - ok
15:53:26.0140 5672 ql1240 - ok
15:53:26.0140 5672 ql1280 - ok
15:53:26.0156 5672 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:53:26.0296 5672 RasAcd - ok
15:53:26.0312 5672 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:53:26.0437 5672 RasAuto - ok
15:53:26.0453 5672 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:53:26.0578 5672 Rasl2tp - ok
15:53:26.0593 5672 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:53:26.0718 5672 RasMan - ok
15:53:26.0734 5672 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:53:26.0875 5672 RasPppoe - ok
15:53:26.0890 5672 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:53:27.0000 5672 Raspti - ok
15:53:27.0000 5672 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:53:27.0125 5672 Rdbss - ok
15:53:27.0125 5672 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:53:27.0234 5672 RDPCDD - ok
15:53:27.0265 5672 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:53:27.0375 5672 rdpdr - ok
15:53:27.0406 5672 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:53:27.0437 5672 RDPWD - ok
15:53:27.0453 5672 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:53:27.0578 5672 RDSessMgr - ok
15:53:27.0593 5672 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:53:27.0703 5672 redbook - ok
15:53:27.0718 5672 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:53:27.0843 5672 RemoteAccess - ok
15:53:27.0859 5672 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:53:27.0968 5672 RemoteRegistry - ok
15:53:27.0984 5672 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:53:28.0109 5672 RpcLocator - ok
15:53:28.0125 5672 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:53:28.0156 5672 RpcSs - ok
15:53:28.0156 5672 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:53:28.0281 5672 RSVP - ok
15:53:28.0296 5672 [ E10F6C9BD09D8DAE26E29D52C65E6E0F ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
15:53:28.0343 5672 RTL8023xp - ok
15:53:28.0343 5672 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
15:53:28.0453 5672 SamSs - ok
15:53:28.0468 5672 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:53:28.0593 5672 SCardSvr - ok
15:53:28.0609 5672 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:53:28.0734 5672 Schedule - ok
15:53:28.0750 5672 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:53:28.0812 5672 Secdrv - ok
15:53:28.0812 5672 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:53:28.0953 5672 seclogon - ok
15:53:28.0968 5672 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
15:53:29.0078 5672 SENS - ok
15:53:29.0078 5672 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:53:29.0203 5672 serenum - ok
15:53:29.0203 5672 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:53:29.0343 5672 Serial - ok
15:53:29.0375 5672 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:53:29.0390 5672 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
15:53:29.0390 5672 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
15:53:29.0406 5672 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:53:29.0531 5672 Sfloppy - ok
15:53:29.0546 5672 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:53:29.0656 5672 SharedAccess - ok
15:53:29.0671 5672 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:53:29.0734 5672 ShellHWDetection - ok
15:53:29.0734 5672 Simbad - ok
15:53:29.0734 5672 Sparrow - ok
15:53:29.0750 5672 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:53:29.0859 5672 splitter - ok
15:53:29.0890 5672 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:53:29.0921 5672 Spooler - ok
15:53:29.0953 5672 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:53:30.0015 5672 sr - ok
15:53:30.0031 5672 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
15:53:30.0093 5672 srservice - ok
15:53:30.0125 5672 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:53:30.0156 5672 Srv - ok
15:53:30.0187 5672 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:53:30.0234 5672 SSDPSRV - ok
15:53:30.0265 5672 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
15:53:30.0281 5672 ss_bbus - ok
15:53:30.0312 5672 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
15:53:30.0328 5672 ss_bmdfl - ok
15:53:30.0359 5672 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
15:53:30.0375 5672 ss_bmdm - ok
15:53:30.0406 5672 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:53:30.0515 5672 stisvc - ok
15:53:30.0531 5672 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:53:30.0640 5672 swenum - ok
15:53:30.0656 5672 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:53:30.0781 5672 swmidi - ok
15:53:30.0781 5672 SwPrv - ok
15:53:30.0781 5672 symc810 - ok
15:53:30.0796 5672 symc8xx - ok
15:53:30.0796 5672 sym_hi - ok
15:53:30.0828 5672 sym_u3 - ok
15:53:30.0843 5672 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:53:30.0968 5672 sysaudio - ok
15:53:30.0984 5672 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:53:31.0093 5672 SysmonLog - ok
15:53:31.0109 5672 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:53:31.0234 5672 TapiSrv - ok
15:53:31.0265 5672 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:53:31.0312 5672 Tcpip - ok
15:53:31.0328 5672 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:53:31.0437 5672 TDPIPE - ok
15:53:31.0453 5672 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:53:31.0562 5672 TDTCP - ok
15:53:31.0578 5672 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:53:31.0687 5672 TermDD - ok
15:53:31.0718 5672 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
15:53:31.0859 5672 TermService - ok
15:53:31.0859 5672 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:53:31.0890 5672 Themes - ok
15:53:31.0921 5672 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:53:31.0984 5672 TlntSvr - ok
15:53:31.0984 5672 TosIde - ok
15:53:31.0984 5672 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:53:32.0109 5672 TrkWks - ok
15:53:32.0125 5672 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:53:32.0234 5672 Udfs - ok
15:53:32.0250 5672 ultra - ok
15:53:32.0281 5672 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:53:32.0406 5672 Update - ok
15:53:32.0421 5672 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
15:53:32.0500 5672 upnphost - ok
15:53:32.0515 5672 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
15:53:32.0625 5672 UPS - ok
15:53:32.0640 5672 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:53:32.0750 5672 usbehci - ok
15:53:32.0765 5672 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:53:32.0875 5672 usbhub - ok
15:53:32.0875 5672 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:53:33.0000 5672 usbprint - ok
15:53:33.0000 5672 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:53:33.0109 5672 usbscan - ok
15:53:33.0125 5672 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:53:33.0250 5672 usbstor - ok
15:53:33.0265 5672 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:53:33.0375 5672 usbuhci - ok
15:53:33.0390 5672 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:53:33.0515 5672 VgaSave - ok
15:53:33.0515 5672 ViaIde - ok
15:53:33.0531 5672 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:53:33.0640 5672 VolSnap - ok
15:53:33.0640 5672 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
15:53:33.0734 5672 VSS - ok
15:53:33.0750 5672 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
15:53:33.0875 5672 W32Time - ok
15:53:33.0890 5672 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:53:34.0000 5672 Wanarp - ok
15:53:34.0000 5672 WDICA - ok
15:53:34.0015 5672 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:53:34.0125 5672 wdmaud - ok
15:53:34.0140 5672 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:53:34.0250 5672 WebClient - ok
15:53:34.0296 5672 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:53:34.0406 5672 winmgmt - ok
15:53:34.0437 5672 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:53:34.0468 5672 WmdmPmSN - ok
15:53:34.0500 5672 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:53:34.0546 5672 Wmi - ok
15:53:34.0578 5672 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:53:34.0687 5672 WmiApSrv - ok
15:53:34.0750 5672 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:53:34.0781 5672 WMPNetworkSvc - ok
15:53:34.0812 5672 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:53:34.0921 5672 WS2IFSL - ok
15:53:34.0937 5672 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:53:35.0078 5672 wscsvc - ok
15:53:35.0093 5672 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:53:35.0203 5672 wuauserv - ok
15:53:35.0218 5672 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:53:35.0250 5672 WudfPf - ok
15:53:35.0250 5672 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:53:35.0265 5672 WudfRd - ok
15:53:35.0281 5672 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:53:35.0312 5672 WudfSvc - ok
15:53:35.0328 5672 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:53:35.0453 5672 WZCSVC - ok
15:53:35.0468 5672 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:53:35.0593 5672 xmlprov - ok
15:53:35.0593 5672 ================ Scan global ===============================
15:53:35.0609 5672 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
15:53:35.0640 5672 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:53:35.0671 5672 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
15:53:35.0703 5672 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
15:53:35.0718 5672 [Global] - ok
15:53:35.0718 5672 ================ Scan MBR ==================================
15:53:35.0718 5672 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
15:53:35.0937 5672 \Device\Harddisk0\DR0 - ok
15:53:35.0937 5672 ================ Scan VBR ==================================
15:53:35.0937 5672 [ 33D6CC8CFA0F16D66807CE1127B6AA29 ] \Device\Harddisk0\DR0\Partition1
15:53:35.0937 5672 \Device\Harddisk0\DR0\Partition1 - ok
15:53:35.0968 5672 [ 1D595C0F2BCEB0C603B59673354811BC ] \Device\Harddisk0\DR0\Partition2
15:53:35.0968 5672 \Device\Harddisk0\DR0\Partition2 - ok
15:53:35.0968 5672 ============================================================
15:53:35.0968 5672 Scan finished
15:53:35.0968 5672 ============================================================
15:53:36.0093 5664 Detected object count: 5
15:53:36.0093 5664 Actual detected object count: 5
15:54:51.0546 5664 ACPI ( Virus.Win32.Rloader.a ) - skipped by user
15:54:51.0546 5664 ACPI ( Virus.Win32.Rloader.a ) - User select action: Skip
15:54:51.0546 5664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:54:51.0546 5664 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:54:51.0546 5664 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:54:51.0546 5664 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
15:54:51.0546 5664 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
Re: Combofix
log z OTL obsahuje příliš mnoho znaku.
pošlu ho po částech.
Co mám dělat s tou karanténou?
Další Věc je že mám na disku C něco co vypadá jako samostatný disk pro Combofix. Můžu ho nějakým způsobem odstranit aby ho někdo z rodiny zbytečně nepoužíval?
pošlu ho po částech.
Co mám dělat s tou karanténou?
Další Věc je že mám na disku C něco co vypadá jako samostatný disk pro Combofix. Můžu ho nějakým způsobem odstranit aby ho někdo z rodiny zbytečně nepoužíval?
Re: Combofix
OTL logfile created on: 30.12.2012 15:59:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\x\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
510,42 Mb Total Physical Memory | 171,87 Mb Available Physical Memory | 33,67% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,71% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 33,42 Gb Free Space | 57,04% Space Free | Partition Type: NTFS
Drive D: | 174,28 Gb Total Space | 31,93 Gb Free Space | 18,32% Space Free | Partition Type: NTFS
Computer Name: | User Name: | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.12.30 15:56:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\x\Plocha\OTL.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010.07.10 13:56:34 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010.05.14 10:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 11:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.09.08 03:55:00 | 000,184,320 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\system32\MSTMON_Y.EXE
========== Modules (No Company Name) ==========
MOD - [2012.12.30 09:10:32 | 002,041,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12123000\algo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.26 07:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\x\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.01.12 21:27:16 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008.04.17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.04.14 03:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.11.26 11:16:50 | 000,072,704 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007.11.21 00:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2001.10.25 19:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.10.25 19:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {49A233D1-DD5B-42D7-BA5B-05DCC70771A6}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{49A233D1-DD5B-42D7-BA5B-05DCC70771A6}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... E8B7BA8E6B
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes\{49A233D1-DD5B-42D7-BA5B-05DCC70771A6}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:55717
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Disk Google = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.01.12 21:28:01 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1400W STD] C:\WINDOWS\System32\MSTMON_Y.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide File not found
O4 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: com.tw ([asia.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: com.tw ([global.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: com.tw ([www.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED9A4414-0630-436F-A083-7231F60AF625}: NameServer = 8.8.8.8,82.99.179.6,213.235.168.6
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\x\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\x\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll File not found
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.17 13:55:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\x\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
510,42 Mb Total Physical Memory | 171,87 Mb Available Physical Memory | 33,67% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,71% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 33,42 Gb Free Space | 57,04% Space Free | Partition Type: NTFS
Drive D: | 174,28 Gb Total Space | 31,93 Gb Free Space | 18,32% Space Free | Partition Type: NTFS
Computer Name: | User Name: | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.12.30 15:56:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\x\Plocha\OTL.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2010.07.10 13:56:34 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010.05.14 10:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 11:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.09.08 03:55:00 | 000,184,320 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\WINDOWS\system32\MSTMON_Y.EXE
========== Modules (No Company Name) ==========
MOD - [2012.12.30 09:10:32 | 002,041,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12123000\algo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.26 07:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\ComboFix\pev.3XE -- (PEVSystemStart)
SRV - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\x\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.01.12 21:27:16 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008.04.17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.04.14 03:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.11.26 11:16:50 | 000,072,704 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007.11.21 00:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2001.10.25 19:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001.10.25 19:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {49A233D1-DD5B-42D7-BA5B-05DCC70771A6}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{49A233D1-DD5B-42D7-BA5B-05DCC70771A6}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... E8B7BA8E6B
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\SearchScopes\{49A233D1-DD5B-42D7-BA5B-05DCC70771A6}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:55717
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Disk Google = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Documents and Settings\x\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.01.12 21:28:01 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1400W STD] C:\WINDOWS\System32\MSTMON_Y.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide File not found
O4 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: com.tw ([asia.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: com.tw ([global.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: com.tw ([www.msi] http in Důvěryhodné servery)
O15 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.msi.com.tw/autobios/L ... nstall.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED9A4414-0630-436F-A083-7231F60AF625}: NameServer = 8.8.8.8,82.99.179.6,213.235.168.6
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-484763869-1383384898-1417001333-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\x\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\x\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll File not found
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.17 13:55:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
Re: Combofix
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - C:\ComboFix\pev.3XE ()
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - C:\ComboFix\pev.3XE ()
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.12.30 15:55:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\x\Plocha\OTL.exe
[2012.12.30 15:51:59 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.12.30 15:50:26 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\x\Plocha\tdsskiller.exe
[2012.12.27 22:41:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.27 22:35:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\x\Plocha\Instalačky antiviru
[2012.12.27 22:12:28 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.12.27 20:40:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012.12.27 18:43:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.12.27 18:40:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.12.27 18:40:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.12.27 18:40:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.12.27 18:40:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.12.27 18:40:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.27 18:40:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\x\Nabídka Start\Programy\Nástroje pro správu
[2012.12.27 18:40:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.12.27 18:27:28 | 005,014,125 | R--- | C] (Swearware) -- C:\Documents and Settings\x\Plocha\ComboFix.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.12.30 16:02:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.30 16:02:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.12.30 15:56:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\x\Plocha\OTL.exe
[2012.12.30 15:50:26 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\x\Plocha\tdsskiller.exe
[2012.12.30 15:33:18 | 000,014,751 | ---- | M] () -- C:\WINDOWS\MSTMON_Y.INI
[2012.12.30 15:33:09 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.12.30 15:32:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.30 15:32:50 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.30 15:32:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.30 15:32:08 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.30 08:40:59 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.12.30 08:40:57 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.12.28 02:33:43 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.12.27 22:18:32 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\x\Plocha\Microsoft Office Word 2007.lnk
[2012.12.27 22:12:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.27 22:01:17 | 000,000,035 | ---- | M] () -- C:\Documents and Settings\x\Plocha\CFScript
[2012.12.27 21:26:51 | 001,938,966 | ---- | M] () -- C:\Documents and Settings\x\Plocha\PF 2013.jpg
[2012.12.27 18:43:56 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.12.27 18:27:31 | 005,014,125 | R--- | M] (Swearware) -- C:\Documents and Settings\x\Plocha\ComboFix.exe
[2012.12.26 23:31:42 | 000,433,242 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.26 23:31:42 | 000,429,794 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.12.26 23:31:42 | 000,078,606 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.12.26 23:31:42 | 000,068,006 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.12.24 10:59:52 | 000,194,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.30 16:02:19 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.27 22:01:17 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\x\Plocha\CFScript
[2012.12.27 21:26:50 | 001,938,966 | ---- | C] () -- C:\Documents and Settings\x\Plocha\PF 2013.jpg
[2012.12.27 18:43:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.12.27 18:43:53 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.12.27 18:40:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.12.27 18:40:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.12.27 18:40:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.12.27 18:40:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.12.27 18:40:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.10.07 14:46:00 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.05.10 13:59:18 | 000,000,872 | ---- | C] () -- C:\Documents and Settings\x\.recently-used.xbel
[2012.02.16 19:58:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.17 16:01:17 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.01.09 15:13:18 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\fstextv66.dll
[2011.01.09 15:13:17 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2011.01.09 15:13:17 | 000,145,920 | ---- | C] () -- C:\WINDOWS\System32\wav2.dll
[2011.01.09 15:13:17 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010.12.25 12:59:16 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\x\Data aplikací\$_hpcst$.hpc
[2009.12.20 10:45:34 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\x\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.12.30 17:34:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 11:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 11:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.11.11 13:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.01.03 20:04:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.01.03 20:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.12.25 13:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.11.11 13:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\883FE
[2012.12.27 19:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\AIMP
[2009.12.17 15:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\GHISLER
[2011.03.11 17:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\gtk-2.0
[2009.12.20 10:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\Opera
[2010.12.25 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\PC Suite
[2012.12.01 14:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\PhotoFiltre Studio X
[2010.12.25 12:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\Samsung
[2010.09.05 18:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
========== Drive Information ==========
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - C:\ComboFix\pev.3XE ()
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - C:\ComboFix\pev.3XE ()
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.12.30 15:55:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\x\Plocha\OTL.exe
[2012.12.30 15:51:59 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.12.30 15:50:26 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\x\Plocha\tdsskiller.exe
[2012.12.27 22:41:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.27 22:35:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\x\Plocha\Instalačky antiviru
[2012.12.27 22:12:28 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.12.27 20:40:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012.12.27 18:43:52 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.12.27 18:40:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.12.27 18:40:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.12.27 18:40:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.12.27 18:40:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.12.27 18:40:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.27 18:40:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\x\Nabídka Start\Programy\Nástroje pro správu
[2012.12.27 18:40:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.12.27 18:27:28 | 005,014,125 | R--- | C] (Swearware) -- C:\Documents and Settings\x\Plocha\ComboFix.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.12.30 16:02:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.30 16:02:00 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.12.30 15:56:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\x\Plocha\OTL.exe
[2012.12.30 15:50:26 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\x\Plocha\tdsskiller.exe
[2012.12.30 15:33:18 | 000,014,751 | ---- | M] () -- C:\WINDOWS\MSTMON_Y.INI
[2012.12.30 15:33:09 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.12.30 15:32:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.30 15:32:50 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.30 15:32:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.30 15:32:08 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.30 08:40:59 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.12.30 08:40:57 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.12.28 02:33:43 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.12.27 22:18:32 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\x\Plocha\Microsoft Office Word 2007.lnk
[2012.12.27 22:12:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.27 22:01:17 | 000,000,035 | ---- | M] () -- C:\Documents and Settings\x\Plocha\CFScript
[2012.12.27 21:26:51 | 001,938,966 | ---- | M] () -- C:\Documents and Settings\x\Plocha\PF 2013.jpg
[2012.12.27 18:43:56 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.12.27 18:27:31 | 005,014,125 | R--- | M] (Swearware) -- C:\Documents and Settings\x\Plocha\ComboFix.exe
[2012.12.26 23:31:42 | 000,433,242 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.26 23:31:42 | 000,429,794 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.12.26 23:31:42 | 000,078,606 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.12.26 23:31:42 | 000,068,006 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.12.24 10:59:52 | 000,194,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.30 16:02:19 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.27 22:01:17 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\x\Plocha\CFScript
[2012.12.27 21:26:50 | 001,938,966 | ---- | C] () -- C:\Documents and Settings\x\Plocha\PF 2013.jpg
[2012.12.27 18:43:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.12.27 18:43:53 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.12.27 18:40:54 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.12.27 18:40:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.12.27 18:40:54 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.12.27 18:40:54 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.12.27 18:40:54 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.10.07 14:46:00 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.05.10 13:59:18 | 000,000,872 | ---- | C] () -- C:\Documents and Settings\x\.recently-used.xbel
[2012.02.16 19:58:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.17 16:01:17 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.01.09 15:13:18 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\fstextv66.dll
[2011.01.09 15:13:17 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2011.01.09 15:13:17 | 000,145,920 | ---- | C] () -- C:\WINDOWS\System32\wav2.dll
[2011.01.09 15:13:17 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2010.12.25 12:59:16 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\x\Data aplikací\$_hpcst$.hpc
[2009.12.20 10:45:34 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\x\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.12.30 17:34:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 11:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 11:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.11.11 13:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.01.03 20:04:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.01.03 20:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.12.25 13:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.11.11 13:33:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\883FE
[2012.12.27 19:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\AIMP
[2009.12.17 15:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\GHISLER
[2011.03.11 17:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\gtk-2.0
[2009.12.20 10:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\Opera
[2010.12.25 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\PC Suite
[2012.12.01 14:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\PhotoFiltre Studio X
[2010.12.25 12:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\Samsung
[2010.09.05 18:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\x\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
========== Drive Information ==========
Re: Combofix
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: SCSI
Media Type: Fixed\thard disk media
Model: SATA WDC WD25 SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 59,00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 174,00GB
Starting Offset: 62915166720
Hidden sectors: 0
========== Base Services ==========
SRV - [2008.04.14 11:52:10 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008.04.14 11:52:10 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008.04.14 11:51:56 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012.07.06 14:58:55 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008.04.14 11:51:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009.04.20 18:19:42 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008.04.14 11:51:42 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009.07.28 00:19:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008.04.14 11:52:06 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008.04.14 11:52:28 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008.04.14 11:51:40 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008.04.14 11:52:20 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008.04.14 11:52:20 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008.04.14 11:51:52 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008.06.20 17:04:19 | 000,247,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008.04.14 11:51:56 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008.04.14 11:51:56 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009.02.09 11:56:06 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008.04.14 11:51:52 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008.04.14 11:51:56 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008.04.14 11:52:08 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010.08.27 06:54:10 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2009.07.28 00:19:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008.04.14 11:52:04 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008.04.14 11:51:56 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008.04.14 11:51:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008.04.14 11:52:04 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008.04.14 11:52:04 | 000,295,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009.07.28 00:19:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008.04.14 11:52:52 | 000,290,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008.04.14 11:51:38 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008.04.14 11:51:46 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008.04.14 11:52:06 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008.04.14 11:52:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008.04.14 11:52:06 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009.02.09 11:56:05 | 000,684,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008.04.14 11:51:40 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008.04.27 13:22:26 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009.06.10 07:16:20 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< >
[2009.12.17 13:53:54 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.17 13:58:58 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.01.10 12:15:40 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012.11.11 13:11:52 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.11.11 13:12:01 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.11 13:12:01 | 000,000,930 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< MD5 for: ACPI.SYS >
[2008.04.14 10:35:42 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
< MD5 for: AFD.SYS >
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\dllcache\afd.sys
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys
[2008.04.14 03:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2011.02.16 14:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=355556D9E580915118CD7EF736653A89 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2008.10.16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008.08.14 11:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008.10.16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2011.02.16 14:25:05 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=8D499B1276012EB907E7A9E0F4D8FDA4 -- C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys
[2008.06.20 12:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys
< MD5 for: ATAPI.SYS >
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 11:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 11:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 11:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 03:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CMD.EXE >
[2008.04.14 11:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\cmd.exe
[2008.04.14 11:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\dllcache\cmd.exe
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.04.14 11:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 11:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EVENTLOG.DLL >
[2008.04.14 11:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 11:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 11:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 11:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: FASTFAT.SYS >
[2008.04.14 03:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\dllcache\fastfat.sys
[2008.04.14 03:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
< MD5 for: HAL.DLL >
[2008.04.14 03:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: I8042PRT.SYS >
[2008.04.14 10:51:16 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: KBDCLASS.SYS >
[2008.04.14 10:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
< MD5 for: LSASS.EXE >
[2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 03:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 03:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 11:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 11:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NTFS.SYS >
[2008.04.14 03:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 03:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
< MD5 for: NTKRNLPA.EXE >
[2012.08.23 07:27:29 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=0CE36EEAE97C51DDEFF08BF17570657D -- C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
[2012.08.23 07:27:29 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=0CE36EEAE97C51DDEFF08BF17570657D -- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
[2009.12.09 11:11:07 | 002,068,224 | ---- | M] (Microsoft Corporation) MD5=166530C022AB3A0F9EADB20633AE034E -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntkrnlpa.exe
[2010.04.28 22:19:54 | 002,069,120 | ---- | M] (Microsoft Corporation) MD5=2FA1EF498F026847CF276DF9099ABE79 -- C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[2012.05.05 04:14:53 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=386BB9FAB1A27003E8EB0B3DB8621C20 -- C:\WINDOWS\$NtUninstallKB2724197$\ntkrnlpa.exe
[2010.12.09 16:14:06 | 002,029,056 | ---- | M] (Microsoft Corporation) MD5=3BDF4E6E7BAA918AAA1670B7EBA505A3 -- C:\WINDOWS\$NtUninstallKB2633171$\ntkrnlpa.exe
[2010.12.09 20:44:36 | 002,071,552 | ---- | M] (Microsoft Corporation) MD5=40D176442F70573DBA0E05A7E40D3EBB -- C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[2012.04.11 14:55:27 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=5675FA3AF40B0386F53634222CC7E772 -- C:\WINDOWS\$NtUninstallKB2707511$\ntkrnlpa.exe
[2009.12.09 15:33:56 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=58516936F00D10D4B615C458A8A4AB71 -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[2009.12.09 15:33:56 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=58516936F00D10D4B615C458A8A4AB71 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntkrnlpa.exe
[2011.10.26 11:49:16 | 002,071,552 | ---- | M] (Microsoft Corporation) MD5=64201EB5A7ECB3E7203ECCDB60FBE44E -- C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[2009.02.09 12:26:09 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=6DD6966FA0FF770A3E5545875557C7F1 -- C:\WINDOWS\$NtUninstallKB971486$\ntkrnlpa.exe
[2009.12.09 11:28:29 | 002,059,904 | ---- | M] (Microsoft Corporation) MD5=76D45A9AFAD9FFE3070814DE95648EC7 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntkrnlpa.exe
[2009.08.04 22:53:46 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=97815C93200676C727CE951AE5C78137 -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[2008.04.27 13:22:26 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=9F12E026DC0B0C43F521114EFB3A3ACC -- C:\WINDOWS\$NtUninstallKB956572$\ntkrnlpa.exe
[2012.04.11 14:51:42 | 002,071,296 | ---- | M] (Microsoft Corporation) MD5=A016212FC91A7E9BA251D3C8BCFB4791 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[2012.08.23 07:27:26 | 002,029,568 | ---- | M] (Microsoft Corporation) MD5=A605B6C61B0B71DD1DD58D19E9A96354 -- C:\WINDOWS\system32\ntkrnlpa.exe
[2012.08.23 07:26:12 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=A818179E96B92BAA91203CE32D89136A -- C:\WINDOWS\$hf_mig$\KB2724197\SP3QFE\ntkrnlpa.exe
[2009.12.09 11:11:00 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=B2CEA3C57AA8230C7BCC0B2AF35EC55A -- C:\WINDOWS\$NtUninstallKB979683$\ntkrnlpa.exe
[2009.08.04 18:29:33 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=C50A3A3C9724135FFBD9CB31355F9341 -- C:\WINDOWS\$NtUninstallKB977165$\ntkrnlpa.exe
[2011.10.26 11:49:59 | 002,029,056 | ---- | M] (Microsoft Corporation) MD5=D0CE1AD877BDF9E6D646F789F0C711B4 -- C:\WINDOWS\$NtUninstallKB2676562$\ntkrnlpa.exe
[2010.02.16 20:08:57 | 002,026,496 | ---- | M] (Microsoft Corporation) MD5=D46E1BB887F3340430D10DA536FE79E1 -- C:\WINDOWS\$NtUninstallKB981852$\ntkrnlpa.exe
[2012.05.05 04:14:11 | 002,071,296 | ---- | M] (Microsoft Corporation) MD5=D4E4759A115661C872FE2A3568C993F7 -- C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[2009.12.09 11:21:40 | 002,065,280 | ---- | M] (Microsoft Corporation) MD5=D9FB61F23249B39EE9922A2CC3001DD0 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntkrnlpa.exe
[2010.02.16 20:02:20 | 002,069,120 | ---- | M] (Microsoft Corporation) MD5=DCC3D91A3DEDBBA9ECFFA6028D872CF5 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[2010.04.28 06:45:30 | 002,026,496 | ---- | M] (Microsoft Corporation) MD5=F7648719DB795F098BA7F2AE67150182 -- C:\WINDOWS\$NtUninstallKB2393802$\ntkrnlpa.exe
[2009.02.09 12:19:06 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=FF8A3F180A224AA27EBAB937CA027F4D -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
< MD5 for: NTOSKRNL.EXE >
[2009.12.09 11:11:01 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=07A58A2A4460A4B7A58E0920F4CFA729 -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2008.04.14 11:06:18 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=27C7A7AED8A477F6A0C7D3AD00AB9419 -- C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe
[2009.08.04 18:23:42 | 002,191,488 | ---- | M] (Microsoft Corporation) MD5=3502DBBC657001D7A2A2768BD7DE1483 -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[2009.08.04 18:29:36 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=3742270B8C90A97A0BDD25DED1201AA9 -- C:\WINDOWS\$NtUninstallKB977165$\ntoskrnl.exe
[2009.12.09 11:11:07 | 002,191,360 | ---- | M] (Microsoft Corporation) MD5=3B0DC252A20C8A938ED21073EE736AEA -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntoskrnl.exe
[2010.04.28 06:45:31 | 002,148,352 | ---- | M] (Microsoft Corporation) MD5=431278D0EF7518BA499720122F4ED86F -- C:\WINDOWS\$NtUninstallKB2393802$\ntoskrnl.exe
[2011.10.26 11:49:59 | 002,150,912 | ---- | M] (Microsoft Corporation) MD5=6045926521ECB7FCD965D3589554BAAA -- C:\WINDOWS\$NtUninstallKB2676562$\ntoskrnl.exe
[2009.02.09 12:26:03 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=6499BF91CF62B4319D6ED7E99D0B6998 -- C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe
[2012.08.23 07:27:26 | 002,150,912 | ---- | M] (Microsoft Corporation) MD5=66F64DE69510413F2495CBF902B488CC -- C:\WINDOWS\system32\ntoskrnl.exe
[2012.05.05 04:14:53 | 002,150,400 | ---- | M] (Microsoft Corporation) MD5=6A2243CD42347B64241EA72ED6B673D7 -- C:\WINDOWS\$NtUninstallKB2724197$\ntoskrnl.exe
[2012.08.23 07:26:12 | 002,195,200 | ---- | M] (Microsoft Corporation) MD5=6AEE8673A323577F0553ECFE363510DD -- C:\WINDOWS\$hf_mig$\KB2724197\SP3QFE\ntoskrnl.exe
[2010.02.16 20:02:19 | 002,192,256 | ---- | M] (Microsoft Corporation) MD5=6B2312D847BA95F4E858CB4C3B5F51E1 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2012.08.23 07:27:29 | 002,195,072 | ---- | M] (Microsoft Corporation) MD5=7605C57E06E90011C80D74C246BD21AB -- C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
[2012.08.23 07:27:29 | 002,195,072 | ---- | M] (Microsoft Corporation) MD5=7605C57E06E90011C80D74C246BD21AB -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2009.12.09 15:33:50 | 002,191,488 | ---- | M] (Microsoft Corporation) MD5=7782F11AE957B736585870CD2671227B -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[2009.12.09 15:33:50 | 002,191,488 | ---- | M] (Microsoft Corporation) MD5=7782F11AE957B736585870CD2671227B -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntoskrnl.exe
[2009.12.09 11:28:28 | 002,182,528 | ---- | M] (Microsoft Corporation) MD5=7D9B31E0903E2809DA5FC10A94813091 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntoskrnl.exe
[2012.04.11 14:51:40 | 002,194,816 | ---- | M] (Microsoft Corporation) MD5=818751F31F07EA8723E17B017113BED8 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[2012.04.11 14:55:05 | 002,150,400 | ---- | M] (Microsoft Corporation) MD5=86DCBF812237533DC4D60FBA1ACD64F9 -- C:\WINDOWS\$NtUninstallKB2707511$\ntoskrnl.exe
[2010.12.09 16:14:39 | 002,194,944 | ---- | M] (Microsoft Corporation) MD5=8D222D8EF9B1951296F822583A044542 -- C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[2010.04.28 06:19:52 | 002,192,256 | ---- | M] (Microsoft Corporation) MD5=91FE668957FF51A2DBCEE0D8637BA77E -- C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[2009.02.10 19:18:42 | 002,191,360 | ---- | M] (Microsoft Corporation) MD5=97480EBFE1D4B547657BAD75AAAB1325 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2012.05.05 04:14:11 | 002,194,816 | ---- | M] (Microsoft Corporation) MD5=97BCF747F603E2E3021BBDD46C35A662 -- C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
[2009.12.09 11:21:36 | 002,188,160 | ---- | M] (Microsoft Corporation) MD5=B214F89473F73C0733D9C402F36E2125 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntoskrnl.exe
[2011.10.26 11:49:15 | 002,194,944 | ---- | M] (Microsoft Corporation) MD5=BCA329B5A39AB25CC2DCCB3549EE30BF -- C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[2010.02.16 20:08:57 | 002,148,352 | ---- | M] (Microsoft Corporation) MD5=CD79AD67BF88021BB60B2602D1947FB3 -- C:\WINDOWS\$NtUninstallKB981852$\ntoskrnl.exe
[2010.12.09 16:14:05 | 002,150,912 | ---- | M] (Microsoft Corporation) MD5=EB4B6B42932C180632A2C2C43F23B84C -- C:\WINDOWS\$NtUninstallKB2633171$\ntoskrnl.exe
< MD5 for: REGEDIT.EXE >
[2008.04.14 11:52:44 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\regedit.exe
[2008.04.14 11:52:44 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\system32\dllcache\regedit.exe
< MD5 for: SCECLI.DLL >
[2008.04.14 11:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 11:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 11:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 11:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 11:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 11:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 11:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 11:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 03:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USER32.DLL >
[2008.04.14 11:52:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\system32\dllcache\user32.dll
[2008.04.14 11:52:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 11:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 11:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: SCSI
Media Type: Fixed\thard disk media
Model: SATA WDC WD25 SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 59,00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 174,00GB
Starting Offset: 62915166720
Hidden sectors: 0
========== Base Services ==========
SRV - [2008.04.14 11:52:10 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008.04.14 11:52:10 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008.04.14 11:51:56 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012.07.06 14:58:55 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008.04.14 11:51:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009.04.20 18:19:42 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008.04.14 11:51:42 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009.07.28 00:19:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008.04.14 11:52:06 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008.04.14 11:52:28 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008.04.14 11:51:40 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008.04.14 11:52:20 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008.04.14 11:52:20 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008.04.14 11:51:52 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008.06.20 17:04:19 | 000,247,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008.04.14 11:51:56 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008.04.14 11:51:56 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009.02.09 11:56:06 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008.04.14 11:51:52 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008.04.14 11:51:56 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008.04.14 11:52:08 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010.08.27 06:54:10 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2009.07.28 00:19:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008.04.14 11:52:04 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008.04.14 11:51:56 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008.04.14 11:51:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008.04.14 11:52:04 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008.04.14 11:52:04 | 000,295,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009.07.28 00:19:06 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008.04.14 11:52:52 | 000,290,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008.04.14 11:51:38 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008.04.14 11:51:46 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008.04.14 11:52:06 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008.04.14 11:52:36 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008.04.14 11:52:06 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009.02.09 11:56:05 | 000,684,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008.04.14 11:51:40 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008.04.27 13:22:26 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009.06.10 07:16:20 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< >
[2009.12.17 13:53:54 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.17 13:58:58 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.01.10 12:15:40 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2012.11.11 13:11:52 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.11.11 13:12:01 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.11 13:12:01 | 000,000,930 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< MD5 for: ACPI.SYS >
[2008.04.14 10:35:42 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
< MD5 for: AFD.SYS >
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\dllcache\afd.sys
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys
[2008.04.14 03:49:24 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2011.02.16 14:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=355556D9E580915118CD7EF736653A89 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2008.10.16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008.08.14 11:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008.10.16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[2008.08.14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2011.02.16 14:25:05 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=8D499B1276012EB907E7A9E0F4D8FDA4 -- C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys
[2008.06.20 12:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008.06.20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2011.08.17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys
< MD5 for: ATAPI.SYS >
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 11:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 11:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 11:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 03:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CMD.EXE >
[2008.04.14 11:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\cmd.exe
[2008.04.14 11:52:16 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\system32\dllcache\cmd.exe
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2008.04.14 11:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 11:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EVENTLOG.DLL >
[2008.04.14 11:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 11:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 11:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 11:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: FASTFAT.SYS >
[2008.04.14 03:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\dllcache\fastfat.sys
[2008.04.14 03:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
< MD5 for: HAL.DLL >
[2008.04.14 03:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: I8042PRT.SYS >
[2008.04.14 10:51:16 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: KBDCLASS.SYS >
[2008.04.14 10:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
< MD5 for: LSASS.EXE >
[2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 11:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 03:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 03:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 11:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 11:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NTFS.SYS >
[2008.04.14 03:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 03:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
< MD5 for: NTKRNLPA.EXE >
[2012.08.23 07:27:29 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=0CE36EEAE97C51DDEFF08BF17570657D -- C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
[2012.08.23 07:27:29 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=0CE36EEAE97C51DDEFF08BF17570657D -- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
[2009.12.09 11:11:07 | 002,068,224 | ---- | M] (Microsoft Corporation) MD5=166530C022AB3A0F9EADB20633AE034E -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntkrnlpa.exe
[2010.04.28 22:19:54 | 002,069,120 | ---- | M] (Microsoft Corporation) MD5=2FA1EF498F026847CF276DF9099ABE79 -- C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[2012.05.05 04:14:53 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=386BB9FAB1A27003E8EB0B3DB8621C20 -- C:\WINDOWS\$NtUninstallKB2724197$\ntkrnlpa.exe
[2010.12.09 16:14:06 | 002,029,056 | ---- | M] (Microsoft Corporation) MD5=3BDF4E6E7BAA918AAA1670B7EBA505A3 -- C:\WINDOWS\$NtUninstallKB2633171$\ntkrnlpa.exe
[2010.12.09 20:44:36 | 002,071,552 | ---- | M] (Microsoft Corporation) MD5=40D176442F70573DBA0E05A7E40D3EBB -- C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[2012.04.11 14:55:27 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=5675FA3AF40B0386F53634222CC7E772 -- C:\WINDOWS\$NtUninstallKB2707511$\ntkrnlpa.exe
[2009.12.09 15:33:56 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=58516936F00D10D4B615C458A8A4AB71 -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[2009.12.09 15:33:56 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=58516936F00D10D4B615C458A8A4AB71 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntkrnlpa.exe
[2011.10.26 11:49:16 | 002,071,552 | ---- | M] (Microsoft Corporation) MD5=64201EB5A7ECB3E7203ECCDB60FBE44E -- C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[2009.02.09 12:26:09 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=6DD6966FA0FF770A3E5545875557C7F1 -- C:\WINDOWS\$NtUninstallKB971486$\ntkrnlpa.exe
[2009.12.09 11:28:29 | 002,059,904 | ---- | M] (Microsoft Corporation) MD5=76D45A9AFAD9FFE3070814DE95648EC7 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntkrnlpa.exe
[2009.08.04 22:53:46 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=97815C93200676C727CE951AE5C78137 -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[2008.04.27 13:22:26 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=9F12E026DC0B0C43F521114EFB3A3ACC -- C:\WINDOWS\$NtUninstallKB956572$\ntkrnlpa.exe
[2012.04.11 14:51:42 | 002,071,296 | ---- | M] (Microsoft Corporation) MD5=A016212FC91A7E9BA251D3C8BCFB4791 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[2012.08.23 07:27:26 | 002,029,568 | ---- | M] (Microsoft Corporation) MD5=A605B6C61B0B71DD1DD58D19E9A96354 -- C:\WINDOWS\system32\ntkrnlpa.exe
[2012.08.23 07:26:12 | 002,071,808 | ---- | M] (Microsoft Corporation) MD5=A818179E96B92BAA91203CE32D89136A -- C:\WINDOWS\$hf_mig$\KB2724197\SP3QFE\ntkrnlpa.exe
[2009.12.09 11:11:00 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=B2CEA3C57AA8230C7BCC0B2AF35EC55A -- C:\WINDOWS\$NtUninstallKB979683$\ntkrnlpa.exe
[2009.08.04 18:29:33 | 002,025,984 | ---- | M] (Microsoft Corporation) MD5=C50A3A3C9724135FFBD9CB31355F9341 -- C:\WINDOWS\$NtUninstallKB977165$\ntkrnlpa.exe
[2011.10.26 11:49:59 | 002,029,056 | ---- | M] (Microsoft Corporation) MD5=D0CE1AD877BDF9E6D646F789F0C711B4 -- C:\WINDOWS\$NtUninstallKB2676562$\ntkrnlpa.exe
[2010.02.16 20:08:57 | 002,026,496 | ---- | M] (Microsoft Corporation) MD5=D46E1BB887F3340430D10DA536FE79E1 -- C:\WINDOWS\$NtUninstallKB981852$\ntkrnlpa.exe
[2012.05.05 04:14:11 | 002,071,296 | ---- | M] (Microsoft Corporation) MD5=D4E4759A115661C872FE2A3568C993F7 -- C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[2009.12.09 11:21:40 | 002,065,280 | ---- | M] (Microsoft Corporation) MD5=D9FB61F23249B39EE9922A2CC3001DD0 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntkrnlpa.exe
[2010.02.16 20:02:20 | 002,069,120 | ---- | M] (Microsoft Corporation) MD5=DCC3D91A3DEDBBA9ECFFA6028D872CF5 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[2010.04.28 06:45:30 | 002,026,496 | ---- | M] (Microsoft Corporation) MD5=F7648719DB795F098BA7F2AE67150182 -- C:\WINDOWS\$NtUninstallKB2393802$\ntkrnlpa.exe
[2009.02.09 12:19:06 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=FF8A3F180A224AA27EBAB937CA027F4D -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
< MD5 for: NTOSKRNL.EXE >
[2009.12.09 11:11:01 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=07A58A2A4460A4B7A58E0920F4CFA729 -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2008.04.14 11:06:18 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=27C7A7AED8A477F6A0C7D3AD00AB9419 -- C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe
[2009.08.04 18:23:42 | 002,191,488 | ---- | M] (Microsoft Corporation) MD5=3502DBBC657001D7A2A2768BD7DE1483 -- C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[2009.08.04 18:29:36 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=3742270B8C90A97A0BDD25DED1201AA9 -- C:\WINDOWS\$NtUninstallKB977165$\ntoskrnl.exe
[2009.12.09 11:11:07 | 002,191,360 | ---- | M] (Microsoft Corporation) MD5=3B0DC252A20C8A938ED21073EE736AEA -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntoskrnl.exe
[2010.04.28 06:45:31 | 002,148,352 | ---- | M] (Microsoft Corporation) MD5=431278D0EF7518BA499720122F4ED86F -- C:\WINDOWS\$NtUninstallKB2393802$\ntoskrnl.exe
[2011.10.26 11:49:59 | 002,150,912 | ---- | M] (Microsoft Corporation) MD5=6045926521ECB7FCD965D3589554BAAA -- C:\WINDOWS\$NtUninstallKB2676562$\ntoskrnl.exe
[2009.02.09 12:26:03 | 002,147,328 | ---- | M] (Microsoft Corporation) MD5=6499BF91CF62B4319D6ED7E99D0B6998 -- C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe
[2012.08.23 07:27:26 | 002,150,912 | ---- | M] (Microsoft Corporation) MD5=66F64DE69510413F2495CBF902B488CC -- C:\WINDOWS\system32\ntoskrnl.exe
[2012.05.05 04:14:53 | 002,150,400 | ---- | M] (Microsoft Corporation) MD5=6A2243CD42347B64241EA72ED6B673D7 -- C:\WINDOWS\$NtUninstallKB2724197$\ntoskrnl.exe
[2012.08.23 07:26:12 | 002,195,200 | ---- | M] (Microsoft Corporation) MD5=6AEE8673A323577F0553ECFE363510DD -- C:\WINDOWS\$hf_mig$\KB2724197\SP3QFE\ntoskrnl.exe
[2010.02.16 20:02:19 | 002,192,256 | ---- | M] (Microsoft Corporation) MD5=6B2312D847BA95F4E858CB4C3B5F51E1 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2012.08.23 07:27:29 | 002,195,072 | ---- | M] (Microsoft Corporation) MD5=7605C57E06E90011C80D74C246BD21AB -- C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
[2012.08.23 07:27:29 | 002,195,072 | ---- | M] (Microsoft Corporation) MD5=7605C57E06E90011C80D74C246BD21AB -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2009.12.09 15:33:50 | 002,191,488 | ---- | M] (Microsoft Corporation) MD5=7782F11AE957B736585870CD2671227B -- C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[2009.12.09 15:33:50 | 002,191,488 | ---- | M] (Microsoft Corporation) MD5=7782F11AE957B736585870CD2671227B -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntoskrnl.exe
[2009.12.09 11:28:28 | 002,182,528 | ---- | M] (Microsoft Corporation) MD5=7D9B31E0903E2809DA5FC10A94813091 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntoskrnl.exe
[2012.04.11 14:51:40 | 002,194,816 | ---- | M] (Microsoft Corporation) MD5=818751F31F07EA8723E17B017113BED8 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[2012.04.11 14:55:05 | 002,150,400 | ---- | M] (Microsoft Corporation) MD5=86DCBF812237533DC4D60FBA1ACD64F9 -- C:\WINDOWS\$NtUninstallKB2707511$\ntoskrnl.exe
[2010.12.09 16:14:39 | 002,194,944 | ---- | M] (Microsoft Corporation) MD5=8D222D8EF9B1951296F822583A044542 -- C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[2010.04.28 06:19:52 | 002,192,256 | ---- | M] (Microsoft Corporation) MD5=91FE668957FF51A2DBCEE0D8637BA77E -- C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[2009.02.10 19:18:42 | 002,191,360 | ---- | M] (Microsoft Corporation) MD5=97480EBFE1D4B547657BAD75AAAB1325 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2012.05.05 04:14:11 | 002,194,816 | ---- | M] (Microsoft Corporation) MD5=97BCF747F603E2E3021BBDD46C35A662 -- C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
[2009.12.09 11:21:36 | 002,188,160 | ---- | M] (Microsoft Corporation) MD5=B214F89473F73C0733D9C402F36E2125 -- C:\WINDOWS\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntoskrnl.exe
[2011.10.26 11:49:15 | 002,194,944 | ---- | M] (Microsoft Corporation) MD5=BCA329B5A39AB25CC2DCCB3549EE30BF -- C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[2010.02.16 20:08:57 | 002,148,352 | ---- | M] (Microsoft Corporation) MD5=CD79AD67BF88021BB60B2602D1947FB3 -- C:\WINDOWS\$NtUninstallKB981852$\ntoskrnl.exe
[2010.12.09 16:14:05 | 002,150,912 | ---- | M] (Microsoft Corporation) MD5=EB4B6B42932C180632A2C2C43F23B84C -- C:\WINDOWS\$NtUninstallKB2633171$\ntoskrnl.exe
< MD5 for: REGEDIT.EXE >
[2008.04.14 11:52:44 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\regedit.exe
[2008.04.14 11:52:44 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\system32\dllcache\regedit.exe
< MD5 for: SCECLI.DLL >
[2008.04.14 11:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 11:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 11:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 11:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 11:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 11:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 11:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 11:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 03:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USER32.DLL >
[2008.04.14 11:52:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\system32\dllcache\user32.dll
[2008.04.14 11:52:06 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 11:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 11:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
Re: Combofix
< MD5 for: WIN32K.SYS >
[2012.10.22 21:00:04 | 001,875,328 | ---- | M] (Microsoft Corporation) MD5=0158DF977449C86E8E739F514F2C38F9 -- C:\WINDOWS\$hf_mig$\KB2761226\SP3QFE\win32k.sys
[2012.04.11 14:51:55 | 001,871,360 | ---- | M] (Microsoft Corporation) MD5=0681A76F05AB800360DBBAB8CD2F8444 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\win32k.sys
[2012.10.22 20:57:05 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=076093FEA63C2E5EC25497396E032229 -- C:\WINDOWS\$NtUninstallKB2779030$\win32k.sys
[2012.06.13 14:55:23 | 001,866,112 | ---- | M] (Microsoft Corporation) MD5=11237A4A686ADB61C2E9EDDE424CCAFE -- C:\WINDOWS\$NtUninstallKB2731847$\win32k.sys
[2008.04.14 10:45:36 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys
[2010.06.24 22:30:08 | 001,861,120 | ---- | M] (Microsoft Corporation) MD5=1D6A389B0152D2164343731F4151079F -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys
[2010.09.01 08:57:41 | 001,852,800 | ---- | M] (Microsoft Corporation) MD5=21171C673C110D875FE031908409FE23 -- C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys
[2010.06.24 10:02:48 | 001,851,904 | ---- | M] (Microsoft Corporation) MD5=21A48AA96D99AEF0193526F5E762E21B -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys
[2012.01.12 18:21:01 | 001,869,056 | ---- | M] (Microsoft Corporation) MD5=2646EFD71DD05D764618E665907DE4FA -- C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys
[2012.05.15 14:55:54 | 001,863,168 | ---- | M] (Microsoft Corporation) MD5=2F9B10E96564E19389E7B9F6E0474A1A -- C:\WINDOWS\$NtUninstallKB2718523$\win32k.sys
[2012.11.13 12:55:10 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=32FD45D6C42F15B888BA9E4840B26BE6 -- C:\WINDOWS\system32\dllcache\win32k.sys
[2012.11.13 12:55:10 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=32FD45D6C42F15B888BA9E4840B26BE6 -- C:\WINDOWS\system32\win32k.sys
[2011.06.06 12:36:17 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=44E7131AA0EB70AACADBA6034B443D0B -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
[2010.10.26 15:04:46 | 001,862,272 | ---- | M] (Microsoft Corporation) MD5=470811C7406C06BAD6CCEA5445D879C9 -- C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys
[2011.11.23 15:39:28 | 001,868,544 | ---- | M] (Microsoft Corporation) MD5=4D18A0DFAAAE8EC5348809A90EF33AF0 -- C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys
[2010.10.26 14:58:35 | 001,853,312 | ---- | M] (Microsoft Corporation) MD5=4FF440A38D242AA40D40F990C566DF32 -- C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys
[2011.06.06 12:35:21 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=5477E9351066CA7F70A92461A35F5310 -- C:\WINDOWS\$NtUninstallKB2567053$\win32k.sys
[2010.09.01 08:57:07 | 001,861,888 | ---- | M] (Microsoft Corporation) MD5=5577EC6934D639CB20EA0C90A8AF4923 -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys
[2011.03.03 14:52:12 | 001,866,880 | ---- | M] (Microsoft Corporation) MD5=570FB1C8ABCF6375169E94C23537019C -- C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys
[2009.08.14 16:15:39 | 001,850,624 | ---- | M] (Microsoft Corporation) MD5=670C868CDBDF46269EB7CC39B05A7513 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2012.02.03 10:56:21 | 001,869,184 | ---- | M] (Microsoft Corporation) MD5=6FBCF0BC474B8212A82528AD531A1874 -- C:\WINDOWS\$hf_mig$\KB2641653\SP3QFE\win32k.sys
[2012.07.03 19:21:38 | 001,875,072 | ---- | M] (Microsoft Corporation) MD5=7501476F30C38BF0320E17CE3E5AC159 -- C:\WINDOWS\$hf_mig$\KB2731847\SP3QFE\win32k.sys
[2012.11.13 12:56:25 | 001,875,456 | ---- | M] (Microsoft Corporation) MD5=755B5172821684A6FE41461599783A5B -- C:\WINDOWS\$hf_mig$\KB2779030\SP3QFE\win32k.sys
[2010.05.02 09:03:50 | 001,860,352 | ---- | M] (Microsoft Corporation) MD5=8402F80D7FCA8CD3A4BCF027773CAD34 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2009.08.14 17:00:31 | 001,859,712 | ---- | M] (Microsoft Corporation) MD5=862CAA1CB5EF221C09918FF185DF14D7 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys
[2012.07.03 19:22:37 | 001,866,112 | ---- | M] (Microsoft Corporation) MD5=89B9C5051E815C943C3A9EBB2619DF6A -- C:\WINDOWS\$NtUninstallKB2761226$\win32k.sys
[2010.05.02 09:09:42 | 001,851,264 | ---- | M] (Microsoft Corporation) MD5=8DFA2A74176D58E671C7FD9F8966DE99 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys
[2011.03.03 14:53:33 | 001,857,920 | ---- | M] (Microsoft Corporation) MD5=958A81E06C4E3510AEA1F6BCD258EF4C -- C:\WINDOWS\$NtUninstallKB2555917$\win32k.sys
[2011.11.23 15:40:43 | 001,859,584 | ---- | M] (Microsoft Corporation) MD5=95C3BB468E471AF92D7C59BC340C3897 -- C:\WINDOWS\$NtUninstallKB2660465$\win32k.sys
[2012.06.13 14:55:45 | 001,875,072 | ---- | M] (Microsoft Corporation) MD5=A0F7B608DB991AB7BA54FEACE2B700EA -- C:\WINDOWS\$hf_mig$\KB2718523\SP3QFE\win32k.sys
[2010.12.31 15:04:07 | 001,854,976 | ---- | M] (Microsoft Corporation) MD5=AE4BFDE8B2841CE7F6AFAB0F43435445 -- C:\WINDOWS\$NtUninstallKB2506223$\win32k.sys
[2011.09.06 15:08:32 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=B14465CDD6AFA31154396B54254F2BA8 -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2012.02.03 10:57:39 | 001,860,096 | ---- | M] (Microsoft Corporation) MD5=BFBAFDA347493E17EF7C496A5BDC3224 -- C:\WINDOWS\$NtUninstallKB2676562$\win32k.sys
[2010.12.31 15:02:56 | 001,864,064 | ---- | M] (Microsoft Corporation) MD5=D8525ABDAFFB6F08CDEF1D87B509B17B -- C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys
[2012.04.11 14:55:17 | 001,862,272 | ---- | M] (Microsoft Corporation) MD5=DF47E6DE09590695502B96797845259C -- C:\WINDOWS\$NtUninstallKB2709162$\win32k.sys
[2012.01.12 18:20:32 | 001,859,968 | ---- | M] (Microsoft Corporation) MD5=E4FFDA12B733F7BA631303E4190CB944 -- C:\WINDOWS\$NtUninstallKB2641653$\win32k.sys
[2011.09.06 15:10:02 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=EC7DE8AE321E0B01C23770A2AD4AA66F -- C:\WINDOWS\$NtUninstallKB2639417$\win32k.sys
[2012.05.15 14:55:10 | 001,872,128 | ---- | M] (Microsoft Corporation) MD5=F8A061DD411AFC4AC7C5E222079CEFB4 -- C:\WINDOWS\$hf_mig$\KB2709162\SP3QFE\win32k.sys
< MD5 for: WINLOGON.EXE >
[2008.04.14 11:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 11:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINSRV.DLL >
[2011.04.26 12:02:48 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=169D34A85EC9E415C4C3A03AA62A34B6 -- C:\WINDOWS\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
[2011.04.26 12:07:50 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=43B8BD54F87BFFFE5C560B2965E13C26 -- C:\WINDOWS\$NtUninstallKB2567680$\winsrv.dll
[2011.06.20 18:44:52 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4F1340B27E7590D3E42541769ABD5872 -- C:\WINDOWS\$NtUninstallKB2646524$\winsrv.dll
[2011.11.25 22:56:35 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4FC123A5B7D8F5A9511CFF7B98F9596B -- C:\WINDOWS\$hf_mig$\KB2646524\SP3QFE\winsrv.dll
[2010.06.18 18:46:19 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=681CB546E0EF9C44FDE21EE0D4307DF0 -- C:\WINDOWS\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
[2008.04.14 11:52:06 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\$NtUninstallKB2121546$\winsrv.dll
[2010.06.18 18:47:41 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=D7F6130150643691D61E957A2CD48D1B -- C:\WINDOWS\$NtUninstallKB2507938$\winsrv.dll
[2011.06.20 18:43:23 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=EF9951D90C530C39DEAB56C16160D837 -- C:\WINDOWS\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
[2011.11.25 22:57:27 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=F3FA14A297BC687D0B51289D034033C9 -- C:\WINDOWS\system32\dllcache\winsrv.dll
[2011.11.25 22:57:27 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=F3FA14A297BC687D0B51289D034033C9 -- C:\WINDOWS\system32\winsrv.dll
< MD5 for: WS2_32.DLL >
[2008.04.14 11:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 11:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< MD5 for: WSCRIPT.EXE >
[2008.04.14 11:52:56 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=279C5962E62940A62C7DC4EEA707CD5D -- C:\WINDOWS\$NtUninstallKB951978$\wscript.exe
[2008.05.08 12:24:44 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe
[2008.05.08 12:24:44 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\system32\dllcache\wscript.exe
[2008.05.08 12:24:44 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\system32\wscript.exe
< >
< %systemroot%\system32\logevent.dll /md5 >
< %systemroot%\system32\sceclt.dll /md5 >
< %systemroot%\system32\ntelogon.dll /md5 >
< %systemroot%\system32\consrv.dll /md5 >
< >
< %systemroot%\system32\logevent.dll /md5 /64 >
< %systemroot%\system32\sceclt.dll /md5 /64 >
< %systemroot%\system32\ntelogon.dll /md5 /64 >
< %systemroot%\system32\consrv.dll /md5 /64 >
< >
< %systemroot%\system32\drivers\*.sys /md5 >
[2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) MD5=149A8F7ADF9742554DC323E290551E3E -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2008.04.14 10:35:42 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
[2001.10.25 19:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=AFDFF022A01F0B11C776F0860C3B282F -- C:\WINDOWS\system32\drivers\acpiec.sys
[2008.04.13 21:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys
[2008.04.27 13:22:26 | 000,041,216 | ---- | M] (Microsoft Corporation) MD5=AA2D3A86F7B551AA227B17EFAEAB7D22 -- C:\WINDOWS\system32\drivers\amdk6.sys
[2008.04.27 13:22:26 | 000,041,600 | ---- | M] (Microsoft Corporation) MD5=3980814F8027D27EA003E2E3D9D4F604 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2008.04.27 13:22:26 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=B5B8A80875C1DEDEDA8B02765642C32F -- C:\WINDOWS\system32\drivers\arp1394.sys
[2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) MD5=DE6ED95AEF259979B2830450072A627B -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2012.10.30 23:51:57 | 000,089,752 | ---- | M] (AVAST Software) MD5=B8236CDC3E9862F037B1F83E352BDF94 -- C:\WINDOWS\system32\drivers\aswmon.sys
[2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) MD5=84F0BE324EE111338589F448C3E8BAB2 -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) MD5=7C9F0A2AB17D52261A9252A2EB320884 -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) MD5=B32E9AD44A1DBB3E8095E80F8DF32B03 -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) MD5=67B558895695545FB0568B7541F3BCA7 -- C:\WINDOWS\system32\drivers\aswSP.sys
[2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) MD5=E3E73B2B73A4DFADFDDF557192C4B08A -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2008.04.14 03:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=B153AFFAC761E7F5FCFA822B9C4E97BC -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 03:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=9916C1225104BA14794209CFA8012159 -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2001.10.25 19:00:00 | 000,031,360 | ---- | M] (Microsoft Corporation) MD5=39A0A59180F19946374275745B21AEBA -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2008.04.14 03:21:32 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=AE76348A2605FB197FA8FF1D6F547836 -- C:\WINDOWS\system32\drivers\atmlane.sys
[2001.10.25 19:00:00 | 000,352,256 | ---- | M] (Microsoft Corporation) MD5=E7EF69B38D17BA01F914AE8F66216A38 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001.08.17 20:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=D9F724AA26C010A217C97606B160ED68 -- C:\WINDOWS\system32\drivers\audstub.sys
[2001.10.25 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[2008.04.14 03:23:24 | 000,071,552 | ---- | M] (Microsoft Corporation) MD5=F934D1B230F84E1D19DD00AC5A7A83ED -- C:\WINDOWS\system32\drivers\bridge.sys
[2008.06.14 18:35:31 | 000,272,128 | ---- | M] (Microsoft Corporation) MD5=F338662A6C1FC11DD9508F6DFF2C06A2 -- C:\WINDOWS\system32\drivers\bthport.sys
[2001.10.25 19:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) MD5=90A673FC8E12A79AFBED2576F6A7AAF9 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2008.04.27 13:22:26 | 000,018,688 | ---- | M] (Microsoft Corporation) MD5=C1B486A7658353D33A10CC15211A873B -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2008.04.14 03:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=C885B02847F5D2FD45A24E219ED93B32 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2008.04.14 03:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2008.04.27 13:22:26 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) MD5=30274D9BC25A43BF14891E710216EBC4 -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2008.04.14 03:46:24 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=FE47DD8FE6D7768FF94EBEC6C74B2719 -- C:\WINDOWS\system32\drivers\classpnp.sys
[2008.04.27 13:22:26 | 000,011,776 | ---- | M] (Compaq Computer Corporation) MD5=9624293E55AD405415862B504CA95B73 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2008.04.27 13:22:26 | 000,040,576 | ---- | M] (Microsoft Corporation) MD5=57FFB078B71F5B5E7A3DFF40F0F47711 -- C:\WINDOWS\system32\drivers\crusoe.sys
[2008.04.14 03:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
[2008.04.14 03:10:46 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=E65E2353A5D74EA89971CB918EEEB2F6 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2008.04.14 11:00:50 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) MD5=DB5FD2BF5B07DC54BFCB3664FF05BD7C -- C:\WINDOWS\system32\drivers\dmboot.sys
[2008.04.14 11:01:04 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) MD5=FFF1720AF51171F32F1EAD5CF71F2810 -- C:\WINDOWS\system32\drivers\dmio.sys
[2001.10.25 19:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) MD5=E9317282A63CA4D188C0DF5E09C6AC5F -- C:\WINDOWS\system32\drivers\dmload.sys
[2008.04.13 23:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) MD5=8A208DFCF89792A484E76C40E5F50B45 -- C:\WINDOWS\system32\drivers\DMusic.sys
[2008.04.13 22:15:16 | 000,060,160 | ---- | M] (Microsoft Corporation) MD5=6CB08593487F5701D2D2254E693EAFCE -- C:\WINDOWS\system32\drivers\drmk.sys
[2008.04.13 23:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=8F5FCFF8E8848AFAC920905FBD9D33C8 -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2001.10.25 19:00:00 | 000,010,496 | ---- | M] (Microsoft Corporation) MD5=FE97D0343ACFDEBDD578FC67CC91FA87 -- C:\WINDOWS\system32\drivers\dxapi.sys
[2008.04.14 03:08:30 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=AC7280566A7BB85CB3291F04DDC1198E -- C:\WINDOWS\system32\drivers\dxg.sys
[2001.10.25 19:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=A73F5D6705B1D820C19B18782E176EFD -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2008.04.14 03:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008.04.14 03:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) MD5=92CDD60B6730B9F50F6A1A0C1F8CDC81 -- C:\WINDOWS\system32\drivers\fdc.sys
[2008.04.14 10:43:24 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=AC366695A0796560AA37215AD5762AAF -- C:\WINDOWS\system32\drivers\fips.sys
[2008.02.01 08:18:14 | 000,009,216 | ---- | M] () MD5=EFB818E30F695A858B939D8483D2CFDB -- C:\WINDOWS\system32\drivers\FlashSys.sys
[2008.04.14 03:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=9D27E7B80BFCDF1CDD9B555862D5E7F0 -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2008.04.14 03:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) MD5=B2CF4B0786F8212CB92ED2B50C6DB6B0 -- C:\WINDOWS\system32\drivers\fltMgr.sys
[2008.04.27 13:22:26 | 000,012,160 | ---- | M] (Microsoft Corporation) MD5=9996A605D10E8C7DAA29A380EAEF51AE -- C:\WINDOWS\system32\drivers\fsvga.sys
[2001.10.25 19:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) MD5=3E1E2BD4F39B0E2B7DC4F4D2BCC2779A -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2001.10.25 19:00:00 | 000,125,184 | ---- | M] (Microsoft Corporation) MD5=4E664D8541DB4A66B73A24257E322E1F -- C:\WINDOWS\system32\drivers\ftdisk.sys
[2012.10.22 21:00:04 | 001,875,328 | ---- | M] (Microsoft Corporation) MD5=0158DF977449C86E8E739F514F2C38F9 -- C:\WINDOWS\$hf_mig$\KB2761226\SP3QFE\win32k.sys
[2012.04.11 14:51:55 | 001,871,360 | ---- | M] (Microsoft Corporation) MD5=0681A76F05AB800360DBBAB8CD2F8444 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\win32k.sys
[2012.10.22 20:57:05 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=076093FEA63C2E5EC25497396E032229 -- C:\WINDOWS\$NtUninstallKB2779030$\win32k.sys
[2012.06.13 14:55:23 | 001,866,112 | ---- | M] (Microsoft Corporation) MD5=11237A4A686ADB61C2E9EDDE424CCAFE -- C:\WINDOWS\$NtUninstallKB2731847$\win32k.sys
[2008.04.14 10:45:36 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys
[2010.06.24 22:30:08 | 001,861,120 | ---- | M] (Microsoft Corporation) MD5=1D6A389B0152D2164343731F4151079F -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys
[2010.09.01 08:57:41 | 001,852,800 | ---- | M] (Microsoft Corporation) MD5=21171C673C110D875FE031908409FE23 -- C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys
[2010.06.24 10:02:48 | 001,851,904 | ---- | M] (Microsoft Corporation) MD5=21A48AA96D99AEF0193526F5E762E21B -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys
[2012.01.12 18:21:01 | 001,869,056 | ---- | M] (Microsoft Corporation) MD5=2646EFD71DD05D764618E665907DE4FA -- C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys
[2012.05.15 14:55:54 | 001,863,168 | ---- | M] (Microsoft Corporation) MD5=2F9B10E96564E19389E7B9F6E0474A1A -- C:\WINDOWS\$NtUninstallKB2718523$\win32k.sys
[2012.11.13 12:55:10 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=32FD45D6C42F15B888BA9E4840B26BE6 -- C:\WINDOWS\system32\dllcache\win32k.sys
[2012.11.13 12:55:10 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=32FD45D6C42F15B888BA9E4840B26BE6 -- C:\WINDOWS\system32\win32k.sys
[2011.06.06 12:36:17 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=44E7131AA0EB70AACADBA6034B443D0B -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
[2010.10.26 15:04:46 | 001,862,272 | ---- | M] (Microsoft Corporation) MD5=470811C7406C06BAD6CCEA5445D879C9 -- C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys
[2011.11.23 15:39:28 | 001,868,544 | ---- | M] (Microsoft Corporation) MD5=4D18A0DFAAAE8EC5348809A90EF33AF0 -- C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys
[2010.10.26 14:58:35 | 001,853,312 | ---- | M] (Microsoft Corporation) MD5=4FF440A38D242AA40D40F990C566DF32 -- C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys
[2011.06.06 12:35:21 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=5477E9351066CA7F70A92461A35F5310 -- C:\WINDOWS\$NtUninstallKB2567053$\win32k.sys
[2010.09.01 08:57:07 | 001,861,888 | ---- | M] (Microsoft Corporation) MD5=5577EC6934D639CB20EA0C90A8AF4923 -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys
[2011.03.03 14:52:12 | 001,866,880 | ---- | M] (Microsoft Corporation) MD5=570FB1C8ABCF6375169E94C23537019C -- C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys
[2009.08.14 16:15:39 | 001,850,624 | ---- | M] (Microsoft Corporation) MD5=670C868CDBDF46269EB7CC39B05A7513 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2012.02.03 10:56:21 | 001,869,184 | ---- | M] (Microsoft Corporation) MD5=6FBCF0BC474B8212A82528AD531A1874 -- C:\WINDOWS\$hf_mig$\KB2641653\SP3QFE\win32k.sys
[2012.07.03 19:21:38 | 001,875,072 | ---- | M] (Microsoft Corporation) MD5=7501476F30C38BF0320E17CE3E5AC159 -- C:\WINDOWS\$hf_mig$\KB2731847\SP3QFE\win32k.sys
[2012.11.13 12:56:25 | 001,875,456 | ---- | M] (Microsoft Corporation) MD5=755B5172821684A6FE41461599783A5B -- C:\WINDOWS\$hf_mig$\KB2779030\SP3QFE\win32k.sys
[2010.05.02 09:03:50 | 001,860,352 | ---- | M] (Microsoft Corporation) MD5=8402F80D7FCA8CD3A4BCF027773CAD34 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2009.08.14 17:00:31 | 001,859,712 | ---- | M] (Microsoft Corporation) MD5=862CAA1CB5EF221C09918FF185DF14D7 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys
[2012.07.03 19:22:37 | 001,866,112 | ---- | M] (Microsoft Corporation) MD5=89B9C5051E815C943C3A9EBB2619DF6A -- C:\WINDOWS\$NtUninstallKB2761226$\win32k.sys
[2010.05.02 09:09:42 | 001,851,264 | ---- | M] (Microsoft Corporation) MD5=8DFA2A74176D58E671C7FD9F8966DE99 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys
[2011.03.03 14:53:33 | 001,857,920 | ---- | M] (Microsoft Corporation) MD5=958A81E06C4E3510AEA1F6BCD258EF4C -- C:\WINDOWS\$NtUninstallKB2555917$\win32k.sys
[2011.11.23 15:40:43 | 001,859,584 | ---- | M] (Microsoft Corporation) MD5=95C3BB468E471AF92D7C59BC340C3897 -- C:\WINDOWS\$NtUninstallKB2660465$\win32k.sys
[2012.06.13 14:55:45 | 001,875,072 | ---- | M] (Microsoft Corporation) MD5=A0F7B608DB991AB7BA54FEACE2B700EA -- C:\WINDOWS\$hf_mig$\KB2718523\SP3QFE\win32k.sys
[2010.12.31 15:04:07 | 001,854,976 | ---- | M] (Microsoft Corporation) MD5=AE4BFDE8B2841CE7F6AFAB0F43435445 -- C:\WINDOWS\$NtUninstallKB2506223$\win32k.sys
[2011.09.06 15:08:32 | 001,867,904 | ---- | M] (Microsoft Corporation) MD5=B14465CDD6AFA31154396B54254F2BA8 -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2012.02.03 10:57:39 | 001,860,096 | ---- | M] (Microsoft Corporation) MD5=BFBAFDA347493E17EF7C496A5BDC3224 -- C:\WINDOWS\$NtUninstallKB2676562$\win32k.sys
[2010.12.31 15:02:56 | 001,864,064 | ---- | M] (Microsoft Corporation) MD5=D8525ABDAFFB6F08CDEF1D87B509B17B -- C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys
[2012.04.11 14:55:17 | 001,862,272 | ---- | M] (Microsoft Corporation) MD5=DF47E6DE09590695502B96797845259C -- C:\WINDOWS\$NtUninstallKB2709162$\win32k.sys
[2012.01.12 18:20:32 | 001,859,968 | ---- | M] (Microsoft Corporation) MD5=E4FFDA12B733F7BA631303E4190CB944 -- C:\WINDOWS\$NtUninstallKB2641653$\win32k.sys
[2011.09.06 15:10:02 | 001,858,944 | ---- | M] (Microsoft Corporation) MD5=EC7DE8AE321E0B01C23770A2AD4AA66F -- C:\WINDOWS\$NtUninstallKB2639417$\win32k.sys
[2012.05.15 14:55:10 | 001,872,128 | ---- | M] (Microsoft Corporation) MD5=F8A061DD411AFC4AC7C5E222079CEFB4 -- C:\WINDOWS\$hf_mig$\KB2709162\SP3QFE\win32k.sys
< MD5 for: WINLOGON.EXE >
[2008.04.14 11:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 11:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINSRV.DLL >
[2011.04.26 12:02:48 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=169D34A85EC9E415C4C3A03AA62A34B6 -- C:\WINDOWS\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
[2011.04.26 12:07:50 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=43B8BD54F87BFFFE5C560B2965E13C26 -- C:\WINDOWS\$NtUninstallKB2567680$\winsrv.dll
[2011.06.20 18:44:52 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4F1340B27E7590D3E42541769ABD5872 -- C:\WINDOWS\$NtUninstallKB2646524$\winsrv.dll
[2011.11.25 22:56:35 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=4FC123A5B7D8F5A9511CFF7B98F9596B -- C:\WINDOWS\$hf_mig$\KB2646524\SP3QFE\winsrv.dll
[2010.06.18 18:46:19 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=681CB546E0EF9C44FDE21EE0D4307DF0 -- C:\WINDOWS\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
[2008.04.14 11:52:06 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\$NtUninstallKB2121546$\winsrv.dll
[2010.06.18 18:47:41 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=D7F6130150643691D61E957A2CD48D1B -- C:\WINDOWS\$NtUninstallKB2507938$\winsrv.dll
[2011.06.20 18:43:23 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=EF9951D90C530C39DEAB56C16160D837 -- C:\WINDOWS\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
[2011.11.25 22:57:27 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=F3FA14A297BC687D0B51289D034033C9 -- C:\WINDOWS\system32\dllcache\winsrv.dll
[2011.11.25 22:57:27 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=F3FA14A297BC687D0B51289D034033C9 -- C:\WINDOWS\system32\winsrv.dll
< MD5 for: WS2_32.DLL >
[2008.04.14 11:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 11:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< MD5 for: WSCRIPT.EXE >
[2008.04.14 11:52:56 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=279C5962E62940A62C7DC4EEA707CD5D -- C:\WINDOWS\$NtUninstallKB951978$\wscript.exe
[2008.05.08 12:24:44 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe
[2008.05.08 12:24:44 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\system32\dllcache\wscript.exe
[2008.05.08 12:24:44 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=CEA8F7E45B7B098F5FB085BB6A6A4432 -- C:\WINDOWS\system32\wscript.exe
< >
< %systemroot%\system32\logevent.dll /md5 >
< %systemroot%\system32\sceclt.dll /md5 >
< %systemroot%\system32\ntelogon.dll /md5 >
< %systemroot%\system32\consrv.dll /md5 >
< >
< %systemroot%\system32\logevent.dll /md5 /64 >
< %systemroot%\system32\sceclt.dll /md5 /64 >
< %systemroot%\system32\ntelogon.dll /md5 /64 >
< %systemroot%\system32\consrv.dll /md5 /64 >
< >
< %systemroot%\system32\drivers\*.sys /md5 >
[2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) MD5=149A8F7ADF9742554DC323E290551E3E -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2008.04.14 10:35:42 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\system32\drivers\acpi.sys
[2001.10.25 19:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=AFDFF022A01F0B11C776F0860C3B282F -- C:\WINDOWS\system32\drivers\acpiec.sys
[2008.04.13 21:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys
[2011.08.17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys
[2008.04.27 13:22:26 | 000,041,216 | ---- | M] (Microsoft Corporation) MD5=AA2D3A86F7B551AA227B17EFAEAB7D22 -- C:\WINDOWS\system32\drivers\amdk6.sys
[2008.04.27 13:22:26 | 000,041,600 | ---- | M] (Microsoft Corporation) MD5=3980814F8027D27EA003E2E3D9D4F604 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2008.04.27 13:22:26 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=B5B8A80875C1DEDEDA8B02765642C32F -- C:\WINDOWS\system32\drivers\arp1394.sys
[2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) MD5=DE6ED95AEF259979B2830450072A627B -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2012.10.30 23:51:57 | 000,089,752 | ---- | M] (AVAST Software) MD5=B8236CDC3E9862F037B1F83E352BDF94 -- C:\WINDOWS\system32\drivers\aswmon.sys
[2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) MD5=84F0BE324EE111338589F448C3E8BAB2 -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) MD5=7C9F0A2AB17D52261A9252A2EB320884 -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) MD5=B32E9AD44A1DBB3E8095E80F8DF32B03 -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) MD5=67B558895695545FB0568B7541F3BCA7 -- C:\WINDOWS\system32\drivers\aswSP.sys
[2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) MD5=E3E73B2B73A4DFADFDDF557192C4B08A -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2008.04.14 03:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=B153AFFAC761E7F5FCFA822B9C4E97BC -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 03:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=9916C1225104BA14794209CFA8012159 -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2001.10.25 19:00:00 | 000,031,360 | ---- | M] (Microsoft Corporation) MD5=39A0A59180F19946374275745B21AEBA -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2008.04.14 03:21:32 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=AE76348A2605FB197FA8FF1D6F547836 -- C:\WINDOWS\system32\drivers\atmlane.sys
[2001.10.25 19:00:00 | 000,352,256 | ---- | M] (Microsoft Corporation) MD5=E7EF69B38D17BA01F914AE8F66216A38 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001.08.17 20:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=D9F724AA26C010A217C97606B160ED68 -- C:\WINDOWS\system32\drivers\audstub.sys
[2001.10.25 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[2008.04.14 03:23:24 | 000,071,552 | ---- | M] (Microsoft Corporation) MD5=F934D1B230F84E1D19DD00AC5A7A83ED -- C:\WINDOWS\system32\drivers\bridge.sys
[2008.06.14 18:35:31 | 000,272,128 | ---- | M] (Microsoft Corporation) MD5=F338662A6C1FC11DD9508F6DFF2C06A2 -- C:\WINDOWS\system32\drivers\bthport.sys
[2001.10.25 19:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) MD5=90A673FC8E12A79AFBED2576F6A7AAF9 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2008.04.27 13:22:26 | 000,018,688 | ---- | M] (Microsoft Corporation) MD5=C1B486A7658353D33A10CC15211A873B -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2008.04.14 03:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=C885B02847F5D2FD45A24E219ED93B32 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2008.04.14 03:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2008.04.27 13:22:26 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) MD5=30274D9BC25A43BF14891E710216EBC4 -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2008.04.14 03:46:24 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=FE47DD8FE6D7768FF94EBEC6C74B2719 -- C:\WINDOWS\system32\drivers\classpnp.sys
[2008.04.27 13:22:26 | 000,011,776 | ---- | M] (Compaq Computer Corporation) MD5=9624293E55AD405415862B504CA95B73 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2008.04.27 13:22:26 | 000,040,576 | ---- | M] (Microsoft Corporation) MD5=57FFB078B71F5B5E7A3DFF40F0F47711 -- C:\WINDOWS\system32\drivers\crusoe.sys
[2008.04.14 03:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
[2008.04.14 03:10:46 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=E65E2353A5D74EA89971CB918EEEB2F6 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2008.04.14 11:00:50 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) MD5=DB5FD2BF5B07DC54BFCB3664FF05BD7C -- C:\WINDOWS\system32\drivers\dmboot.sys
[2008.04.14 11:01:04 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) MD5=FFF1720AF51171F32F1EAD5CF71F2810 -- C:\WINDOWS\system32\drivers\dmio.sys
[2001.10.25 19:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) MD5=E9317282A63CA4D188C0DF5E09C6AC5F -- C:\WINDOWS\system32\drivers\dmload.sys
[2008.04.13 23:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) MD5=8A208DFCF89792A484E76C40E5F50B45 -- C:\WINDOWS\system32\drivers\DMusic.sys
[2008.04.13 22:15:16 | 000,060,160 | ---- | M] (Microsoft Corporation) MD5=6CB08593487F5701D2D2254E693EAFCE -- C:\WINDOWS\system32\drivers\drmk.sys
[2008.04.13 23:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=8F5FCFF8E8848AFAC920905FBD9D33C8 -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2001.10.25 19:00:00 | 000,010,496 | ---- | M] (Microsoft Corporation) MD5=FE97D0343ACFDEBDD578FC67CC91FA87 -- C:\WINDOWS\system32\drivers\dxapi.sys
[2008.04.14 03:08:30 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=AC7280566A7BB85CB3291F04DDC1198E -- C:\WINDOWS\system32\drivers\dxg.sys
[2001.10.25 19:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=A73F5D6705B1D820C19B18782E176EFD -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2008.04.14 03:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008.04.14 03:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) MD5=92CDD60B6730B9F50F6A1A0C1F8CDC81 -- C:\WINDOWS\system32\drivers\fdc.sys
[2008.04.14 10:43:24 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=AC366695A0796560AA37215AD5762AAF -- C:\WINDOWS\system32\drivers\fips.sys
[2008.02.01 08:18:14 | 000,009,216 | ---- | M] () MD5=EFB818E30F695A858B939D8483D2CFDB -- C:\WINDOWS\system32\drivers\FlashSys.sys
[2008.04.14 03:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=9D27E7B80BFCDF1CDD9B555862D5E7F0 -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2008.04.14 03:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) MD5=B2CF4B0786F8212CB92ED2B50C6DB6B0 -- C:\WINDOWS\system32\drivers\fltMgr.sys
[2008.04.27 13:22:26 | 000,012,160 | ---- | M] (Microsoft Corporation) MD5=9996A605D10E8C7DAA29A380EAEF51AE -- C:\WINDOWS\system32\drivers\fsvga.sys
[2001.10.25 19:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) MD5=3E1E2BD4F39B0E2B7DC4F4D2BCC2779A -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2001.10.25 19:00:00 | 000,125,184 | ---- | M] (Microsoft Corporation) MD5=4E664D8541DB4A66B73A24257E322E1F -- C:\WINDOWS\system32\drivers\ftdisk.sys
Re: Combofix
[2008.04.14 01:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) MD5=573C7D0A32852B48F3058CFD8026F511 -- C:\WINDOWS\system32\drivers\hdaudbus.sys
[2008.04.14 03:15:28 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=1AF592532532A402ED7C060F6954004F -- C:\WINDOWS\system32\drivers\hidclass.sys
[2008.04.14 03:15:24 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=96ECCF28FDBF1B2CC12725818A63628D -- C:\WINDOWS\system32\drivers\hidparse.sys
[2009.10.20 17:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) MD5=F80A415EF82CD06FFAF0D971528EAD38 -- C:\WINDOWS\system32\drivers\http.sys
[2008.04.14 10:51:16 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2008.04.14 03:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) MD5=083A052659F5310DD8B6A6CB05EDCF8E -- C:\WINDOWS\system32\drivers\imapi.sys
[2008.04.14 10:55:56 | 000,040,192 | ---- | M] (Microsoft Corporation) MD5=27B290D632AF2CF3CF40BFDDB7370985 -- C:\WINDOWS\system32\drivers\intelppm.sys
[2008.04.14 03:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) MD5=3BB22519A194418D5FEC05D800A19AD0 -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2001.10.25 19:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=731F22BA402EE4B62748ADAF6363C182 -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2008.04.14 03:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) MD5=B87AB476DCF76E72010632B5550955F5 -- C:\WINDOWS\system32\drivers\ipinip.sys
[2008.04.14 03:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) MD5=CC748EA12C6EFFDE940EE98098BF96BB -- C:\WINDOWS\system32\drivers\ipnat.sys
[2008.04.14 03:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2008.04.14 03:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=C93C9FF7B04D772627A3646D89F7BF89 -- C:\WINDOWS\system32\drivers\irenum.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2007.11.26 11:16:50 | 000,072,704 | ---- | M] (JMicron Technology Corp.) MD5=BDCE08E413C98720D23D0A4CD74F6E0C -- C:\WINDOWS\system32\drivers\jraid.sys
[2008.04.14 10:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008.04.13 23:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) MD5=692BCF44383D056AED41B045A323D378 -- C:\WINDOWS\system32\drivers\kmixer.sys
[2008.04.13 22:46:38 | 000,141,056 | ---- | M] (Microsoft Corporation) MD5=0753515F78DF7F271A5E61C20BCD36A1 -- C:\WINDOWS\system32\drivers\ks.sys
[2009.06.24 12:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) MD5=B467646C54CC746128904E1654C750C1 -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2001.10.25 19:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D1F8BE91ED4DDB671D42E473E3FE71AB -- C:\WINDOWS\system32\drivers\mcd.sys
[2008.04.27 13:22:26 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=A7DA20AB18A1BDAE28B0F349E57DA0D1 -- C:\WINDOWS\system32\drivers\mf.sys
[2001.10.25 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4AE068242760A1FB6E1A44BF4E16AFA6 -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2008.04.27 13:22:26 | 000,030,080 | ---- | M] (Microsoft Corporation) MD5=44032B0C6D9954D3FD26438330B99EE7 -- C:\WINDOWS\system32\drivers\modem.sys
[2008.04.27 13:22:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=4CB582831DBDE63CE43B45D771218374 -- C:\WINDOWS\system32\drivers\mouclass.sys
[2008.04.14 03:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2008.04.14 03:09:46 | 000,092,544 | ---- | M] (Microsoft Corporation) MD5=70C14F5CCA5CF73F8A645C73A01D8726 -- C:\WINDOWS\system32\drivers\mqac.sys
[2008.04.14 03:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) MD5=11D42BB6206F33FBB3BA0288D3EF81BD -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2011.07.15 14:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2008.04.14 03:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=C941EA2454BA8350021D774DAF0F1027 -- C:\WINDOWS\system32\drivers\msfs.sys
[2008.04.14 03:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) MD5=0A02C63C8B144BD8C86B103DEE7C86A2 -- C:\WINDOWS\system32\drivers\msgpc.sys
[2008.04.13 23:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) MD5=D1575E71568F4D9E14CA56B7B0453BF1 -- C:\WINDOWS\system32\drivers\MSKSSRV.sys
[2008.04.13 23:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) MD5=325BB26842FC7CCC1FCCE2C457317F3E -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
[2008.04.13 23:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) MD5=BAD59648BA099DA4A17680B39730CB3D -- C:\WINDOWS\system32\drivers\MSPQM.sys
[2008.04.27 13:22:26 | 000,015,488 | ---- | M] (Microsoft Corporation) MD5=AF5F4F3F14A8EA2C26DE30F7A1E17136 -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2011.04.21 14:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=DE6A75F5C270E756C5508D94B6CF68F5 -- C:\WINDOWS\system32\drivers\mup.sys
[2008.04.14 03:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2011.07.08 15:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) MD5=0109C4F3850DFBAB279542515386AE22 -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2008.04.27 13:22:26 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=F927A4434C5028758A842943EF1A3849 -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2008.04.14 03:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) MD5=EDC1531A49C80614B2CFDA43CA8659AB -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2010.11.02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=9282BD12DFB069D3889EB3FCC1000A9B -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2008.04.14 03:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -- C:\WINDOWS\system32\drivers\netbios.sys
[2008.04.14 03:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys
[2008.04.27 13:22:26 | 000,061,824 | ---- | M] (Microsoft Corporation) MD5=E9E47CFB2D461FA0FC75B7A74C6383EA -- C:\WINDOWS\system32\drivers\nic1394.sys
[2008.04.27 13:22:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=BE984D604D91C217355CDD3737AAD25D -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2008.04.14 03:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) MD5=1E421A6BCF2203CC61B821ADA9DE878B -- C:\WINDOWS\system32\drivers\nmnt.sys
[2012.01.12 21:27:16 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) MD5=B9730495E0CF674680121E34BD95A73B -- C:\WINDOWS\system32\drivers\npf.sys
[2008.04.14 03:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) MD5=3182D64AE053D6FB034F44B6DEF8034A -- C:\WINDOWS\system32\drivers\npfs.sys
[2008.04.14 03:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2001.10.25 19:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=73C1E1F395918BC2C6DD67AF7591A3AD -- C:\WINDOWS\system32\drivers\null.sys
[2007.12.05 02:41:00 | 007,435,392 | ---- | M] (NVIDIA Corporation) MD5=8C0456001B6900114BBB1C548BD8AAF5 -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2001.10.25 19:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) MD5=B305F3FAD35083837EF46A0BBCE2FC57 -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2001.10.25 19:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) MD5=C99B3415198D1AAB7227F2C88FD664B9 -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2008.04.14 03:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) MD5=8B8B1BE2DBA4025DA6786C645F77F123 -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2001.10.25 19:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) MD5=56D34A67C05E94E16377C60609741FF8 -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2001.10.25 19:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) MD5=C0BB7D1615E1ACBDC99757F6CEAF8CF0 -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2008.04.14 03:04:14 | 000,163,584 | ---- | M] (Microsoft Corporation) MD5=36B9B950E3D2E100970A48D8BAD86740 -- C:\WINDOWS\system32\drivers\nwrdr.sys
[2001.10.25 19:00:00 | 000,003,456 | ---- | M] (Microsoft Corporation) MD5=4BB30DDC53EBC76895E38694580CDFE9 -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2008.04.27 13:22:26 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=3FC38E7FBE91DB40C34731195F4116C2 -- C:\WINDOWS\system32\drivers\p3.sys
[2008.04.27 13:22:26 | 000,080,000 | ---- | M] (Microsoft Corporation) MD5=46F8DB73B4A53E543F8E371DC7C75BAE -- C:\WINDOWS\system32\drivers\parport.sys
[2008.04.14 03:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) MD5=BEB3BA25197665D82EC7065B724171C6 -- C:\WINDOWS\system32\drivers\partmgr.sys
[2001.10.25 19:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) MD5=1FAE19D0457176318BBA4A8795656EBC -- C:\WINDOWS\system32\drivers\parvdm.sys
[2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) MD5=175CC28DCF819F78CAA3FBD44AD9E52A -- C:\WINDOWS\system32\drivers\pccsmcfd.sys
[2008.04.14 07:10:38 | 000,068,736 | ---- | M] (Microsoft Corporation) MD5=6CE351D149CB4BEFC702951E471E1730 -- C:\WINDOWS\system32\drivers\pci.sys
[2001.10.24 10:52:28 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=2DA4EC85E0EA7A45C6B2A05820492D5A -- C:\WINDOWS\system32\drivers\pciide.sys
[2008.04.13 23:10:30 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=52E60F29221D0D1AC16737E8DBF7C3E9 -- C:\WINDOWS\system32\drivers\pciidex.sys
[2008.04.14 11:10:46 | 000,120,064 | ---- | M] (Microsoft Corporation) MD5=4FC31E6C19A5CE5198B1ABFF94CAE758 -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2008.04.13 22:49:42 | 000,146,048 | ---- | M] (Microsoft Corporation) MD5=E82A496C3961EFC6828B508C310CE98F -- C:\WINDOWS\system32\drivers\portcls.sys
[2008.04.27 13:22:26 | 000,039,680 | ---- | M] (Microsoft Corporation) MD5=7EB15DCE4EC3A0220BD796A15C18186E -- C:\WINDOWS\system32\drivers\processr.sys
[2008.04.14 03:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=09298EC810B07E5D582CB3A3F9255424 -- C:\WINDOWS\system32\drivers\psched.sys
[2001.10.25 19:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) MD5=80D317BD1C3DBC5D4FE7B1678C60CADD -- C:\WINDOWS\system32\drivers\ptilink.sys
[2001.10.25 19:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
[2008.04.14 03:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) MD5=11B4A627BC9614B885C4969BFA5FF8A6 -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2008.04.14 03:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=5BC962F2654137C9909C3D4603587DEE -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2008.04.14 03:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) MD5=EFEEC01B1D3CF84F16DDD24D9D9D8F99 -- C:\WINDOWS\system32\drivers\raspptp.sys
[2001.10.25 19:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) MD5=FDBB1D60066FCFBB7452FD8F9829B242 -- C:\WINDOWS\system32\drivers\raspti.sys
[2001.10.25 19:00:00 | 000,034,432 | ---- | M] (Microsoft Corporation) MD5=01524CD237223B18ADBB48F70083F101 -- C:\WINDOWS\system32\drivers\rawwan.sys
[2008.04.14 03:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) MD5=7AD224AD1A1437FE28D89CF22B17780A -- C:\WINDOWS\system32\drivers\rdbss.sys
[2001.10.25 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2008.04.13 22:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) MD5=15CABD0F7C00C47C70124907916AF3F1 -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2012.07.04 15:05:17 | 000,139,784 | ---- | M] (Microsoft Corporation) MD5=43AF5212BD8FB5BA6EED9754358BD8F7 -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2008.04.14 06:44:54 | 000,058,496 | ---- | M] (Microsoft Corporation) MD5=611BFD220305BE3A85AE876EA47D4AA5 -- C:\WINDOWS\system32\drivers\redbook.sys
[2008.04.27 13:22:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=A56FE08EC7473E8580A390BB1081CDD7 -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2008.04.27 13:22:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=0A854DF84C77A0BE205BFEAB2AE4F0EC -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008.05.08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) MD5=96F7A9A7BF0C9C0440A967440065D33C -- C:\WINDOWS\system32\drivers\rmcast.sys
[2008.04.14 03:26:50 | 000,030,592 | ---- | M] (Microsoft Corporation) MD5=601844CBCF617FF8C868130CA5B2039D -- C:\WINDOWS\system32\drivers\rndismp.sys
[2001.10.25 19:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=D8B0B4ADE32574B2D9C5CC34DC0DBBE7 -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2008.04.17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) MD5=B2957D6C1226F029230DAC2C46D34286 -- C:\WINDOWS\system32\drivers\RtkHDAud.sys
[2007.11.21 00:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) MD5=E10F6C9BD09D8DAE26E29D52C65E6E0F -- C:\WINDOWS\system32\drivers\Rtnicxp.sys
[2008.04.14 03:10:32 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=76C465F570E90C28942D52CCB2580A10 -- C:\WINDOWS\system32\drivers\scsiport.sys
[2008.04.14 03:06:46 | 000,079,232 | ---- | M] (Microsoft Corporation) MD5=8D04819A3CE51B9EB47E5689B44D43C4 -- C:\WINDOWS\system32\drivers\sdbus.sys
[2008.04.14 01:09:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\WINDOWS\system32\drivers\secdrv.sys
[2008.04.14 03:10:14 | 000,015,744 | ---- | M] (Microsoft Corporation) MD5=0F29512CCD6BEAD730039FB4BD2C85CE -- C:\WINDOWS\system32\drivers\serenum.sys
[2008.04.14 10:51:10 | 000,064,256 | ---- | M] (Microsoft Corporation) MD5=B842729337C9B921615C40D3C1A1AF96 -- C:\WINDOWS\system32\drivers\serial.sys
[2008.04.14 03:10:48 | 000,011,904 | ---- | M] (Microsoft Corporation) MD5=0FA803C64DF0914B41F807EA276BF2A6 -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2008.04.14 03:10:50 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=D66D22D76878BF3483A6BE30183FB648 -- C:\WINDOWS\system32\drivers\sffp_mmc.sys
[2008.04.14 03:10:48 | 000,011,008 | ---- | M] (Microsoft Corporation) MD5=C17C331E435ED8737525C86A7557B3AC -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2008.04.14 03:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2001.10.25 19:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=017DAECF0ED3AA731313433601EC40FA -- C:\WINDOWS\system32\drivers\smclib.sys
[2008.04.27 13:22:26 | 000,025,344 | ---- | M] (Microsoft Corporation) MD5=489703624DAC94ED943C2ABDA022A1CD -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2008.04.13 23:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
[2008.04.14 11:11:28 | 000,073,344 | ---- | M] (Microsoft Corporation) MD5=94610C8653635E4459316A0050D55CE7 -- C:\WINDOWS\system32\drivers\sr.sys
[2011.02.17 14:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) MD5=47DDFC2F003F7F9F0592C6874962A2E7 -- C:\WINDOWS\system32\drivers\srv.sys
[2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) MD5=EAA66218CD39F5BB1B4853A78C67C787 -- C:\WINDOWS\system32\drivers\ss_bbus.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=F8A771C5A63DC641772B7A3B05AF173F -- C:\WINDOWS\system32\drivers\ss_bcm.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=F8A771C5A63DC641772B7A3B05AF173F -- C:\WINDOWS\system32\drivers\ss_bcmnt.sys
[2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) MD5=91765F99914ED8693D8BC76524F21581 -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys
[2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) MD5=840E7B738B03C10EE91D9B7D3D6EFF15 -- C:\WINDOWS\system32\drivers\ss_bmdm.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=29B73D03AE6EDABB88E50364B066A6CA -- C:\WINDOWS\system32\drivers\ss_bwh.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=29B73D03AE6EDABB88E50364B066A6CA -- C:\WINDOWS\system32\drivers\ss_bwhnt.sys
[2007.10.25 17:26:10 | 000,005,632 | ---- | M] () MD5=306521935042FC0A6988D528643619B3 -- C:\WINDOWS\system32\drivers\StarOpen.sys
[2008.04.13 22:15:16 | 000,049,408 | ---- | M] (Microsoft Corporation) MD5=3E5D89099DED9E86E5639F411693218F -- C:\WINDOWS\system32\drivers\stream.sys
[2008.04.27 13:22:26 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=3941D127AEF12E93ADDF6FE6EE027E0F -- C:\WINDOWS\system32\drivers\swenum.sys
[2008.04.13 23:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2008.04.13 23:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=8B83F3ED0F1688B4958F77CD6D2BF290 -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2008.04.14 03:10:52 | 000,014,976 | ---- | M] (Microsoft Corporation) MD5=FD6093E3DECD925F1CFFC8A0DD539D72 -- C:\WINDOWS\system32\drivers\tape.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) MD5=4E53BBCC4BE37D7A4BD6EF1098C89FF7 -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2008.04.14 03:30:06 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=0539D5E53587F82D1B4FD74C5BE205CF -- C:\WINDOWS\system32\drivers\tdi.sys
[2008.04.14 11:53:28 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008.04.14 11:53:28 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2008.04.14 06:53:26 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys
[2008.04.27 13:22:26 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=699450901C5CCFD82357CBC531CEDD23 -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2008.04.27 13:22:26 | 000,021,376 | ---- | M] (Toshiba Corporation) MD5=D74A8EC75305F1D3CFDE7C7FC1BD62A9 -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2008.04.27 13:22:26 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=8F861EDA21C05857EB8197300A92501C -- C:\WINDOWS\system32\drivers\tunmp.sys
[2008.04.14 03:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=5787B80C2E3C5E2F56C2A233D91FA2C9 -- C:\WINDOWS\system32\drivers\udfs.sys
[2008.04.14 03:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) MD5=402DDC88356B1BAC0EE3DD1580C76A31 -- C:\WINDOWS\system32\drivers\update.sys
[2008.04.14 03:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=BEE793D4A059CAEA55D6AC20E19B3A8F -- C:\WINDOWS\system32\drivers\usb8023.sys
[2008.04.27 13:22:26 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=1C1A47B40C23358245AA8D0443B6935E -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2008.04.27 13:22:26 | 000,025,728 | ---- | M] (Microsoft Corporation) MD5=CE97845D2E3F0D274B8BAC1ED07C6149 -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2001.10.25 19:00:00 | 000,004,736 | ---- | M] (Microsoft Corporation) MD5=596EB39B50D6EBD9B734DC4AE0544693 -- C:\WINDOWS\system32\drivers\usbd.sys
[2008.04.13 23:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=65DCF09D0E37D4C6B11B5B0B76D470A7 -- C:\WINDOWS\system32\drivers\usbehci.sys
[2008.04.13 23:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) MD5=1AB3CDDE553B6E064D2E754EFE20285C -- C:\WINDOWS\system32\drivers\usbhub.sys
[2008.04.27 13:22:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=290913DC4F1125E5A82DE52579A44C43 -- C:\WINDOWS\system32\drivers\usbintel.sys
[2008.04.13 23:15:38 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=791912E524CC2CC6F50B5F2B52D1EB71 -- C:\WINDOWS\system32\drivers\usbport.sys
[2008.04.13 22:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2008.04.13 22:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2008.04.14 03:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys
[2008.04.14 03:15:36 | 000,020,608 | ---- | M] (Microsoft Corporation) MD5=26496F9DEE2D787FC3E61AD54821FFE6 -- C:\WINDOWS\system32\drivers\usbuhci.sys
[2008.04.27 13:22:26 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) MD5=55E01061C74A8CEFFF58DC36114A8D3F -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2008.04.14 03:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=0D3A8FAFCEACD8B7625CD549757A7DF1 -- C:\WINDOWS\system32\drivers\vga.sys
[2008.04.14 03:14:42 | 000,081,664 | ---- | M] (Microsoft Corporation) MD5=E28726B72C46821A28830E077D39A55B -- C:\WINDOWS\system32\drivers\videoprt.sys
[2008.04.14 10:42:06 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=28A4B296B47782173C346E376CB374D1 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2008.04.14 03:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) MD5=E20B95BAEDB550F32DD489265C1DA1F6 -- C:\WINDOWS\system32\drivers\wanarp.sys
[2008.04.13 23:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) MD5=6768ACF64B18196494413695F0C3A00F -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2001.10.25 19:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=2F31B7F954BED437F2C75026C65CAF7B -- C:\WINDOWS\system32\drivers\wmilib.sys
[2008.04.27 14:19:28 | 000,038,528 | ---- | M] (Microsoft Corporation) MD5=CF4DEF1BF66F06964DC0D91844239104 -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2001.10.25 19:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2008.04.27 14:19:28 | 000,077,568 | ---- | M] (Microsoft Corporation) MD5=F15FEAFFFBB3644CCC80C5DA584E6311 -- C:\WINDOWS\system32\drivers\wudfpf.sys
[2008.04.27 14:19:30 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=28B524262BCE6DE1F7EF9F510BA3985B -- C:\WINDOWS\system32\drivers\wudfrd.sys
[2008.04.14 03:15:28 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=1AF592532532A402ED7C060F6954004F -- C:\WINDOWS\system32\drivers\hidclass.sys
[2008.04.14 03:15:24 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=96ECCF28FDBF1B2CC12725818A63628D -- C:\WINDOWS\system32\drivers\hidparse.sys
[2009.10.20 17:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) MD5=F80A415EF82CD06FFAF0D971528EAD38 -- C:\WINDOWS\system32\drivers\http.sys
[2008.04.14 10:51:16 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2008.04.14 03:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) MD5=083A052659F5310DD8B6A6CB05EDCF8E -- C:\WINDOWS\system32\drivers\imapi.sys
[2008.04.14 10:55:56 | 000,040,192 | ---- | M] (Microsoft Corporation) MD5=27B290D632AF2CF3CF40BFDDB7370985 -- C:\WINDOWS\system32\drivers\intelppm.sys
[2008.04.14 03:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) MD5=3BB22519A194418D5FEC05D800A19AD0 -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2001.10.25 19:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) MD5=731F22BA402EE4B62748ADAF6363C182 -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2008.04.14 03:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) MD5=B87AB476DCF76E72010632B5550955F5 -- C:\WINDOWS\system32\drivers\ipinip.sys
[2008.04.14 03:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) MD5=CC748EA12C6EFFDE940EE98098BF96BB -- C:\WINDOWS\system32\drivers\ipnat.sys
[2008.04.14 03:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2008.04.14 03:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=C93C9FF7B04D772627A3646D89F7BF89 -- C:\WINDOWS\system32\drivers\irenum.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2007.11.26 11:16:50 | 000,072,704 | ---- | M] (JMicron Technology Corp.) MD5=BDCE08E413C98720D23D0A4CD74F6E0C -- C:\WINDOWS\system32\drivers\jraid.sys
[2008.04.14 10:59:08 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008.04.13 23:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) MD5=692BCF44383D056AED41B045A323D378 -- C:\WINDOWS\system32\drivers\kmixer.sys
[2008.04.13 22:46:38 | 000,141,056 | ---- | M] (Microsoft Corporation) MD5=0753515F78DF7F271A5E61C20BCD36A1 -- C:\WINDOWS\system32\drivers\ks.sys
[2009.06.24 12:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) MD5=B467646C54CC746128904E1654C750C1 -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2001.10.25 19:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D1F8BE91ED4DDB671D42E473E3FE71AB -- C:\WINDOWS\system32\drivers\mcd.sys
[2008.04.27 13:22:26 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=A7DA20AB18A1BDAE28B0F349E57DA0D1 -- C:\WINDOWS\system32\drivers\mf.sys
[2001.10.25 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4AE068242760A1FB6E1A44BF4E16AFA6 -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2008.04.27 13:22:26 | 000,030,080 | ---- | M] (Microsoft Corporation) MD5=44032B0C6D9954D3FD26438330B99EE7 -- C:\WINDOWS\system32\drivers\modem.sys
[2008.04.27 13:22:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=4CB582831DBDE63CE43B45D771218374 -- C:\WINDOWS\system32\drivers\mouclass.sys
[2008.04.14 03:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2008.04.14 03:09:46 | 000,092,544 | ---- | M] (Microsoft Corporation) MD5=70C14F5CCA5CF73F8A645C73A01D8726 -- C:\WINDOWS\system32\drivers\mqac.sys
[2008.04.14 03:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) MD5=11D42BB6206F33FBB3BA0288D3EF81BD -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2011.07.15 14:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2008.04.14 03:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=C941EA2454BA8350021D774DAF0F1027 -- C:\WINDOWS\system32\drivers\msfs.sys
[2008.04.14 03:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) MD5=0A02C63C8B144BD8C86B103DEE7C86A2 -- C:\WINDOWS\system32\drivers\msgpc.sys
[2008.04.13 23:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) MD5=D1575E71568F4D9E14CA56B7B0453BF1 -- C:\WINDOWS\system32\drivers\MSKSSRV.sys
[2008.04.13 23:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) MD5=325BB26842FC7CCC1FCCE2C457317F3E -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
[2008.04.13 23:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) MD5=BAD59648BA099DA4A17680B39730CB3D -- C:\WINDOWS\system32\drivers\MSPQM.sys
[2008.04.27 13:22:26 | 000,015,488 | ---- | M] (Microsoft Corporation) MD5=AF5F4F3F14A8EA2C26DE30F7A1E17136 -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2011.04.21 14:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=DE6A75F5C270E756C5508D94B6CF68F5 -- C:\WINDOWS\system32\drivers\mup.sys
[2008.04.14 03:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2011.07.08 15:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) MD5=0109C4F3850DFBAB279542515386AE22 -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2008.04.27 13:22:26 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=F927A4434C5028758A842943EF1A3849 -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2008.04.14 03:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) MD5=EDC1531A49C80614B2CFDA43CA8659AB -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2010.11.02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=9282BD12DFB069D3889EB3FCC1000A9B -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2008.04.14 03:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) MD5=5D81CF9A2F1A3A756B66CF684911CDF0 -- C:\WINDOWS\system32\drivers\netbios.sys
[2008.04.14 03:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys
[2008.04.27 13:22:26 | 000,061,824 | ---- | M] (Microsoft Corporation) MD5=E9E47CFB2D461FA0FC75B7A74C6383EA -- C:\WINDOWS\system32\drivers\nic1394.sys
[2008.04.27 13:22:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=BE984D604D91C217355CDD3737AAD25D -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2008.04.14 03:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) MD5=1E421A6BCF2203CC61B821ADA9DE878B -- C:\WINDOWS\system32\drivers\nmnt.sys
[2012.01.12 21:27:16 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) MD5=B9730495E0CF674680121E34BD95A73B -- C:\WINDOWS\system32\drivers\npf.sys
[2008.04.14 03:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) MD5=3182D64AE053D6FB034F44B6DEF8034A -- C:\WINDOWS\system32\drivers\npfs.sys
[2008.04.14 03:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2001.10.25 19:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) MD5=73C1E1F395918BC2C6DD67AF7591A3AD -- C:\WINDOWS\system32\drivers\null.sys
[2007.12.05 02:41:00 | 007,435,392 | ---- | M] (NVIDIA Corporation) MD5=8C0456001B6900114BBB1C548BD8AAF5 -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2001.10.25 19:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) MD5=B305F3FAD35083837EF46A0BBCE2FC57 -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2001.10.25 19:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) MD5=C99B3415198D1AAB7227F2C88FD664B9 -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2008.04.14 03:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) MD5=8B8B1BE2DBA4025DA6786C645F77F123 -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2001.10.25 19:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) MD5=56D34A67C05E94E16377C60609741FF8 -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2001.10.25 19:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) MD5=C0BB7D1615E1ACBDC99757F6CEAF8CF0 -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2008.04.14 03:04:14 | 000,163,584 | ---- | M] (Microsoft Corporation) MD5=36B9B950E3D2E100970A48D8BAD86740 -- C:\WINDOWS\system32\drivers\nwrdr.sys
[2001.10.25 19:00:00 | 000,003,456 | ---- | M] (Microsoft Corporation) MD5=4BB30DDC53EBC76895E38694580CDFE9 -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2008.04.27 13:22:26 | 000,046,592 | ---- | M] (Microsoft Corporation) MD5=3FC38E7FBE91DB40C34731195F4116C2 -- C:\WINDOWS\system32\drivers\p3.sys
[2008.04.27 13:22:26 | 000,080,000 | ---- | M] (Microsoft Corporation) MD5=46F8DB73B4A53E543F8E371DC7C75BAE -- C:\WINDOWS\system32\drivers\parport.sys
[2008.04.14 03:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) MD5=BEB3BA25197665D82EC7065B724171C6 -- C:\WINDOWS\system32\drivers\partmgr.sys
[2001.10.25 19:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) MD5=1FAE19D0457176318BBA4A8795656EBC -- C:\WINDOWS\system32\drivers\parvdm.sys
[2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) MD5=175CC28DCF819F78CAA3FBD44AD9E52A -- C:\WINDOWS\system32\drivers\pccsmcfd.sys
[2008.04.14 07:10:38 | 000,068,736 | ---- | M] (Microsoft Corporation) MD5=6CE351D149CB4BEFC702951E471E1730 -- C:\WINDOWS\system32\drivers\pci.sys
[2001.10.24 10:52:28 | 000,003,328 | ---- | M] (Microsoft Corporation) MD5=2DA4EC85E0EA7A45C6B2A05820492D5A -- C:\WINDOWS\system32\drivers\pciide.sys
[2008.04.13 23:10:30 | 000,024,960 | ---- | M] (Microsoft Corporation) MD5=52E60F29221D0D1AC16737E8DBF7C3E9 -- C:\WINDOWS\system32\drivers\pciidex.sys
[2008.04.14 11:10:46 | 000,120,064 | ---- | M] (Microsoft Corporation) MD5=4FC31E6C19A5CE5198B1ABFF94CAE758 -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2008.04.13 22:49:42 | 000,146,048 | ---- | M] (Microsoft Corporation) MD5=E82A496C3961EFC6828B508C310CE98F -- C:\WINDOWS\system32\drivers\portcls.sys
[2008.04.27 13:22:26 | 000,039,680 | ---- | M] (Microsoft Corporation) MD5=7EB15DCE4EC3A0220BD796A15C18186E -- C:\WINDOWS\system32\drivers\processr.sys
[2008.04.14 03:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=09298EC810B07E5D582CB3A3F9255424 -- C:\WINDOWS\system32\drivers\psched.sys
[2001.10.25 19:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) MD5=80D317BD1C3DBC5D4FE7B1678C60CADD -- C:\WINDOWS\system32\drivers\ptilink.sys
[2001.10.25 19:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
[2008.04.14 03:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) MD5=11B4A627BC9614B885C4969BFA5FF8A6 -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2008.04.14 03:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=5BC962F2654137C9909C3D4603587DEE -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2008.04.14 03:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) MD5=EFEEC01B1D3CF84F16DDD24D9D9D8F99 -- C:\WINDOWS\system32\drivers\raspptp.sys
[2001.10.25 19:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) MD5=FDBB1D60066FCFBB7452FD8F9829B242 -- C:\WINDOWS\system32\drivers\raspti.sys
[2001.10.25 19:00:00 | 000,034,432 | ---- | M] (Microsoft Corporation) MD5=01524CD237223B18ADBB48F70083F101 -- C:\WINDOWS\system32\drivers\rawwan.sys
[2008.04.14 03:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) MD5=7AD224AD1A1437FE28D89CF22B17780A -- C:\WINDOWS\system32\drivers\rdbss.sys
[2001.10.25 19:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2008.04.13 22:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) MD5=15CABD0F7C00C47C70124907916AF3F1 -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2012.07.04 15:05:17 | 000,139,784 | ---- | M] (Microsoft Corporation) MD5=43AF5212BD8FB5BA6EED9754358BD8F7 -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2008.04.14 06:44:54 | 000,058,496 | ---- | M] (Microsoft Corporation) MD5=611BFD220305BE3A85AE876EA47D4AA5 -- C:\WINDOWS\system32\drivers\redbook.sys
[2008.04.27 13:22:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=A56FE08EC7473E8580A390BB1081CDD7 -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2008.04.27 13:22:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) MD5=0A854DF84C77A0BE205BFEAB2AE4F0EC -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008.05.08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) MD5=96F7A9A7BF0C9C0440A967440065D33C -- C:\WINDOWS\system32\drivers\rmcast.sys
[2008.04.14 03:26:50 | 000,030,592 | ---- | M] (Microsoft Corporation) MD5=601844CBCF617FF8C868130CA5B2039D -- C:\WINDOWS\system32\drivers\rndismp.sys
[2001.10.25 19:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=D8B0B4ADE32574B2D9C5CC34DC0DBBE7 -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2008.04.17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) MD5=B2957D6C1226F029230DAC2C46D34286 -- C:\WINDOWS\system32\drivers\RtkHDAud.sys
[2007.11.21 00:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) MD5=E10F6C9BD09D8DAE26E29D52C65E6E0F -- C:\WINDOWS\system32\drivers\Rtnicxp.sys
[2008.04.14 03:10:32 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=76C465F570E90C28942D52CCB2580A10 -- C:\WINDOWS\system32\drivers\scsiport.sys
[2008.04.14 03:06:46 | 000,079,232 | ---- | M] (Microsoft Corporation) MD5=8D04819A3CE51B9EB47E5689B44D43C4 -- C:\WINDOWS\system32\drivers\sdbus.sys
[2008.04.14 01:09:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\WINDOWS\system32\drivers\secdrv.sys
[2008.04.14 03:10:14 | 000,015,744 | ---- | M] (Microsoft Corporation) MD5=0F29512CCD6BEAD730039FB4BD2C85CE -- C:\WINDOWS\system32\drivers\serenum.sys
[2008.04.14 10:51:10 | 000,064,256 | ---- | M] (Microsoft Corporation) MD5=B842729337C9B921615C40D3C1A1AF96 -- C:\WINDOWS\system32\drivers\serial.sys
[2008.04.14 03:10:48 | 000,011,904 | ---- | M] (Microsoft Corporation) MD5=0FA803C64DF0914B41F807EA276BF2A6 -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2008.04.14 03:10:50 | 000,010,240 | ---- | M] (Microsoft Corporation) MD5=D66D22D76878BF3483A6BE30183FB648 -- C:\WINDOWS\system32\drivers\sffp_mmc.sys
[2008.04.14 03:10:48 | 000,011,008 | ---- | M] (Microsoft Corporation) MD5=C17C331E435ED8737525C86A7557B3AC -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2008.04.14 03:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2001.10.25 19:00:00 | 000,014,592 | ---- | M] (Microsoft Corporation) MD5=017DAECF0ED3AA731313433601EC40FA -- C:\WINDOWS\system32\drivers\smclib.sys
[2008.04.27 13:22:26 | 000,025,344 | ---- | M] (Microsoft Corporation) MD5=489703624DAC94ED943C2ABDA022A1CD -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2008.04.13 23:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys
[2008.04.14 11:11:28 | 000,073,344 | ---- | M] (Microsoft Corporation) MD5=94610C8653635E4459316A0050D55CE7 -- C:\WINDOWS\system32\drivers\sr.sys
[2011.02.17 14:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) MD5=47DDFC2F003F7F9F0592C6874962A2E7 -- C:\WINDOWS\system32\drivers\srv.sys
[2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) MD5=EAA66218CD39F5BB1B4853A78C67C787 -- C:\WINDOWS\system32\drivers\ss_bbus.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=F8A771C5A63DC641772B7A3B05AF173F -- C:\WINDOWS\system32\drivers\ss_bcm.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=F8A771C5A63DC641772B7A3B05AF173F -- C:\WINDOWS\system32\drivers\ss_bcmnt.sys
[2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) MD5=91765F99914ED8693D8BC76524F21581 -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys
[2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) MD5=840E7B738B03C10EE91D9B7D3D6EFF15 -- C:\WINDOWS\system32\drivers\ss_bmdm.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=29B73D03AE6EDABB88E50364B066A6CA -- C:\WINDOWS\system32\drivers\ss_bwh.sys
[2009.03.20 10:01:26 | 000,012,160 | ---- | M] (MCCI Corporation) MD5=29B73D03AE6EDABB88E50364B066A6CA -- C:\WINDOWS\system32\drivers\ss_bwhnt.sys
[2007.10.25 17:26:10 | 000,005,632 | ---- | M] () MD5=306521935042FC0A6988D528643619B3 -- C:\WINDOWS\system32\drivers\StarOpen.sys
[2008.04.13 22:15:16 | 000,049,408 | ---- | M] (Microsoft Corporation) MD5=3E5D89099DED9E86E5639F411693218F -- C:\WINDOWS\system32\drivers\stream.sys
[2008.04.27 13:22:26 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=3941D127AEF12E93ADDF6FE6EE027E0F -- C:\WINDOWS\system32\drivers\swenum.sys
[2008.04.13 23:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2008.04.13 23:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=8B83F3ED0F1688B4958F77CD6D2BF290 -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2008.04.14 03:10:52 | 000,014,976 | ---- | M] (Microsoft Corporation) MD5=FD6093E3DECD925F1CFFC8A0DD539D72 -- C:\WINDOWS\system32\drivers\tape.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) MD5=4E53BBCC4BE37D7A4BD6EF1098C89FF7 -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2008.04.14 03:30:06 | 000,019,072 | ---- | M] (Microsoft Corporation) MD5=0539D5E53587F82D1B4FD74C5BE205CF -- C:\WINDOWS\system32\drivers\tdi.sys
[2008.04.14 11:53:28 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008.04.14 11:53:28 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2008.04.14 06:53:26 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys
[2008.04.27 13:22:26 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=699450901C5CCFD82357CBC531CEDD23 -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2008.04.27 13:22:26 | 000,021,376 | ---- | M] (Toshiba Corporation) MD5=D74A8EC75305F1D3CFDE7C7FC1BD62A9 -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2008.04.27 13:22:26 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=8F861EDA21C05857EB8197300A92501C -- C:\WINDOWS\system32\drivers\tunmp.sys
[2008.04.14 03:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=5787B80C2E3C5E2F56C2A233D91FA2C9 -- C:\WINDOWS\system32\drivers\udfs.sys
[2008.04.14 03:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) MD5=402DDC88356B1BAC0EE3DD1580C76A31 -- C:\WINDOWS\system32\drivers\update.sys
[2008.04.14 03:26:50 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=BEE793D4A059CAEA55D6AC20E19B3A8F -- C:\WINDOWS\system32\drivers\usb8023.sys
[2008.04.27 13:22:26 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=1C1A47B40C23358245AA8D0443B6935E -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2008.04.27 13:22:26 | 000,025,728 | ---- | M] (Microsoft Corporation) MD5=CE97845D2E3F0D274B8BAC1ED07C6149 -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2001.10.25 19:00:00 | 000,004,736 | ---- | M] (Microsoft Corporation) MD5=596EB39B50D6EBD9B734DC4AE0544693 -- C:\WINDOWS\system32\drivers\usbd.sys
[2008.04.13 23:15:36 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=65DCF09D0E37D4C6B11B5B0B76D470A7 -- C:\WINDOWS\system32\drivers\usbehci.sys
[2008.04.13 23:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) MD5=1AB3CDDE553B6E064D2E754EFE20285C -- C:\WINDOWS\system32\drivers\usbhub.sys
[2008.04.27 13:22:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=290913DC4F1125E5A82DE52579A44C43 -- C:\WINDOWS\system32\drivers\usbintel.sys
[2008.04.13 23:15:38 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=791912E524CC2CC6F50B5F2B52D1EB71 -- C:\WINDOWS\system32\drivers\usbport.sys
[2008.04.13 22:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2008.04.13 22:15:36 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2008.04.14 03:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys
[2008.04.14 03:15:36 | 000,020,608 | ---- | M] (Microsoft Corporation) MD5=26496F9DEE2D787FC3E61AD54821FFE6 -- C:\WINDOWS\system32\drivers\usbuhci.sys
[2008.04.27 13:22:26 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) MD5=55E01061C74A8CEFFF58DC36114A8D3F -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2008.04.14 03:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=0D3A8FAFCEACD8B7625CD549757A7DF1 -- C:\WINDOWS\system32\drivers\vga.sys
[2008.04.14 03:14:42 | 000,081,664 | ---- | M] (Microsoft Corporation) MD5=E28726B72C46821A28830E077D39A55B -- C:\WINDOWS\system32\drivers\videoprt.sys
[2008.04.14 10:42:06 | 000,052,480 | ---- | M] (Microsoft Corporation) MD5=28A4B296B47782173C346E376CB374D1 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2008.04.14 03:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) MD5=E20B95BAEDB550F32DD489265C1DA1F6 -- C:\WINDOWS\system32\drivers\wanarp.sys
[2008.04.13 23:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) MD5=6768ACF64B18196494413695F0C3A00F -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2001.10.25 19:00:00 | 000,004,352 | ---- | M] (Microsoft Corporation) MD5=2F31B7F954BED437F2C75026C65CAF7B -- C:\WINDOWS\system32\drivers\wmilib.sys
[2008.04.27 14:19:28 | 000,038,528 | ---- | M] (Microsoft Corporation) MD5=CF4DEF1BF66F06964DC0D91844239104 -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2001.10.25 19:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2008.04.27 14:19:28 | 000,077,568 | ---- | M] (Microsoft Corporation) MD5=F15FEAFFFBB3644CCC80C5DA584E6311 -- C:\WINDOWS\system32\drivers\wudfpf.sys
[2008.04.27 14:19:30 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=28B524262BCE6DE1F7EF9F510BA3985B -- C:\WINDOWS\system32\drivers\wudfrd.sys
Re: Combofix
< %systemroot%\system32\*.sys /md5 >
[2001.10.25 19:00:00 | 000,009,035 | ---- | M] () MD5=A0D62056B9B494C09EE9AC6FD94E4074 -- C:\WINDOWS\system32\ansi.sys
[2001.10.25 19:00:00 | 000,027,097 | ---- | M] () MD5=0FE9F16075C9ACB941C957B7C649176E -- C:\WINDOWS\system32\country.sys
[2009.03.31 09:39:36 | 000,036,608 | ---- | M] () MD5=790A4CA68F44BE35967B3DF61F3E4675 -- C:\WINDOWS\system32\FsUsbExDisk.Sys
[2001.10.25 19:00:00 | 000,004,880 | ---- | M] () MD5=2DE9700B53CD22189CCAEE42246DF396 -- C:\WINDOWS\system32\himem.sys
[2001.10.25 19:00:00 | 000,042,809 | ---- | M] () MD5=582BCDD47CF4B68B5CB528F18E3CB808 -- C:\WINDOWS\system32\key01.sys
[2008.04.14 01:20:56 | 000,042,537 | ---- | M] () MD5=FBBCFEC1379C5C02D88A361993EDF1B8 -- C:\WINDOWS\system32\keyboard.sys
[2008.04.14 02:21:50 | 000,017,920 | ---- | M] (Your Corporation) MD5=1DC273A5F666D68907632F75EE7917DD -- C:\WINDOWS\system32\Ntaccess.sys
[2001.10.25 19:00:00 | 000,027,898 | ---- | M] () MD5=C1B822C0E789D22ADBFFE4FB3B2CEC7A -- C:\WINDOWS\system32\ntdos.sys
[2001.10.25 19:00:00 | 000,029,146 | ---- | M] () MD5=CF9ED169FF86D935E47999E82359E898 -- C:\WINDOWS\system32\ntdos404.sys
[2001.10.25 19:00:00 | 000,029,370 | ---- | M] () MD5=03B945AC0481CD8BB161C3569D8ED1C3 -- C:\WINDOWS\system32\ntdos411.sys
[2001.10.25 19:00:00 | 000,029,274 | ---- | M] () MD5=BBC957DC18C17CC027EB80B7C77F2AEA -- C:\WINDOWS\system32\ntdos412.sys
[2001.10.25 19:00:00 | 000,029,146 | ---- | M] () MD5=3CFFAEFFF23B0D208214A6D3061A5B1B -- C:\WINDOWS\system32\ntdos804.sys
[2008.04.14 01:19:48 | 000,033,904 | ---- | M] () MD5=8856178A5F96B98C55F3C7987F02F36B -- C:\WINDOWS\system32\ntio.sys
[2008.04.14 01:19:44 | 000,034,560 | ---- | M] () MD5=6F73F50162DEF60C84B725C18CD9140F -- C:\WINDOWS\system32\ntio404.sys
[2008.04.14 01:19:40 | 000,035,648 | ---- | M] () MD5=0FDD5E69C1FF3B58043D44F2CC743D45 -- C:\WINDOWS\system32\ntio411.sys
[2008.04.14 01:19:44 | 000,035,424 | ---- | M] () MD5=8842837C4D8311BF8E72BEE8CCC42217 -- C:\WINDOWS\system32\ntio412.sys
[2008.04.14 01:19:42 | 000,034,560 | ---- | M] () MD5=6B56CEB3C6F9D5CD7293DBD9FE23B311 -- C:\WINDOWS\system32\ntio804.sys
[2008.04.14 03:15:00 | 000,017,664 | ---- | M] (Microsoft Corporation) MD5=9A10AACBFDC4922715375FB4065EC930 -- C:\WINDOWS\system32\watchdog.sys
[2012.11.13 12:55:10 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=32FD45D6C42F15B888BA9E4840B26BE6 -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /md5 >
[2010.02.12 05:35:01 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=D76E9F5A991458A9F7E28395479B3150 -- C:\WINDOWS\system32\6to4svc.dll
[2001.10.25 19:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=E37DA3CBBA9DF81CD6DB3B717EEEF0ED -- C:\WINDOWS\system32\aaaamon.dll
[2008.04.14 11:51:36 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=0097E7143F3277A855B614CFA9C5A9D4 -- C:\WINDOWS\system32\aaclient.dll
[2001.10.25 19:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=97DCE3628947B0F846622EA90B115013 -- C:\WINDOWS\system32\acctres.dll
[2001.10.25 19:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=5F00FD001E9B2971F677CBD05B4D4CFF -- C:\WINDOWS\system32\acledit.dll
[2008.04.14 11:51:38 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=EBDC055F92A77340D363D44082482AF7 -- C:\WINDOWS\system32\aclui.dll
[2008.04.14 11:51:38 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=28217BEA16EC1790ADF5495BDCD03B35 -- C:\WINDOWS\system32\activeds.dll
[2008.04.14 11:51:38 | 000,098,304 | ---- | M] (Microsoft Corporation) MD5=508B8A0B72953469B3282A495CA6D482 -- C:\WINDOWS\system32\actxprxy.dll
[2009.03.08 04:32:56 | 000,072,704 | ---- | M] (Microsoft Corporation) MD5=6DB2CAE1A84068CEBA0E768BB5C29009 -- C:\WINDOWS\system32\admparse.dll
[2001.10.25 19:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=E1EDE7B582436565034204FA2A54E3F5 -- C:\WINDOWS\system32\adptif.dll
[2008.04.14 11:51:38 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=D95D91A67D4B73D0E5A7C29F91793D33 -- C:\WINDOWS\system32\adsldp.dll
[2008.04.14 11:51:38 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=B88893C7FB9671C84DBF6400CD2170CD -- C:\WINDOWS\system32\adsldpc.dll
[2008.04.14 11:51:38 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=BD1423117D1F2C93CBF7565421966B8E -- C:\WINDOWS\system32\adsmsext.dll
[2001.10.25 19:00:00 | 000,162,304 | ---- | M] (Microsoft Corporation) MD5=8ED684735C8610E887A7BAE2442B5FDE -- C:\WINDOWS\system32\adsnds.dll
[2008.04.14 11:51:38 | 000,263,680 | ---- | M] (Microsoft Corporation) MD5=42B0246C08FE46774E0E23C00824DFFC -- C:\WINDOWS\system32\adsnt.dll
[2008.04.14 11:51:38 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=40100FD6351B337C9B7C66005F0C0134 -- C:\WINDOWS\system32\adsnw.dll
[2009.02.09 11:56:05 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=0171CFF34BBA8C5977F18C48D8AEF8C6 -- C:\WINDOWS\system32\advapi32.dll
[2009.03.08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) MD5=8FED1E0A491D4990853D23F21C59C730 -- C:\WINDOWS\system32\advpack.dll
[2008.04.14 11:51:38 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=E0A6FA244B8624D78FE5FF6F56A33BAE -- C:\WINDOWS\system32\alrsvc.dll
[2008.04.14 11:51:38 | 000,070,656 | ---- | M] () MD5=0F071004BEE60743E887550FC298C3DE -- C:\WINDOWS\system32\amstream.dll
[2001.10.25 19:00:00 | 000,102,912 | ---- | M] (Microsoft Corporation) MD5=B4EC770C5E4B4BDB3DB41F2BABA45321 -- C:\WINDOWS\system32\apcups.dll
[2008.04.14 11:51:38 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=11882C729C6B2E2E045F8B93BDB69295 -- C:\WINDOWS\system32\apphelp.dll
[2008.04.14 11:51:38 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=6B8E7A90E576D4FE308F97C69060A171 -- C:\WINDOWS\system32\appmgmts.dll
[2008.04.14 11:51:38 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=25F783627FC2E9A667F07EF019A98DBE -- C:\WINDOWS\system32\appmgr.dll
[2008.04.27 14:19:30 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=209A8C29E633276A64F43D26EDE54456 -- C:\WINDOWS\system32\asferror.dll
[2010.03.05 15:42:09 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=B467FBA0BE03649B8C3416362DC9D910 -- C:\WINDOWS\system32\asycfilt.dll
[2001.10.25 19:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=4C0523315AEADA87DC6FD2F308CC51AC -- C:\WINDOWS\system32\atkctrs.dll
[2009.07.17 20:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AC531D7E51B7B5FB52D7585935222DE6 -- C:\WINDOWS\system32\atl.dll
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) MD5=C11D10A3C164AC222BC9AAB3650A88B3 -- C:\WINDOWS\system32\atmfd.dll
[2008.04.14 11:51:38 | 000,030,208 | ---- | M] (Adobe Systems) MD5=31385658D16F50715D6F825FA07CE872 -- C:\WINDOWS\system32\atmlib.dll
[2001.10.25 19:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=0604C35EAA2C7CDDBEE606C910237BA8 -- C:\WINDOWS\system32\atmpvcno.dll
[2001.10.25 19:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=0262C9C910167F1117CF74923EA1F443 -- C:\WINDOWS\system32\atrace.dll
[2008.04.27 14:19:02 | 000,276,992 | ---- | M] (Microsoft Corporation) MD5=4C48F1B30A82583CAEE0DA02DD7259EE -- C:\WINDOWS\system32\audiodev.dll
[2008.04.14 11:51:38 | 000,042,496 | ---- | M] (Microsoft Corporation) MD5=DE31B88962A8645DBA5A37B993E7B0F1 -- C:\WINDOWS\system32\audiosrv.dll
[2008.04.14 11:51:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=DEA06DA25BB393E0A69C6E71BE5681DC -- C:\WINDOWS\system32\authz.dll
[2001.10.25 19:00:00 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=CC216AD11703B444B5D7EF64FEF3A4F7 -- C:\WINDOWS\system32\autodisc.dll
[2001.10.25 19:00:00 | 000,070,272 | ---- | M] (Microsoft Corporation) MD5=ADC26F33E41434D781824E8A9B65B247 -- C:\WINDOWS\system32\avicap.dll
[2001.10.25 19:00:00 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=3AEDA2898ED4A0EDF6A2626AB6EFD26F -- C:\WINDOWS\system32\avicap32.dll
[2009.11.27 17:09:42 | 000,084,992 | ---- | M] (Microsoft Corporation) MD5=E0D95FEA7F12175A77E08AB8D52359A4 -- C:\WINDOWS\system32\avifil32.dll
[2001.10.25 19:00:00 | 000,109,456 | ---- | M] (Microsoft Corporation) MD5=CC574ADC56476DA2B9EC6F3697D25AA6 -- C:\WINDOWS\system32\avifile.dll
[2001.10.25 19:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=02DED0C91B39C6DB2D14A1F905CD5C07 -- C:\WINDOWS\system32\avmeter.dll
[2001.10.25 19:00:00 | 000,228,864 | ---- | M] (Microsoft Corporation) MD5=1E8E1C74507878833C6B0DBC6674A3A7 -- C:\WINDOWS\system32\avtapi.dll
[2001.10.25 19:00:00 | 000,073,216 | ---- | M] (Microsoft Corporation) MD5=EB9BEA5F8864E40A51D71937A178A577 -- C:\WINDOWS\system32\avwav.dll
[2008.04.14 11:51:38 | 000,233,472 | ---- | M] (Microsoft Corporation) MD5=073E0E71D9200CD05E08E227ACA3B24A -- C:\WINDOWS\system32\azroles.dll
[2008.04.14 11:51:38 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=F36278E42C8C5DF03CE17DAC8231C91C -- C:\WINDOWS\system32\basesrv.dll
[2008.04.14 11:51:38 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=E868299439DCBFD5117A2FEB90217C84 -- C:\WINDOWS\system32\batmeter.dll
[2008.04.14 11:51:38 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=83FE9014478DF98905DF268CE421732D -- C:\WINDOWS\system32\batt.dll
[2008.04.14 11:51:38 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=90549E8A74806EDBD0E6495FD3867BC5 -- C:\WINDOWS\system32\bidispl.dll
[2008.04.14 11:51:38 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=86278AFE565DF6C70C249AC9E18905B0 -- C:\WINDOWS\system32\bitsprx2.dll
[2008.04.14 11:51:38 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=21163275699B2EEB43889F5C90E239BE -- C:\WINDOWS\system32\bitsprx3.dll
[2008.04.14 11:51:38 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=B1EA6F52633E1BA24354CD0EFDA25B0A -- C:\WINDOWS\system32\bitsprx4.dll
[2008.04.27 14:19:30 | 000,542,720 | ---- | M] (Microsoft Corporation) MD5=CA4603AB0CB1C86736302BAA0AB5177C -- C:\WINDOWS\system32\blackbox.dll
[2001.10.25 19:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=CC306BF581446D5E443EAE5B3BB900F0 -- C:\WINDOWS\system32\bootvid.dll
[2008.04.14 10:44:44 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=C73590BBD367FF6F45D3457D2C4CC169 -- C:\WINDOWS\system32\browselc.dll
[2012.07.06 14:58:55 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=89E739BBA5F636297EA5B5F811189E06 -- C:\WINDOWS\system32\browser.dll
[2008.04.14 11:51:38 | 001,025,024 | ---- | M] (Společnost Microsoft) MD5=E45ECB5A023F77F813CD0DFF92699B76 -- C:\WINDOWS\system32\browseui.dll
[2008.04.14 11:51:38 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=73F3413997E3E1B9C17C23F95E8944CE -- C:\WINDOWS\system32\browsewm.dll
[2008.04.14 07:51:38 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=4E8F87A600FB3E27D117593AB8D7C6D9 -- C:\WINDOWS\system32\bthci.dll
[2008.04.14 07:51:38 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=70CA4B3F634C9DCA200832F8DA76E009 -- C:\WINDOWS\system32\bthserv.dll
[2008.04.14 11:51:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=15D2E25BEEA853A1CF69CB20F8940303 -- C:\WINDOWS\system32\btpanui.dll
[2008.04.14 11:51:38 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=8702CD069DE8F6B527E92CF55F78D5D2 -- C:\WINDOWS\system32\cabinet.dll
[2010.01.13 15:02:00 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=1D007155DE39C109A08F925B3C724087 -- C:\WINDOWS\system32\cabview.dll
[2008.04.14 11:51:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=2CD6E3FF5AC8D0F9DD9A5B332E95F977 -- C:\WINDOWS\system32\camocx.dll
[2008.04.14 11:51:38 | 000,151,040 | ---- | M] (Microsoft Corporation) MD5=941460A7836FB892136C2A4DC5377072 -- C:\WINDOWS\system32\capesnpn.dll
[2001.10.25 19:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=AB0A0B1502621A7C729204F5C0964041 -- C:\WINDOWS\system32\cards.dll
[2008.04.14 11:51:38 | 000,226,304 | ---- | M] (Microsoft Corporation) MD5=75C9F0430807CF68D7EAD7F4A877869D -- C:\WINDOWS\system32\catsrv.dll
[2008.04.14 11:51:38 | 000,085,504 | ---- | M] (Microsoft Corporation) MD5=8849D48CA8E28B3098A0FF4586FDD876 -- C:\WINDOWS\system32\catsrvps.dll
[2008.04.14 11:51:38 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=BB21277B582BB7228C39E02CEB633AEA -- C:\WINDOWS\system32\catsrvut.dll
[2001.10.25 19:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=0562BEC025B5FFED301DA16E30DFA5B0 -- C:\WINDOWS\system32\ccfgnt.dll
[2008.04.14 11:51:38 | 000,151,552 | ---- | M] (Microsoft Corporation) MD5=A83C8D4BFD247FC61E543E870A019032 -- C:\WINDOWS\system32\cdfview.dll
[2012.06.02 14:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) MD5=818ABC21117E07A8A03E9F32E0E388B5 -- C:\WINDOWS\system32\cdm.dll
[2001.10.25 19:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3087166B7C6FE4F3208FDFB037147218 -- C:\WINDOWS\system32\cdmodem.dll
[2008.04.14 11:51:38 | 002,091,520 | ---- | M] (Microsoft Corporation) MD5=30A02A8DA73EBA479930E0473C0FF486 -- C:\WINDOWS\system32\cdosys.dll
[2008.04.14 11:51:38 | 000,196,096 | ---- | M] (Microsoft Corporation) MD5=7BF2BC7728F77838E195743E76727F7B -- C:\WINDOWS\system32\certcli.dll
[2008.04.14 11:51:40 | 000,460,800 | ---- | M] (Microsoft Corporation) MD5=90F297FB739846A77B724D744C0B7BBC -- C:\WINDOWS\system32\certmgr.dll
[2008.04.27 14:19:30 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=402C9D2691AE7B2A8EFDDED9124203B7 -- C:\WINDOWS\system32\cewmdm.dll
[2008.04.14 11:51:40 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=84432993C8A29E98F85394C6BDB309D3 -- C:\WINDOWS\system32\cfgbkend.dll
[2008.04.14 11:38:20 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=F23EB535F0834B3B1E0CDD16DB4ED7A1 -- C:\WINDOWS\system32\cfgmgr32.dll
[2001.10.25 19:00:00 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=DAB03B6BA2E8C7AB75C9187754F45A7C -- C:\WINDOWS\system32\ciadmin.dll
[2008.04.14 11:51:40 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=254F8ECCF9DB3AEEFB5B027AFEA632A7 -- C:\WINDOWS\system32\cic.dll
[2008.04.14 11:51:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=C673C307BA9C3A48265F578DC99F0D6D -- C:\WINDOWS\system32\ciodm.dll
[2001.10.25 19:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=A4CDADF8BE9ED5C66DC84D74BEF66A4A -- C:\WINDOWS\system32\clb.dll
[2008.04.14 11:51:40 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=CD74923E8249896FD33E55A1C95F3C1F -- C:\WINDOWS\system32\clbcatex.dll
[2008.04.14 11:51:40 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=66DF63A7BAE72033C2E7E9B60A20E05C -- C:\WINDOWS\system32\clbcatq.dll
[2008.04.14 11:51:40 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=C9C771FFB90750B90FD33A1543BE27F4 -- C:\WINDOWS\system32\cliconfg.dll
[2008.04.14 11:51:40 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=F0A0997640611EB605A122023FE47204 -- C:\WINDOWS\system32\clusapi.dll
[2008.04.14 11:51:40 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=DBD64205545047B0F5D475F0092AC89A -- C:\WINDOWS\system32\cmcfg32.dll
[2008.04.14 11:51:40 | 000,346,624 | ---- | M] (Microsoft Corporation) MD5=CF8EFEED513F751546EA0BF88900D4AD -- C:\WINDOWS\system32\cmdial32.dll
[2001.10.25 19:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=76DD2962B83AF7F0065423D661B6F1A5 -- C:\WINDOWS\system32\cmpbk32.dll
[2008.04.14 11:51:40 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=1BB5DAC609F2F768A2DB4513240867F5 -- C:\WINDOWS\system32\cmprops.dll
[2008.04.14 11:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=127945E58C0BC5B99B837A659B6DC1E6 -- C:\WINDOWS\system32\cmsetACL.dll
[2008.04.14 11:51:40 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=2F5B3BB54ED190FACF4D016F5C41CE68 -- C:\WINDOWS\system32\cmutil.dll
[2008.04.27 13:22:26 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=EDB3D87983DA77A0A4CFA046C8BCE5CA -- C:\WINDOWS\system32\cnbjmon.dll
[2001.10.25 19:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=4EC599B15DA23FE62DCF3105589BFA39 -- C:\WINDOWS\system32\cnetcfg.dll
[2001.10.25 19:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6521ED584C3E12BECFE7D7F8E81BB695 -- C:\WINDOWS\system32\cnvfat.dll
[2008.04.14 11:51:40 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=0892B57DC527FCED9FB02F2E6343C5FF -- C:\WINDOWS\system32\colbact.dll
[2008.04.14 11:51:40 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=071CFFA2446CC6D314AF05B007CF994F -- C:\WINDOWS\system32\comaddin.dll
[2001.10.25 19:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) MD5=8511E433FB0E0EA5D62E94E50CF1CF9B -- C:\WINDOWS\system32\comcat.dll
[2010.08.23 17:12:35 | 000,617,472 | ---- | M] (Microsoft Corporation) MD5=E145ADD7DAEF759C4F5FB80A180A9C30 -- C:\WINDOWS\system32\comctl32.dll
[2008.04.14 11:51:40 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=D6F092E2D661AD284D34189B78FE08E6 -- C:\WINDOWS\system32\comdlg32.dll
[2001.10.25 19:00:00 | 000,033,040 | ---- | M] (Microsoft Corporation) MD5=46576BBC68050ECB3B70BE8EA1FDF5CB -- C:\WINDOWS\system32\commdlg.dll
[2008.04.14 11:51:40 | 000,253,440 | ---- | M] () MD5=AB34EF0BA85F7FC63C77B36EF5578C0F -- C:\WINDOWS\system32\compatUI.dll
[2001.10.25 19:00:00 | 000,030,160 | ---- | M] (Microsoft Corporation) MD5=40F9FC896B2BA69FDC04D75E9D00DD01 -- C:\WINDOWS\system32\compobj.dll
[2008.04.14 11:51:40 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=20670523A556E12B15BB7F670FE817BD -- C:\WINDOWS\system32\compstui.dll
[2008.04.14 11:51:40 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=776AB9308D6A2004A7115F9ECC57D6CA -- C:\WINDOWS\system32\comrepl.dll
[2008.04.14 11:51:40 | 000,806,912 | ---- | M] (Microsoft Corporation) MD5=E7B375DFFB68A16659CA66474A280C47 -- C:\WINDOWS\system32\comres.dll
[2008.04.14 11:51:40 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AAFF743AFCBD29B59DF61FDD3EA71015 -- C:\WINDOWS\system32\comsnap.dll
[2008.04.14 11:51:40 | 001,267,200 | ---- | M] (Microsoft Corporation) MD5=48D065081DC8666764A903952AD6FB80 -- C:\WINDOWS\system32\comsvcs.dll
[2008.04.14 11:38:58 | 000,539,648 | ---- | M] (Microsoft Corporation) MD5=43A605F5BA233BC3C76BFC7A3ABDC441 -- C:\WINDOWS\system32\comuid.dll
[2008.04.14 11:51:40 | 000,358,400 | ---- | M] (Microsoft Corporation) MD5=C460B9FA682B4A25DE5ABE6207A773F8 -- C:\WINDOWS\system32\confmsp.dll
[2001.10.25 19:00:00 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=6497B3454028C916A3672A7A5FB01A55 -- C:\WINDOWS\system32\console.dll
[2009.03.08 04:33:40 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8FCF03E4D7BE9B5587CCF11719959006 -- C:\WINDOWS\system32\corpol.dll
[2008.04.14 11:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=5B885D923D5BD8D575F19F31FA7D8B50 -- C:\WINDOWS\system32\credssp.dll
[2008.04.14 11:51:40 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=1D37681166E7B0AE1FABF5676439F924 -- C:\WINDOWS\system32\credui.dll
[2001.10.25 19:00:00 | 000,149,019 | ---- | M] (Microsoft Corporation) MD5=EC847B708A3CB3687989C5AA7A21D9E6 -- C:\WINDOWS\system32\crtdll.dll
[2012.06.01 17:50:13 | 000,604,160 | ---- | M] (Microsoft Corporation) MD5=D9E559D292CCF9531FB1A1A20F04432A -- C:\WINDOWS\system32\crypt32.dll
[2008.04.14 11:51:40 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=EBDD54F4F81658569458E940AB6F875E -- C:\WINDOWS\system32\cryptdlg.dll
[2008.04.14 11:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=6A9BDF7029BD29FBF3BE6EE6CD768013 -- C:\WINDOWS\system32\cryptdll.dll
[2008.04.14 11:51:40 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=1A10B0ECE239954B352610396986B156 -- C:\WINDOWS\system32\cryptext.dll
[2008.04.14 11:51:40 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=47E827EB2C26A383AD16BF80C0FCA8FA -- C:\WINDOWS\system32\cryptnet.dll
[2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 11:51:40 | 000,515,584 | ---- | M] (Microsoft Corporation) MD5=F37A3D11450C4BA9BD862DFF7451728C -- C:\WINDOWS\system32\cryptui.dll
[2008.04.14 11:51:40 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=616A0CC9DA2BAA008306EEA895F8BC0F -- C:\WINDOWS\system32\cscdll.dll
[2008.04.14 11:51:40 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=65DDCE6C4F63C6AAC3D99EFBA4C1E9C4 -- C:\WINDOWS\system32\cscui.dll
[2011.10.28 06:32:18 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=CE440A5DEB0861CC621A6A704EBB1E71 -- C:\WINDOWS\system32\csrsrv.dll
[2001.10.25 19:00:00 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=0085925715B7349B58DDCA7CFDA2668B -- C:\WINDOWS\system32\csseqchk.dll
[2001.10.25 19:00:00 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=17EA3CB4C7480938915A0CA3E8D01672 -- C:\WINDOWS\system32\ctl3d32.dll
[2001.10.25 19:00:00 | 000,027,200 | ---- | M] (Microsoft Corporation) MD5=637D88E7A1BEDC4457C80DBC8BA9F135 -- C:\WINDOWS\system32\ctl3dv2.dll
[2008.04.14 11:51:40 | 001,179,648 | ---- | M] (Microsoft Corporation) MD5=0B5EAD900C1FA4ED9CCE4C1752DF9C35 -- C:\WINDOWS\system32\d3d8.dll
[2008.04.14 11:51:40 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=9C2859570CDF9A161B31A886051FDC3E -- C:\WINDOWS\system32\d3d8thk.dll
[2008.04.14 11:51:40 | 001,689,088 | ---- | M] (Microsoft Corporation) MD5=3B8AE11A3419DF8239183E94888702FA -- C:\WINDOWS\system32\d3d9.dll
[2001.10.25 19:00:00 | 000,436,224 | ---- | M] (Microsoft Corporation) MD5=F5AC66458E8FFDBDFCE6697302001B46 -- C:\WINDOWS\system32\d3dim.dll
[2008.04.14 11:51:40 | 000,824,320 | ---- | M] (Microsoft Corporation) MD5=B52252D209CBB7C5C72E24F09F159FDA -- C:\WINDOWS\system32\d3dim700.dll
[2001.10.25 19:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=F0B54C6C141EF0B6D9DDCB1437FF1F44 -- C:\WINDOWS\system32\d3dpmesh.dll
[2001.10.25 19:00:00 | 000,590,336 | ---- | M] (Microsoft Corporation) MD5=D0C76D4BA41FEEFCF63B6C2047374CFD -- C:\WINDOWS\system32\d3dramp.dll
[2001.10.25 19:00:00 | 000,350,208 | ---- | M] (Microsoft Corporation) MD5=82F4F645939737D4778CA161478E415C -- C:\WINDOWS\system32\d3drm.dll
[2001.10.25 19:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=429A9BBCFF98C7F174ECD9AE65D9D82B -- C:\WINDOWS\system32\d3dxof.dll
[2008.04.14 11:51:40 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=956DA230A0F11BFE4964795BFC7C08CF -- C:\WINDOWS\system32\danim.dll
[2008.04.14 11:51:40 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=F5EB8465F1684F001E37547989D8CFDC -- C:\WINDOWS\system32\dataclen.dll
[2008.04.14 11:51:40 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=C0A5566702B185920997B3DA1833A37C -- C:\WINDOWS\system32\datime.dll
[2008.04.14 11:51:40 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=2B50EA34CBCFAB1B71E66EAFC1F9AB8C -- C:\WINDOWS\system32\davclnt.dll
[2001.10.25 19:00:00 | 000,847,872 | ---- | M] (Microsoft Corporation) MD5=19DA62D84D0FC3A04B6D8704C56049E8 -- C:\WINDOWS\system32\dbgeng.dll
[2008.04.14 11:51:40 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=63C065DAF6710E33DA7976BBDF77CAFC -- C:\WINDOWS\system32\dbghelp.dll
[2008.04.14 11:51:40 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=4F3F89A4D10427BC2FE856B6E0633373 -- C:\WINDOWS\system32\dbmsrpcn.dll
[2008.04.14 11:51:40 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4724343152F548DC68B21022653A0C4C -- C:\WINDOWS\system32\dbnetlib.dll
[2008.04.14 11:51:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=E16F809C2645ABD72ED4D6605A1E4E34 -- C:\WINDOWS\system32\dbnmpntw.dll
[2008.04.14 11:51:40 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=3F3135D4015FD9FEF531CCF8DC4E4FD4 -- C:\WINDOWS\system32\dciman32.dll
[2001.10.25 19:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=CCF9CD57A7E06E13E3F84911CD82DA3A -- C:\WINDOWS\system32\ddeml.dll
[2008.04.14 11:51:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=EDAD701F01FFD9B5799B8FCF1CF6BDA7 -- C:\WINDOWS\system32\ddraw.dll
[2008.04.14 11:51:40 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=E6BA5A680CBEC0D04DDDBE8A950C5664 -- C:\WINDOWS\system32\ddrawex.dll
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) MD5=0686CD90E881F84A2950951A305443E7 -- C:\WINDOWS\system32\deployJava1.dll
[2001.10.25 19:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=B863AABB648A5940121FA6325A0E000E -- C:\WINDOWS\system32\deskadp.dll
[2001.10.25 19:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=9B4DBFD1256E09C45494D9622995633C -- C:\WINDOWS\system32\deskmon.dll
[2001.10.25 19:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=4996DCF939FF146240F39F0D915194D6 -- C:\WINDOWS\system32\deskperf.dll
[2008.04.14 11:51:40 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=EB75522B353F5C141B1B1F1C5940E9DB -- C:\WINDOWS\system32\devenum.dll
[2008.04.14 11:51:40 | 000,283,648 | ---- | M] (Microsoft Corporation) MD5=7EAEB8FBD9B69E393521759CE4C79F9C -- C:\WINDOWS\system32\devmgr.dll
[2001.10.25 19:00:00 | 000,053,760 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) MD5=8FCC7284930FD714352DED243D426492 -- C:\WINDOWS\system32\dfrgres.dll
[2008.04.14 11:51:40 | 000,039,424 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) MD5=5CD3911FA60CF4425C372A8F96EA1AF9 -- C:\WINDOWS\system32\dfrgsnap.dll
[2008.04.14 11:51:40 | 000,124,416 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) MD5=E028E19305A42CCE1A51451B499E68E7 -- C:\WINDOWS\system32\dfrgui.dll
[2009.11.07 00:06:46 | 001,130,824 | ---- | M] (Microsoft Corporation) MD5=41E107E57DD21B2A119709F0BB8CE576 -- C:\WINDOWS\system32\dfshim.dll
[2008.04.14 11:51:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=60D47B50393F0C660A5AAF4ACB984BAC -- C:\WINDOWS\system32\dfsshlex.dll
[2008.04.14 11:51:40 | 000,113,664 | ---- | M] (Microsoft) MD5=D6829B55D55956FDBB13A9FB0B0852B7 -- C:\WINDOWS\system32\dgnet.dll
[2001.10.25 19:00:00 | 000,176,157 | ---- | M] (Digi International, Inc.) MD5=3B44B34F5BBFB1BD8061C67F6D03E89B -- C:\WINDOWS\system32\dgrpsetu.dll
[2001.10.25 19:00:00 | 000,085,020 | ---- | M] (Digi International) MD5=663C8F086E9E1468BCA4AB24BFE688D9 -- C:\WINDOWS\system32\dgsetup.dll
[2008.04.14 11:51:40 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=8C9A53E285AC5E6704844D0459EC85BE -- C:\WINDOWS\system32\dhcpcsvc.dll
[2008.04.14 11:51:40 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=FE9A7A687B9D41097E3A3A3EC6F36201 -- C:\WINDOWS\system32\dhcpmon.dll
[2008.04.14 11:51:40 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=F8D32B7AD69453549C2BD7014F2BACE7 -- C:\WINDOWS\system32\dhcpqec.dll
[2001.10.25 19:00:00 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=32B351296F61664114DC0CC8DE2C7AF9 -- C:\WINDOWS\system32\dhcpsapi.dll
[2001.10.25 19:00:00 | 000,394,752 | ---- | M] (Microsoft Corporation) MD5=B1AA013BF28C6BC68DD8352545AF8DE2 -- C:\WINDOWS\system32\diactfrm.dll
[2008.04.14 11:51:40 | 000,068,608 | ---- | M] (Microsoft Corporation) MD5=50EAEE3F7F79A3206311AD09CB6EE2F1 -- C:\WINDOWS\system32\digest.dll
[2001.10.25 19:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=4CC2BE820AF6C1D3BF6D3BC7806CA1DB -- C:\WINDOWS\system32\dimap.dll
[2008.04.14 11:51:40 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=883E504885373DCC08DFEF30A10E4F12 -- C:\WINDOWS\system32\dimsntfy.dll
[2008.04.14 11:51:40 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=B5415C64D1AAE6917B336D27CD357689 -- C:\WINDOWS\system32\dimsroam.dll
[2008.04.14 11:51:40 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=B732D7E1C442CDBB65A2DA7BAC3580F0 -- C:\WINDOWS\system32\dinput.dll
[2008.04.14 11:51:40 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B660287C9B39EB864B10A73C743D4BAF -- C:\WINDOWS\system32\dinput8.dll
[2008.04.14 11:51:40 | 001,504,768 | ---- | M] (Microsoft Corporation) MD5=86625CA0D28D7D35DB1C843A3C13411E -- C:\WINDOWS\system32\diskcopy.dll
[2008.04.14 11:51:40 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=5B48D34A1541169DD8A3CFEF544CAA8B -- C:\WINDOWS\system32\dispex.dll
[2008.04.14 11:51:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=36B50CFB4AE7C78FEA1472AC13B4FD70 -- C:\WINDOWS\system32\dmband.dll
[2008.04.14 11:51:40 | 000,061,440 | ---- | M] (Microsoft Corporation) MD5=48AB816C295215E4CC7638E281A48FC5 -- C:\WINDOWS\system32\dmcompos.dll
[2001.10.25 19:00:00 | 000,330,752 | ---- | M] (Microsoft Corp., Veritas Software) MD5=2919DAF4AAA4FC4CFB64DD27364FD2A8 -- C:\WINDOWS\system32\dmconfig.dll
[2008.04.14 11:51:40 | 000,285,184 | ---- | M] (Microsoft Corp.) MD5=40A5AD58971D2FE01E739E4F98DCDEF5 -- C:\WINDOWS\system32\dmdlgs.dll
[2008.04.14 11:51:40 | 000,200,704 | ---- | M] (Microsoft Corp.) MD5=6D223388F107CE2B4F58D15FB870E3FB -- C:\WINDOWS\system32\dmdskmgr.dll
[2001.10.25 19:00:00 | 000,118,784 | ---- | M] (Microsoft Corp.) MD5=0D2C18ACB665624C152A82A0951560D5 -- C:\WINDOWS\system32\dmdskres.dll
[2008.04.14 11:51:40 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=FB12806AAE8627439459780BB8A784BD -- C:\WINDOWS\system32\dmime.dll
[2001.10.25 19:00:00 | 000,018,432 | ---- | M] (Microsoft Corp.) MD5=AC362721CCF916AB65F14E6FB20BFBE2 -- C:\WINDOWS\system32\dmintf.dll
[2008.04.14 11:51:40 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=2C17EBA3FBA3D86149D96C975F0D8B68 -- C:\WINDOWS\system32\dmloader.dll
[2001.10.25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=5847237C0CFDCED02ECA1C77EF56F200 -- C:\WINDOWS\system32\dmocx.dll
[2008.04.14 11:51:40 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=F9CFCCC83C6F8F2088D9143268937ACF -- C:\WINDOWS\system32\dmscript.dll
[2008.04.14 11:51:40 | 000,024,064 | ---- | M] (Microsoft Corp.) MD5=2BFEFE9E865655A76982F050450B9591 -- C:\WINDOWS\system32\dmserver.dll
[2008.04.14 11:51:40 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=E22EFFB6B8FFA89920414DE68974A24B -- C:\WINDOWS\system32\dmstyle.dll
[2008.04.14 11:51:40 | 000,103,424 | ---- | M] (Microsoft Corporation) MD5=1371D287924F8A025FBC3C9CA419B6BE -- C:\WINDOWS\system32\dmsynth.dll
[2008.04.14 11:51:40 | 000,104,448 | ---- | M] (Microsoft Corporation) MD5=3626013731DE00AC8AFC46ADA16EE44D -- C:\WINDOWS\system32\dmusic.dll
[2008.04.27 13:22:26 | 000,051,200 | ---- | M] (Microsoft Corp.) MD5=B3D45350DB6A5E7BE57DCFAE586ED31F -- C:\WINDOWS\system32\dmutil.dll
[2011.03.03 07:54:55 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=443FA2B9D23DAA57077A670E7B14052A -- C:\WINDOWS\system32\dnsapi.dll
[2009.04.20 18:19:42 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=DFAA406BF19F4EE806A6F8D4342137F7 -- C:\WINDOWS\system32\dnsrslvr.dll
[2001.10.25 19:00:00 | 000,046,080 | ---- | M] (Microsoft Corporation) MD5=AC942D420F3EE3571D6E6D5A9AAD4614 -- C:\WINDOWS\system32\docprop.dll
[2008.04.14 11:51:40 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=515F6C95C6960BAF6BC450B0C022DEA5 -- C:\WINDOWS\system32\docprop2.dll
[2008.04.14 11:51:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6011D2787CD0CE16CE6E40C30F13F6F8 -- C:\WINDOWS\system32\dot3api.dll
[2008.04.14 11:51:40 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=69CE634380DB3684C49A7E870F6629CB -- C:\WINDOWS\system32\dot3cfg.dll
[2008.04.14 11:51:40 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=C9AFEA3C13B62701FAE571D8466EB5F6 -- C:\WINDOWS\system32\dot3dlg.dll
[2008.04.14 11:51:40 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=FAD7301867D33E9779B3BD6F08158FE6 -- C:\WINDOWS\system32\dot3gpclnt.dll
[2008.04.14 11:51:40 | 000,056,320 | ---- | M] (Společnost Microsoft) MD5=0E87BAAE073546A4B5DF73EFF4BDA70B -- C:\WINDOWS\system32\dot3msm.dll
[2008.04.14 11:51:40 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=4A3E2BD20157A0946751229E92EB8621 -- C:\WINDOWS\system32\dot3svc.dll
[2008.04.14 11:51:40 | 000,651,264 | ---- | M] (Microsoft Corporation) MD5=43C760FFE0E6A6D225E77C417C5C59B4 -- C:\WINDOWS\system32\dot3ui.dll
[2008.04.14 11:49:50 | 000,102,912 | ---- | M] (Microsoft Corporation) MD5=14E87D5268FFA7F6BF6DC33B40A37866 -- C:\WINDOWS\system32\dpcdll.dll
[2001.10.25 19:00:00 | 000,033,040 | ---- | M] (Společnost Microsoft) MD5=3B6007EC4304AFF73C65F6E2A2129063 -- C:\WINDOWS\system32\dplay.dll
[2008.04.14 11:51:40 | 000,229,888 | ---- | M] (Microsoft Corporation) MD5=5419E85334A40313C801797BC451728C -- C:\WINDOWS\system32\dplayx.dll
[2008.04.14 11:51:40 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=F1AF886AA05F3BC31BE81B7BC0837AAC -- C:\WINDOWS\system32\dpmodemx.dll
[2008.04.14 11:41:00 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=001AC7A00E421F42051688A4B0DCB9F5 -- C:\WINDOWS\system32\dpnaddr.dll
[2012.11.02 03:03:56 | 000,375,296 | ---- | M] (Microsoft Corporation) MD5=5065F7B30B1E2B221887F13A559A901B -- C:\WINDOWS\system32\dpnet.dll
[2008.04.14 11:51:40 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=6A8EDDA4987CF04A4B0CD7F536A0B379 -- C:\WINDOWS\system32\dpnhpast.dll
[2008.04.14 11:51:40 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=47B073160FF6A8BBD34E06E2AF3A3F02 -- C:\WINDOWS\system32\dpnhupnp.dll
[2008.04.14 11:41:02 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=3D09952D26D7293307BCF37A456B286B -- C:\WINDOWS\system32\dpnlobby.dll
[2001.10.25 19:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=DA6F8E4A326E0E1EA80CEA7DCA669657 -- C:\WINDOWS\system32\dpnmodem.dll
[2001.10.25 19:00:00 | 000,061,952 | ---- | M] (Microsoft Corporation) MD5=17B27EA7F9F37B6F3965468A770604D1 -- C:\WINDOWS\system32\dpnwsock.dll
[2001.10.25 19:00:00 | 000,053,520 | ---- | M] (Společnost Microsoft) MD5=00AF4BF49E1265642040DAF5B73DEDC7 -- C:\WINDOWS\system32\dpserial.dll
[2008.04.14 11:51:40 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=576704FC4724A1FB52BDBA7919A36805 -- C:\WINDOWS\system32\dpvacm.dll
[2008.04.14 11:51:40 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=16C6EE2C5E8E432524256DC7038AFE7C -- C:\WINDOWS\system32\dpvoice.dll
[2008.04.14 11:51:40 | 000,116,736 | ---- | M] (Microsoft Corporation) MD5=D2DE619A95EE3D37E907219CFD86EC8F -- C:\WINDOWS\system32\dpvvox.dll
[2001.10.25 19:00:00 | 000,042,768 | ---- | M] (Microsoft Corporation) MD5=0593E58BAA2EB0BDA9247D5E333422A8 -- C:\WINDOWS\system32\dpwsock.dll
[2008.04.14 11:51:40 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=59F81F1107FE8ABA87206609B453FD9D -- C:\WINDOWS\system32\dpwsockx.dll
[2008.04.14 11:53:10 | 000,299,520 | ---- | M] (Microsoft Corporation) MD5=6B7691E63F3282275C35870ACBA3FF21 -- C:\WINDOWS\system32\drmclien.dll
[2008.04.14 11:51:40 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=2FEA67E09B76BA5592A236B262B29BCE -- C:\WINDOWS\system32\drmstor.dll
[2008.04.27 14:19:32 | 000,991,744 | ---- | M] (Microsoft Corporation) MD5=E989E4BADCCCF78E18AABF3D42B306CE -- C:\WINDOWS\system32\drmv2clt.dll
[2008.04.14 11:51:40 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2695ED5F8A4FAC0B16BA36D28481182D -- C:\WINDOWS\system32\drprov.dll
[2007.04.02 22:35:22 | 000,004,656 | ---- | M] (Microsoft Corporation) MD5=06D51EF74C4B9CE28B39F2D22D2A8608 -- C:\WINDOWS\system32\ds16gt.dLL
[2008.04.14 11:51:40 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=FAA4CA51218BD30123090A79126EBE56 -- C:\WINDOWS\system32\ds32gt.dll
[2001.10.25 19:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=362CFFFBB729374BBEB59BAA2497EDC0 -- C:\WINDOWS\system32\dsauth.dll
[2008.04.14 11:51:42 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=285E4AE9F2C181F304DDDC4FFF2098BC -- C:\WINDOWS\system32\dsdmo.dll
[2008.04.14 11:51:42 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=9398B2383FB648286855311330458A99 -- C:\WINDOWS\system32\dsdmoprp.dll
[2008.04.14 11:51:42 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=C0731C40A7C115D90A031CC707B706C2 -- C:\WINDOWS\system32\dskquota.dll
[2008.04.14 11:51:42 | 000,157,184 | ---- | M] (Microsoft Corporation) MD5=F7DB2C756C0216426ABF4991F760B2CD -- C:\WINDOWS\system32\dskquoui.dll
[2008.04.14 11:51:42 | 000,367,616 | ---- | M] (Microsoft Corporation) MD5=8E009E7AC012823845D5F39A77F4A27F -- C:\WINDOWS\system32\dsound.dll
[2008.04.14 11:51:42 | 001,293,824 | ---- | M] (Microsoft Corporation) MD5=5A700C103ECB9333FC178966367B25BF -- C:\WINDOWS\system32\dsound3d.dll
[2008.04.14 11:51:42 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=87DB402CE033540EA7487B2C816DAA38 -- C:\WINDOWS\system32\dsprop.dll
[2008.04.14 11:03:14 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=3A7B631BFC5C803D3B887D0E5D04B205 -- C:\WINDOWS\system32\dsprpres.dll
[2008.04.14 11:51:42 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=FC76D20FC9C7CFF6B49729E0C7E087B7 -- C:\WINDOWS\system32\dsquery.dll
[2008.04.14 11:51:42 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=A599B5BD6938EEA685E1EBCAC754F17D -- C:\WINDOWS\system32\dssec.dll
[2008.04.14 02:07:58 | 000,138,752 | ---- | M] (Microsoft Corporation) MD5=FEDE68BF80052BAD393AFD5C2E60DCB0 -- C:\WINDOWS\system32\dssenh.dll
[2008.04.14 11:51:42 | 000,113,152 | ---- | M] (Microsoft Corporation) MD5=530E3AC15095508F2519FC0E5AD76A36 -- C:\WINDOWS\system32\dsuiext.dll
[2008.04.14 11:51:42 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=CE66949F942823BDCC86F0D53CE15A16 -- C:\WINDOWS\system32\dswave.dll
[2008.04.14 11:51:42 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=01DEFAA24704069BDB1A559A9C6EBC88 -- C:\WINDOWS\system32\duser.dll
[2008.04.14 11:51:42 | 000,618,496 | ---- | M] (Microsoft Corporation) MD5=4FD27471960DB73B11AC91FB94E2B92F -- C:\WINDOWS\system32\dx7vb.dll
[2008.04.14 11:51:42 | 001,227,264 | ---- | M] (Microsoft Corporation) MD5=8344D60D87F7326E490F84B58E22EA1D -- C:\WINDOWS\system32\dx8vb.dll
[2008.04.14 11:51:42 | 002,113,536 | ---- | M] (Microsoft Corporation) MD5=B052D9006FEEA3AC9E4B8750E3E959F3 -- C:\WINDOWS\system32\dxdiagn.dll
[2008.04.14 11:51:42 | 000,499,254 | ---- | M] (Microsoft Corporation) MD5=9256C0DB88BB4A6DE640309B29DB2CE8 -- C:\WINDOWS\system32\dxmasf.dll
[2009.03.08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) MD5=057D53F1490598D41D9D4DEE9A92B0B1 -- C:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) MD5=5E1A0476E009A1930A524DFF4CA13982 -- C:\WINDOWS\system32\dxtrans.dll
[2008.07.29 21:10:04 | 000,073,720 | ---- | M] (Microsoft Corporation) MD5=ED8B49890D24894167EBB84A235382D4 -- C:\WINDOWS\system32\dxva2.dll
[2008.04.14 11:51:42 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=6E4DFC1D92AD235FC76E8C7EE5544A00 -- C:\WINDOWS\system32\eapolqec.dll
[2008.04.14 11:51:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=9D283D4B7A1A6799A2C76665CDB34065 -- C:\WINDOWS\system32\eapp3hst.dll
[2008.04.14 11:51:42 | 000,126,976 | ---- | M] (Microsoft Corporation) MD5=DFBCA5222331A476C42DF1AA3921629E -- C:\WINDOWS\system32\eappcfg.dll
[2008.04.14 11:51:42 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=98CA0BF27F75770905762F4FBB7677A2 -- C:\WINDOWS\system32\eappgnui.dll
[2008.04.14 11:51:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=57A9CDCB54867943F2C2BEC65FA772F7 -- C:\WINDOWS\system32\eapphost.dll
[2008.04.14 11:51:42 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=F6D35EBC8F11300AAFD1D4CA6DC65B9D -- C:\WINDOWS\system32\eappprxy.dll
[2008.04.14 11:51:42 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=D487B71198B6BFEB7924CBE645D7B8E2 -- C:\WINDOWS\system32\eapqec.dll
[2008.04.14 11:51:42 | 000,033,792 | ---- | M] (Microsoft Corporation) MD5=0887D9C2BE8D940778CAD1E3B85F2A41 -- C:\WINDOWS\system32\eapsvc.dll
[2008.04.14 11:51:42 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=46ADB92DCD371A14B4C70F47D2ABB345 -- C:\WINDOWS\system32\efsadu.dll
[2008.04.14 11:51:42 | 000,185,344 | ---- | M] (Microsoft Corporation) MD5=E5EECA74032C3B22F0E09079BBCCCEAE -- C:\WINDOWS\system32\els.dll
[2008.04.14 11:51:42 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=99BFE49E1243B6A50716DA1584CD5AB6 -- C:\WINDOWS\system32\encapi.dll
[2011.10.18 12:13:30 | 000,186,880 | ---- | M] () MD5=6ACEF04C3FA9E231C98B5D57C18144A3 -- C:\WINDOWS\system32\encdec.dll
[2001.10.25 19:00:00 | 000,103,424 | ---- | M] (Equinox Systems Inc.) MD5=3F7D26F2F0A3F54489E86725B138D2A9 -- C:\WINDOWS\system32\EqnClass.Dll
[2008.04.14 11:51:42 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A2A4912798F2BE706ABADD3D30800D16 -- C:\WINDOWS\system32\ersvc.dll
[2008.07.07 21:29:06 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=A371F11EF07653591C8DE26AFB13CE7F -- C:\WINDOWS\system32\es.dll
[2008.04.14 11:51:42 | 001,083,904 | ---- | M] (Microsoft Corporation) MD5=39026490EF6992293A38AA13204BA6F3 -- C:\WINDOWS\system32\esent.dll
[2001.10.25 19:00:00 | 001,114,896 | ---- | M] (Microsoft Corporation) MD5=7D603A2421F02AF885C0DE86D46B9436 -- C:\WINDOWS\system32\esent97.dll
[2001.10.25 19:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=AC0A428DB233192CFF438E562F339429 -- C:\WINDOWS\system32\esentprf.dll
[2001.10.25 19:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=1EA7D108898EBD95EB20E535337640A4 -- C:\WINDOWS\system32\eventcls.dll
[2008.04.14 11:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2008.07.29 21:10:04 | 000,493,048 | ---- | M] (Microsoft Corporation) MD5=76CADBF5663E357D7FDC99DC0CDDC958 -- C:\WINDOWS\system32\evr.dll
[2008.04.14 11:51:42 | 000,380,445 | ---- | M] (Microsoft Corporation) MD5=B1306CBB694B1FB290C45197918D41DF -- C:\WINDOWS\system32\expsrv.dll
[2009.10.29 08:45:29 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=4CE00D3D6F187850E7C14CDF0A0CB77D -- C:\WINDOWS\system32\extmgr.dll
[2008.04.14 11:51:42 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=AD5D80319E6A6C2A08B4C39D81E0198E -- C:\WINDOWS\system32\exts.dll
[2008.04.14 11:51:42 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=621EACDD05BEEC6A40D74B9D66E62D7C -- C:\WINDOWS\system32\faultrep.dll
[1998.11.28 05:59:34 | 000,265,216 | ---- | M] (Symantec Corporation) MD5=9519DD29997BA18FA779C3241F63AA62 -- C:\WINDOWS\system32\FAXUTIL.DLL
[1998.11.28 05:59:32 | 000,181,248 | ---- | M] (Symantec Corporation) MD5=74BA78534E6169530FD43E6B24FD723E -- C:\WINDOWS\system32\faxzrh.DLL
[2008.04.14 11:51:42 | 000,124,416 | ---- | M] (Microsoft Corporation) MD5=AFBE3927B3C2ED14D16E80B39E0A2A28 -- C:\WINDOWS\system32\fde.dll
[2008.04.14 11:51:42 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=2CA3D95BA5F7A82675EA69DDB789573A -- C:\WINDOWS\system32\fdeploy.dll
[2008.04.14 11:51:42 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=88BD68BE389C54CADFC260D39D76C3DF -- C:\WINDOWS\system32\feclient.dll
[2008.04.14 11:51:42 | 000,337,920 | ---- | M] (Microsoft Corporation) MD5=68E5E13C23249EBE3462F1F256662BDC -- C:\WINDOWS\system32\filemgmt.dll
[2008.04.14 11:51:42 | 000,087,552 | ---- | M] (Microsoft Corporation) MD5=92F6B4FA80B80B49FC3CE0579EA0CD2A -- C:\WINDOWS\system32\fldrclnr.dll
[2008.04.14 11:51:42 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=C74B93113F4515D8B963E46A589BE85E -- C:\WINDOWS\system32\fltlib.dll
[2011.07.07 01:28:22 | 001,193,320 | ---- | M] (Microsoft Corporation) MD5=09B2ED06BB44815B2B5803F5C67E00E3 -- C:\WINDOWS\system32\FM20.DLL
[2006.10.26 13:10:06 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=F2CE3C8E63F770DB3E59D503CE4CC311 -- C:\WINDOWS\system32\FM20ENU.DLL
[2001.10.25 19:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=D305DC5A86D39D611164E4C078FC940D -- C:\WINDOWS\system32\fmifs.dll
[2008.04.14 11:51:42 | 000,382,976 | ---- | M] (Microsoft Corporation) MD5=354093F5DC474F921509BCECB17C2D78 -- C:\WINDOWS\system32\fontext.dll
[2009.10.15 17:32:57 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=D5D8F92AB79F795B8E6C31F3B5859CCC -- C:\WINDOWS\system32\fontsub.dll
[2008.04.14 11:44:18 | 000,009,344 | ---- | M] (Microsoft Corporation) MD5=9BB4EED8CCB41C276E49746E87FB4FA3 -- C:\WINDOWS\system32\framebuf.dll
[2011.01.10 17:22:45 | 000,000,014 | ---- | M] () MD5=5139484B48E50504319589F4F3EA703A -- C:\WINDOWS\system32\fstextv66.dll
[2009.03.31 09:39:36 | 000,110,592 | ---- | M] () MD5=C83C84DAE3B901BF404D36F304B00FA0 -- C:\WINDOWS\system32\FsUsbExDevice.Dll
[2001.10.25 19:00:00 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=AF1AB8973174CE1DAD7C1D4B446C3D0B -- C:\WINDOWS\system32\fsusd.dll
[2001.10.25 19:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) MD5=3B0B8D7718B1891E2492A4027AF372C0 -- C:\WINDOWS\system32\ftsrch.dll
[2008.04.14 11:51:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=B5C1C8BEB79C17D19E724D3F79728FC5 -- C:\WINDOWS\system32\fwcfg.dll
[2001.10.25 19:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) MD5=B69D9DF59E72433D16E81DE2800CB5BF -- C:\WINDOWS\system32\gcdef.dll
[2008.10.23 13:42:52 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=90C925765E695AB984BE2E8A21B62AE9 -- C:\WINDOWS\system32\gdi32.dll
[2001.10.25 19:00:00 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=668D2A1E25115D557449AB2A57A34E5B -- C:\WINDOWS\system32\getuname.dll
[2001.10.25 19:00:00 | 000,285,184 | ---- | M] (Microsoft Corporation) MD5=1A2F29DA0CE996E2B7D3F88A08F03B10 -- C:\WINDOWS\system32\glmf32.dll
[2008.04.14 11:51:42 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=51C2456D72198560D7EEF5BBC4C2EDF8 -- C:\WINDOWS\system32\glu32.dll
[2008.04.14 11:51:44 | 000,568,320 | ---- | M] (Microsoft Corporation) MD5=1FF8FA8810ED7E3E8342DFA741262519 -- C:\WINDOWS\system32\gpedit.dll
[2008.04.14 02:08:00 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=0E13DEAA35E93EA67C84C7C7236722AD -- C:\WINDOWS\system32\gpkcsp.dll
[2008.04.14 10:47:12 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F645B7295BEC2652A9C0990D41CFF8B4 -- C:\WINDOWS\system32\gpkrsrc.dll
[2008.04.14 11:51:44 | 000,200,192 | ---- | M] (Microsoft Corporation) MD5=8BC95A77F69958A02E9F58C69F01D790 -- C:\WINDOWS\system32\gptext.dll
[2008.04.14 11:51:44 | 000,614,912 | ---- | M] (Microsoft Corporation) MD5=0551775C915615CF43486C997185566E -- C:\WINDOWS\system32\h323msp.dll
[2008.04.14 03:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
[2008.04.14 07:51:44 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=406F6F7156E3F7CB360A7E08A3A60DB3 -- C:\WINDOWS\system32\hccoin.dll
[2008.04.14 11:51:44 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=D26E9120335356CFCC47812407D4F73B -- C:\WINDOWS\system32\hhsetup.dll
[2008.04.27 13:22:26 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=FFB0A2D2B73A64979CD29C15B3B0A9D5 -- C:\WINDOWS\system32\hid.dll
[2008.04.14 11:51:44 | 000,072,704 | ---- | M] (Microsoft Corporation) MD5=342CDB3134753EEA731C930D19F438C6 -- C:\WINDOWS\system32\hlink.dll
[2008.04.14 11:51:44 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=ED18ADEE4AA21EB26977260152D7241A -- C:\WINDOWS\system32\hnetcfg.dll
[2001.10.25 19:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=93D326E7790623EF07B9EAC16E1E0D68 -- C:\WINDOWS\system32\hnetmon.dll
[2008.04.14 11:51:44 | 000,330,752 | ---- | M] (Microsoft Corporation) MD5=A68622FC287564058F6649C04DC56A6B -- C:\WINDOWS\system32\hnetwiz.dll
[2008.04.14 11:51:44 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=8AF5246FEA1A21F823104F12EFFE2054 -- C:\WINDOWS\system32\hotplug.dll
[2001.10.25 19:00:00 | 000,044,544 | ---- | M] (Hilgraeve, Inc.) MD5=FA61B6A311D15F4CFBABA6FA61BB67D3 -- C:\WINDOWS\system32\hticons.dll
[2009.10.21 06:40:39 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=655DC214882EF37CBCE107BACB383E43 -- C:\WINDOWS\system32\httpapi.dll
[2008.04.14 11:51:44 | 000,042,496 | ---- | M] (Microsoft Corporation) MD5=BDBD11EF289B7F6FD91734D1C2DC8645 -- C:\WINDOWS\system32\htui.dll
[2008.04.14 11:51:44 | 000,351,232 | ---- | M] (Hilgraeve, Inc.) MD5=A8A312A48529DAA9DDFE804552CA30DD -- C:\WINDOWS\system32\hypertrm.dll
[2012.01.11 20:07:11 | 000,003,072 | ---- | M] () MD5=398F96366356C1BCCF42030D8D99A702 -- C:\WINDOWS\system32\iacenc.dll
[2001.10.25 19:00:00 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=22030620189AFD2E8E6BD49C92B3FA01 -- C:\WINDOWS\system32\iasacct.dll
[2001.10.25 19:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=DB068CDDB8C9E3F55877DE0F96BAE2DC -- C:\WINDOWS\system32\iasads.dll
[2001.10.25 19:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=F02E83EB63A1738FFAEAFF9BF0D53CFC -- C:\WINDOWS\system32\iashlpr.dll
[2001.10.25 19:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=60AF51A0983D139774729DE7AD5E21AF -- C:\WINDOWS\system32\iasnap.dll
[2001.10.25 19:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=768E958149E44B61C9108A99EDAD0F06 -- C:\WINDOWS\system32\iaspolcy.dll
[2008.04.14 11:51:44 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=C7629DC9C9B43C6B0396FEB7DC672B14 -- C:\WINDOWS\system32\iasrad.dll
[2001.10.25 19:00:00 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=53522C05698029BDE0EE6FF24837E3A1 -- C:\WINDOWS\system32\iasrecst.dll
[2001.10.25 19:00:00 | 000,086,528 | ---- | M] (Microsoft Corporation) MD5=AF08F4A4DBD70F55D787F1F76C2A83DB -- C:\WINDOWS\system32\iassam.dll
[2001.10.25 19:00:00 | 000,250,368 | ---- | M] (Microsoft Corporation) MD5=8FEFDB16841DE7539ACC4AE6B76165EC -- C:\WINDOWS\system32\iassdo.dll
[2001.10.25 19:00:00 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=BF7CDDB0246E77F441BEA293A8A9348A -- C:\WINDOWS\system32\iassvcs.dll
[2008.04.14 11:51:44 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=72C1FF5AE0330CCF9C35BCBBAD267F3B -- C:\WINDOWS\system32\icaapi.dll
[2009.03.08 04:31:52 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=17A6B9EFC1D37368379F4E77EC3F2761 -- C:\WINDOWS\system32\icardie.dll
[2008.07.29 19:24:50 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=5E9C073D58F2A5F64EBC714E13DF792B -- C:\WINDOWS\system32\icardres.dll
[2010.06.17 15:03:52 | 000,080,384 | ---- | M] (Radius Inc.) MD5=B41E5851B99752814CD52AD470726139 -- C:\WINDOWS\system32\iccvid.dll
[2001.10.25 19:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=8E2B0B71E66931A8C9840B080CB3D1F4 -- C:\WINDOWS\system32\icfgnt5.dll
[2008.04.14 11:51:44 | 000,254,976 | ---- | M] (Microsoft Corporation) MD5=8C3BF1443B7AD6473E5AF75DC09E4B36 -- C:\WINDOWS\system32\icm32.dll
[2008.04.14 11:46:50 | 000,003,584 | ---- | M] (Microsoft Corporation) MD5=D7328628EE47A02CC55CB8BB16D69C34 -- C:\WINDOWS\system32\icmp.dll
[2001.10.25 19:00:00 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=B74DA7CC968685138FB401201E1849AF -- C:\WINDOWS\system32\icmui.dll
[2008.04.14 11:51:44 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=3AB0BF3986F54BDC7BE4693752D098B3 -- C:\WINDOWS\system32\icwdial.dll
[2008.04.14 11:51:44 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=5DBDE28B4DB5AE02F2F018A80F7A4CF6 -- C:\WINDOWS\system32\icwphbk.dll
[2009.01.07 18:20:36 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=C838EF8A3D766B6E0F1F668BE9988D4A -- C:\WINDOWS\system32\idndl.dll
[2008.04.14 11:51:44 | 000,120,832 | ---- | M] (Microsoft Corporation) MD5=25705A1AD3736AFBEF7AE4469F2EDE27 -- C:\WINDOWS\system32\idq.dll
[2009.03.08 04:33:02 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=FCF52888B8AD1BDC80275108172BD76D -- C:\WINDOWS\system32\ieakeng.dll
[2009.03.08 04:33:08 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=69F138A7E93F2646CDEC3B68CE7011DF -- C:\WINDOWS\system32\ieaksie.dll
[2009.03.08 04:32:52 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=36A86C1B6406CC493554F16BA13BE7D9 -- C:\WINDOWS\system32\ieakui.dll
[2009.03.08 04:11:12 | 000,445,952 | ---- | M] (Microsoft Corporation) MD5=66F1C930F4572816BB15C3A863590305 -- C:\WINDOWS\system32\ieapfltr.dll
[2012.11.01 13:12:24 | 000,387,584 | ---- | M] (Microsoft Corporation) MD5=7688FBCD76B53C4618B167323131C0C2 -- C:\WINDOWS\system32\iedkcs32.dll
[2009.10.29 08:45:29 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=F8B519ED8ECF4829E545C7A49E25EB08 -- C:\WINDOWS\system32\ieencode.dll
[2012.11.01 17:42:26 | 011,111,424 | ---- | M] (Microsoft Corporation) MD5=991BD4B0D0729056445FEBAF09AACED5 -- C:\WINDOWS\system32\ieframe.dll
[2012.11.01 13:12:24 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=58C628A6DD8D131293064019E85B2872 -- C:\WINDOWS\system32\iepeers.dll
[2009.03.08 04:32:50 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=45814FE9FBD6F569A0468D229455B3A2 -- C:\WINDOWS\system32\iernonce.dll
[2012.11.01 13:12:24 | 002,000,384 | ---- | M] (Microsoft Corporation) MD5=B01E5059EA6DBED14E29322C13042A7E -- C:\WINDOWS\system32\iertutil.dll
[2009.03.08 04:32:50 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=1B6FF5B9A21DE2E89BB014932A414E7E -- C:\WINDOWS\system32\iesetup.dll
[2009.03.08 04:22:46 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=11734790410900D2CD6B7839020E4DD9 -- C:\WINDOWS\system32\ieui.dll
[2008.04.14 11:51:44 | 000,137,216 | ---- | M] (Microsoft Corporation) MD5=B4448DFFCF7949E83FF26BDA95A5705A -- C:\WINDOWS\system32\ifmon.dll
[2001.10.25 19:00:00 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=ACE72381AB9471011C314813B8D6044D -- C:\WINDOWS\system32\ifsutil.dll
[2008.04.14 11:51:44 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=11D02A07D2A283D0DD5AB7771643444C -- C:\WINDOWS\system32\igmpagnt.dll
[2001.10.25 19:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=FF69996C684B6F9507E3CB841DAB1ACC -- C:\WINDOWS\system32\iissuba.dll
[2008.04.14 11:51:44 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=15B404CD9967CC254F97AD08D86FC6E0 -- C:\WINDOWS\system32\ils.dll
[2012.02.29 15:10:19 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=D21DBAA97839B1786E278FDD2F3444AC -- C:\WINDOWS\system32\imagehlp.dll
[2004.07.20 17:24:10 | 001,568,768 | ---- | M] (Pegasus Imaging Corp.) MD5=903DE5707D29A1E034ED40F54571F1B7 -- C:\WINDOWS\system32\ImagX7.dll
[2004.07.20 17:24:10 | 000,476,320 | ---- | M] (Pegasus Imaging Corp.) MD5=8F03FD1C3BD8F6B575E6CF5E0E89FF13 -- C:\WINDOWS\system32\ImagXpr7.dll
[2004.07.20 17:24:10 | 000,262,144 | ---- | M] (Pegasus Imaging Corp.) MD5=97915FBD07E749BCCCF7FFE78E9A7C37 -- C:\WINDOWS\system32\ImagXR7.dll
[2004.07.20 17:24:10 | 000,471,040 | ---- | M] (Pegasus Imaging Corp.) MD5=AC225D792D1A214631BE5FDE7DE9143A -- C:\WINDOWS\system32\ImagXRA7.dll
[2008.04.14 11:51:44 | 000,036,921 | ---- | M] (Microsoft Corporation) MD5=2DB47936816904EC4532801A7BD07F9B -- C:\WINDOWS\system32\imeshare.dll
[2009.03.08 04:31:38 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=42B928FC8518D793BF7A5EAFC57B1D8B -- C:\WINDOWS\system32\imgutil.dll
[2008.04.14 11:51:44 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=6C60CA8AC7470AC01CFD3D24C7283CD1 -- C:\WINDOWS\system32\imm32.dll
[2008.04.14 11:51:44 | 000,274,432 | ---- | M] (Microsoft Corporation) MD5=48B91680AF915F61CB2D30F7FADDD6EC -- C:\WINDOWS\system32\inetcfg.dll
[2011.10.10 15:22:49 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=7672C0A28AD4F40E1E2CFD60AD73735A -- C:\WINDOWS\system32\inetcomm.dll
[2001.10.25 19:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=B05B0BC79217390657F1F526FF5C64D8 -- C:\WINDOWS\system32\inetcplc.dll
[2008.04.14 11:51:44 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=CC73F4A119331DE70B951AAD912EF93A -- C:\WINDOWS\system32\inetmib1.dll
[2008.04.14 11:51:46 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=F420C325956CA593679A8796065BFBB6 -- C:\WINDOWS\system32\inetpp.dll
[2008.04.14 11:51:46 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=BD6D3B81188EA3F94773DCCA1A3ECDB0 -- C:\WINDOWS\system32\inetppui.dll
[2008.04.14 10:54:54 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=5C846FE650A4B7E98D0193B2290C14B6 -- C:\WINDOWS\system32\inetres.dll
[2008.07.29 19:24:50 | 000,097,800 | ---- | M] (Microsoft Corporation) MD5=4F782462228CE2E0EBA40D1F519E8A15 -- C:\WINDOWS\system32\infocardapi.dll
[2001.10.25 19:00:00 | 000,450,560 | ---- | M] (Microsoft Corporation) MD5=6329694D12901486E970E28EE53CCD0A -- C:\WINDOWS\system32\infosoft.dll
[2008.04.14 11:51:46 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=3155306CFA3AAD9FF101D816AC43BA7B -- C:\WINDOWS\system32\initpki.dll
[2006.10.26 12:45:04 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=19C17BE6A8FEC40C535E1CB60D784D06 -- C:\WINDOWS\system32\INKED.DLL
[2008.04.14 11:51:46 | 000,124,416 | ---- | M] (Microsoft Corporation) MD5=708F72E0FF668EA245C9EA59AA23AC91 -- C:\WINDOWS\system32\input.dll
[2009.03.08 04:32:46 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\WINDOWS\system32\inseng.dll
[2001.10.25 19:00:00 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=0DB13DA6D57784625E00372156A51DB3 -- C:\WINDOWS\system32\iologmsg.dll
[2008.04.14 11:51:46 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=7A943FB5D0260595A7DA43246F070D2D -- C:\WINDOWS\system32\iphlpapi.dll
[2008.04.14 11:51:46 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=FE6C6885AF3E222EB825ECF34AC8D9AA -- C:\WINDOWS\system32\ipmontr.dll
[2008.04.14 11:51:46 | 000,329,728 | ---- | M] (Microsoft Corporation) MD5=F58FACA9621D2DB01BD0927D9A0A208E -- C:\WINDOWS\system32\ipnathlp.dll
[2008.04.14 11:51:46 | 000,342,528 | ---- | M] (Microsoft Corporation) MD5=7111D4176611956AE457DD9C77D44B41 -- C:\WINDOWS\system32\ippromon.dll
[2001.10.25 19:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) MD5=BD4F71438B80F5BC2B11FB34AAA19861 -- C:\WINDOWS\system32\iprop.dll
[2001.10.25 19:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=C339DCAD1FC8C692B57B0B2BD98F9733 -- C:\WINDOWS\system32\iprtprio.dll
[2008.04.14 11:51:46 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=003D35FAA8CDB0407EDA807ACD73B56D -- C:\WINDOWS\system32\iprtrmgr.dll
[2008.04.14 11:51:46 | 000,351,232 | ---- | M] (Microsoft Corporation) MD5=FCFD179649DFD1D4A83B6B8113445679 -- C:\WINDOWS\system32\ipsecsnp.dll
[2008.04.14 11:51:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=D76D39056EF8B8C09BC544754448E48F -- C:\WINDOWS\system32\ipsecsvc.dll
[2008.04.14 11:51:46 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=A04F96DAD5B010B415B25C808188FE5B -- C:\WINDOWS\system32\ipsmsnap.dll
[2008.04.14 11:51:46 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=2360CB6B7B188AB6A86A9201F1999BAB -- C:\WINDOWS\system32\ipv6mon.dll
[2001.10.25 19:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=34FC9C2A0B99D0F4F3AB233671914137 -- C:\WINDOWS\system32\ipxmontr.dll
[2001.10.25 19:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=21DCE7491F770E29DC21FBAF4BE573CD -- C:\WINDOWS\system32\ipxpromn.dll
[2001.10.25 19:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=734A77C93859AA4D46A036B29F756932 -- C:\WINDOWS\system32\ipxrip.dll
[2001.10.25 19:00:00 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=E765195690E3F8422FCE11DEB9EABED0 -- C:\WINDOWS\system32\ipxrtmgr.dll
[2001.10.25 19:00:00 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=85D8C6514BD48DF2CC61DEBE3F879DC0 -- C:\WINDOWS\system32\ipxsap.dll
[2008.04.14 11:51:46 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=9E33277AF4E8992E148CF2576A9CF5FA -- C:\WINDOWS\system32\ipxwan.dll
[2001.10.25 19:00:00 | 000,199,168 | ---- | M] () MD5=FA2F43EC92EA83E839C1FEE8DDCC3D0E -- C:\WINDOWS\system32\ir32_32.dll
[2008.04.14 11:51:46 | 000,120,320 | ---- | M] (Intel Corporation.) MD5=1B757583A1EB7BB99B49B9792A295303 -- C:\WINDOWS\system32\ir41_qc.dll
[2008.04.14 11:51:46 | 000,338,432 | ---- | M] (Intel Corporation.) MD5=665E4ACCF9791CDA42A05D34368DD504 -- C:\WINDOWS\system32\ir41_qcx.dll
[2008.04.14 11:51:46 | 000,755,200 | ---- | M] (Intel Corporation) MD5=EE478EE391967066E2FA9152E90D36AE -- C:\WINDOWS\system32\ir50_32.dll
[2008.04.14 11:51:46 | 000,200,192 | ---- | M] (Intel Corporation.) MD5=0E20AD90892DE0F4B887748FDDCB2BD7 -- C:\WINDOWS\system32\ir50_qc.dll
[2008.04.14 11:51:46 | 000,183,808 | ---- | M] (Intel Corporation.) MD5=79F9D3B6D641065EC21C25F9787A31B8 -- C:\WINDOWS\system32\ir50_qcx.dll
[2001.10.25 19:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=95E8A4A8843DBAA4423F0681EBDB6F82 -- C:\WINDOWS\system32\irclass.dll
[2010.11.18 19:15:47 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=EDC2AE78B2C8942A1DAD3E7B3DE550D4 -- C:\WINDOWS\system32\isign32.dll
[2008.04.14 11:51:46 | 000,032,768 | ---- | M] (Intel Corporation) MD5=076232A8D577FBD14080503B7E5D7CC9 -- C:\WINDOWS\system32\isrdbg32.dll
[2008.04.14 11:51:46 | 000,155,136 | ---- | M] (Microsoft Corporation) MD5=8D862FB4B6D6F8B59C8B6FAC669CCE4C -- C:\WINDOWS\system32\itircl.dll
[2008.04.14 11:51:46 | 000,138,240 | ---- | M] (Microsoft Corporation) MD5=4C4D95F2A54D460BB42AA06678A79A62 -- C:\WINDOWS\system32\itss.dll
[2008.04.14 11:51:46 | 000,191,488 | ---- | M] (Microsoft Corporation) MD5=27EA6A30DCF990FDBB6AFA2FB197D22B -- C:\WINDOWS\system32\iuengine.dll
[2008.04.14 11:51:46 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=A515D457B754DD862BAD559B4B4E32E6 -- C:\WINDOWS\system32\ixsso.dll
[2009.11.27 17:09:42 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=479B0DCA1542A38EBF7A3040F65A04B5 -- C:\WINDOWS\system32\iyuv_32.dll
[2001.10.25 19:00:00 | 000,362,496 | ---- | M] (Microsoft Corporation) MD5=747367139F73988D30FE0F2166E30B19 -- C:\WINDOWS\system32\jet500.dll
[2001.10.25 19:00:00 | 000,044,544 | ---- | M] (Johnson-Grace Company) MD5=E3E28AD388E036600289EBE43990DF00 -- C:\WINDOWS\system32\jgaw400.dll
[2008.04.14 11:51:46 | 000,163,840 | ---- | M] (America Online) MD5=B1BDACBBB54B78C63C2F0783366FF109 -- C:\WINDOWS\system32\jgdw400.dll
[2001.10.25 19:00:00 | 000,035,840 | ---- | M] (Johnson-Grace Company) MD5=348ACEAF1B257E1610D7509C96AA4D95 -- C:\WINDOWS\system32\jgmd400.dll
[2008.04.14 11:51:46 | 000,027,648 | ---- | M] (Johnson-Grace Company) MD5=6FB1298A7DEC689AAC14FE4B3FB156A7 -- C:\WINDOWS\system32\jgpl400.dll
[2001.10.25 19:00:00 | 000,045,568 | ---- | M] (America Online) MD5=1EA3956977F50541ED17D0372A58914A -- C:\WINDOWS\system32\jgsd400.dll
[2001.10.25 19:00:00 | 000,065,536 | ---- | M] (Johnson-Grace Company) MD5=398046A2608153F0963EA2064C89EC39 -- C:\WINDOWS\system32\jgsh400.dll
[2001.10.25 19:00:00 | 000,048,464 | ---- | M] (Microsoft Corporation) MD5=F12CB2E3F600E2C6B71D96F360A5CE61 -- C:\WINDOWS\system32\jobexec.dll
[2011.03.04 07:36:57 | 000,726,528 | ---- | M] (Microsoft Corporation) MD5=8479C88126FFE6BE958E76A0D0F4F660 -- C:\WINDOWS\system32\jscript.dll
[2001.10.25 19:00:00 | 000,024,623 | ---- | M] (Microsoft Corporation) MD5=08F5B8413F0C7A9BFDB38D44AA518D63 -- C:\WINDOWS\system32\jscs.dll
[2012.11.01 13:12:24 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=5ACC77E7BA2FC4E623C87CC1B00A5CFF -- C:\WINDOWS\system32\jsproxy.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=615DDBB5CBBAE8301C1E7FA95F1E66A3 -- C:\WINDOWS\system32\KBDAL.DLL
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=0304318F189E3CC4A99FCCCB0A68147F -- C:\WINDOWS\system32\kbdaze.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=712A218557F99D136735E0545E5AE223 -- C:\WINDOWS\system32\kbdazel.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=90AA6D58947A68B5D35C3D3905A74BCB -- C:\WINDOWS\system32\kbdbe.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=D916E1B4DF4A5DAC0F3B37D5BAF5FB18 -- C:\WINDOWS\system32\kbdbene.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=BFCF52AD1CB233C7F4C78CEBAF4B809B -- C:\WINDOWS\system32\kbdbhc.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=A1FA7A83F9D98D84419A8E64286284F4 -- C:\WINDOWS\system32\kbdblr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=7806D7CEC1FFED2F6A7C569E38D8232E -- C:\WINDOWS\system32\kbdbr.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=1DF6E4758611E1328567BFE4D1B28E27 -- C:\WINDOWS\system32\kbdbu.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=C068F1EF8F08C4331EC176AAC231FFE3 -- C:\WINDOWS\system32\kbdca.dll
[2001.10.25 19:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6FC7C2503F3D43B8F493DDA15AA1BC50 -- C:\WINDOWS\system32\kbdcan.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=5B46568257EE49714564511D58E0DE53 -- C:\WINDOWS\system32\kbdcr.dll
[2001.10.25 19:00:00 | 000,007,168 | R--- | M] (Microsoft Corporation) MD5=36E68E02AF2206FC4A8C73CAEABE1FB0 -- C:\WINDOWS\system32\kbdcz.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=AFA30A44ED11A5F9A059A2767AB6A81A -- C:\WINDOWS\system32\kbdcz1.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=90535C13EB54E1F2C95478F1B99DCCEB -- C:\WINDOWS\system32\kbdcz2.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B6AB131E6F77563A74465F5972EF900F -- C:\WINDOWS\system32\kbdda.dll
[2001.10.25 19:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=4B2B6EAB5D350AB95CC56883E01B1DE7 -- C:\WINDOWS\system32\kbddv.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=4B808BAC83B00F3F013DA239E93A416A -- C:\WINDOWS\system32\kbdes.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=BBB6C3346064C6AECEE6AD9F144B1AEA -- C:\WINDOWS\system32\kbdest.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=DE844F425C89EDD0DC61C89D5B2CE15A -- C:\WINDOWS\system32\kbdfc.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B0F5C8342B41FFD484725DFD7E0BE041 -- C:\WINDOWS\system32\kbdfi.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=6578885CF36382879BFA072EB38822D2 -- C:\WINDOWS\system32\kbdfi1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AE72FF8FE49F78838377417C22A92C79 -- C:\WINDOWS\system32\kbdfo.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=C39F03304E24BEADA6DCDE68C1B1269B -- C:\WINDOWS\system32\kbdfr.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=59A8A1F2CE28BDE79BF9018F56B642CC -- C:\WINDOWS\system32\kbdgae.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=A93447C87DDB6B1945F1F5F87EAB68DC -- C:\WINDOWS\system32\kbdgkl.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=3C1708C5C05910FE495D832C6536ED78 -- C:\WINDOWS\system32\kbdgr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=38430C6C194870363AD0CA3B7A18AC7F -- C:\WINDOWS\system32\kbdgr1.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=83C99B438B3D6DBE7B838DA783E173AC -- C:\WINDOWS\system32\kbdhe.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=1E81E1F3D5ACB3371CF73C1DE8F800BF -- C:\WINDOWS\system32\kbdhe220.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=AC81A176BA35D1D7A5CD53137F3160FE -- C:\WINDOWS\system32\kbdhe319.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=D26533FDF72381947F823882BBA4A196 -- C:\WINDOWS\system32\kbdhela2.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=F2312B8A76FD584ACD1D956688BEB6F8 -- C:\WINDOWS\system32\kbdhela3.dll
[2001.10.25 19:00:00 | 000,008,192 | R--- | M] (Microsoft Corporation) MD5=90CC52E8B52F0EC3A41D14FFBE789324 -- C:\WINDOWS\system32\kbdhept.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=CF92D95B5CB6649CB9D7E8D7616487A7 -- C:\WINDOWS\system32\kbdhu.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=F3D1EEC756847C70E65335E8CA1AE64B -- C:\WINDOWS\system32\kbdhu1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=2B83F3461F603D27C765C7BB87E8CD09 -- C:\WINDOWS\system32\kbdic.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B23F3284C95F67D91FDED1BB8642912E -- C:\WINDOWS\system32\kbdinbe1.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=0EE360FED0B779BFE4D72DD32D0C081B -- C:\WINDOWS\system32\kbdinben.dll
[2008.04.14 11:48:12 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=2E702A265D7D020C91AFF06869322561 -- C:\WINDOWS\system32\kbdinmal.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8396B49871EC9E8ED2DAB4341F2B328B -- C:\WINDOWS\system32\kbdir.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=1C62DA8649D73B0DAE915740FE8CF712 -- C:\WINDOWS\system32\kbdit.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=FBB785A6D701CF80DA84C2DEFDBE2D13 -- C:\WINDOWS\system32\kbdit142.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=D8A703E57209A0E544E6B80DB3DE6524 -- C:\WINDOWS\system32\kbdiultn.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=95D9106D39AB410A7F7EE513F181F84C -- C:\WINDOWS\system32\kbdkaz.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=8E6BEE6CA04B58BFD2863904A79C020D -- C:\WINDOWS\system32\kbdkyr.dll
[2001.10.25 19:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=A8470FE45FF308CE53828301976A13CB -- C:\WINDOWS\system32\kbdla.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=F5B3B152A1D2752BC88928EB1E031B7E -- C:\WINDOWS\system32\kbdlt.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=AF05A41DBD1B0424B5CB47092152C7F6 -- C:\WINDOWS\system32\kbdlt1.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=C047165ED75FF85DB5A89EFEE3DA1133 -- C:\WINDOWS\system32\kbdlv.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=27D72BCF2B495FCDA073DBA5F189D7A1 -- C:\WINDOWS\system32\kbdlv1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=885CA7AB8F34EC81493810C40A78DC83 -- C:\WINDOWS\system32\kbdmac.dll
[2008.04.14 11:48:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=DCC571DD4F1389FDBA192749521007DD -- C:\WINDOWS\system32\kbdmaori.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=D9A6108E68ADDD2F6308D9FE27ACEE1C -- C:\WINDOWS\system32\kbdmlt47.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=04D8E9F4B9FAA8A8D539592E9CFD3773 -- C:\WINDOWS\system32\kbdmlt48.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=27F33B66806481D822B12007B42AFD53 -- C:\WINDOWS\system32\kbdmon.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=140FE6CAE764C9E8ECCFCB21A19781C5 -- C:\WINDOWS\system32\kbdne.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=8F5874AE69B5E9A7E00A62B7907B697A -- C:\WINDOWS\system32\kbdnec.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=743E8FD3A30ABB931C48B21CA665B569 -- C:\WINDOWS\system32\kbdnepr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=3CBCE11B4B069939E091835694C0567B -- C:\WINDOWS\system32\kbdno.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=00B86A21BC0F2EDF2E8DA82AE934B563 -- C:\WINDOWS\system32\kbdno1.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=5BF5A37F3C46AAE166832E7E9D4B3123 -- C:\WINDOWS\system32\kbdpash.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=D199B05901C2407FC0F87444A24A4F3C -- C:\WINDOWS\system32\kbdpl.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=897663C8606357A8E86E57CDEA8EE219 -- C:\WINDOWS\system32\kbdpl1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=5713A519619FC93C30BF9AB23B14885A -- C:\WINDOWS\system32\kbdpo.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=C2E62748C875A310A6D5B10498238A68 -- C:\WINDOWS\system32\kbdro.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=C6F23BC1411E91C179B0635893BB40A1 -- C:\WINDOWS\system32\kbdru.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=B6E962B7AC1CB4A78876953D369BE6DD -- C:\WINDOWS\system32\kbdru1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=17733F6AF237E17C2F78528E4068B577 -- C:\WINDOWS\system32\kbdsf.dll
[2001.10.25 19:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=D157764B22473BB55635591DF347074C -- C:\WINDOWS\system32\kbdsg.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=DCCE231E5BDF1401AC0F770EE16902AA -- C:\WINDOWS\system32\kbdsl.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=93033C3EA80FB24B198B24DDECA07D4A -- C:\WINDOWS\system32\kbdsl1.dll
[2008.04.14 11:48:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=E5EDF3F2A1C9C55AB9B8781259D9755B -- C:\WINDOWS\system32\kbdsmsfi.dll
[2008.04.14 11:48:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6CBAFAAD2B5F506CCCD4C204019E587F -- C:\WINDOWS\system32\kbdsmsno.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=79D955C9BDDFD01A7C8D442322222F46 -- C:\WINDOWS\system32\kbdsp.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=28D0AE434F7A8E8B1185AA07DD71AC44 -- C:\WINDOWS\system32\kbdsw.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=F2D1EEF5ADCD5995C015AB3CB15C9415 -- C:\WINDOWS\system32\kbdtat.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=188E56B70419D8353B8D4F3E381D9E52 -- C:\WINDOWS\system32\kbdtuf.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=5D569F2951F878EF01D7723DC08682E9 -- C:\WINDOWS\system32\kbdtuq.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=DAB9952E3626D84E74CBF4958B1B1F52 -- C:\WINDOWS\system32\kbduk.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=BF954DAB2C7A3BD3058BAA3793CA6222 -- C:\WINDOWS\system32\kbdukx.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=3DDE3DC57C54452A313DC20F3019F8E3 -- C:\WINDOWS\system32\kbdur.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=56C5B179FE3308B655EB6208C3256FEC -- C:\WINDOWS\system32\kbdus.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=003D2FBF4C99C63FB1A3739D6F867090 -- C:\WINDOWS\system32\kbdusl.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=93AD90B3BC1F7FD5E333BE61DC010369 -- C:\WINDOWS\system32\kbdusr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ECC911343337D8AEE839A14F205AA12A -- C:\WINDOWS\system32\kbdusx.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=4F9CFFBF05831BB81833FC64A5329C36 -- C:\WINDOWS\system32\kbduzb.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=E5D4673C83271FEEE1ED73E1E281A42B -- C:\WINDOWS\system32\kbdycc.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=552221E92D6BF55F8358B927F00696C3 -- C:\WINDOWS\system32\kbdycl.dll
[2008.04.14 03:01:36 | 000,007,424 | ---- | M] (Microsoft Corporation) MD5=F59725CE3A1827B78DA01FBFB0A64005 -- C:\WINDOWS\system32\kd1394.dll
[2001.10.25 19:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) MD5=945FBB881AE927A44DFD96440F2F4F44 -- C:\WINDOWS\system32\kdcom.dll
[2001.10.25 19:00:00 | 000,009,035 | ---- | M] () MD5=A0D62056B9B494C09EE9AC6FD94E4074 -- C:\WINDOWS\system32\ansi.sys
[2001.10.25 19:00:00 | 000,027,097 | ---- | M] () MD5=0FE9F16075C9ACB941C957B7C649176E -- C:\WINDOWS\system32\country.sys
[2009.03.31 09:39:36 | 000,036,608 | ---- | M] () MD5=790A4CA68F44BE35967B3DF61F3E4675 -- C:\WINDOWS\system32\FsUsbExDisk.Sys
[2001.10.25 19:00:00 | 000,004,880 | ---- | M] () MD5=2DE9700B53CD22189CCAEE42246DF396 -- C:\WINDOWS\system32\himem.sys
[2001.10.25 19:00:00 | 000,042,809 | ---- | M] () MD5=582BCDD47CF4B68B5CB528F18E3CB808 -- C:\WINDOWS\system32\key01.sys
[2008.04.14 01:20:56 | 000,042,537 | ---- | M] () MD5=FBBCFEC1379C5C02D88A361993EDF1B8 -- C:\WINDOWS\system32\keyboard.sys
[2008.04.14 02:21:50 | 000,017,920 | ---- | M] (Your Corporation) MD5=1DC273A5F666D68907632F75EE7917DD -- C:\WINDOWS\system32\Ntaccess.sys
[2001.10.25 19:00:00 | 000,027,898 | ---- | M] () MD5=C1B822C0E789D22ADBFFE4FB3B2CEC7A -- C:\WINDOWS\system32\ntdos.sys
[2001.10.25 19:00:00 | 000,029,146 | ---- | M] () MD5=CF9ED169FF86D935E47999E82359E898 -- C:\WINDOWS\system32\ntdos404.sys
[2001.10.25 19:00:00 | 000,029,370 | ---- | M] () MD5=03B945AC0481CD8BB161C3569D8ED1C3 -- C:\WINDOWS\system32\ntdos411.sys
[2001.10.25 19:00:00 | 000,029,274 | ---- | M] () MD5=BBC957DC18C17CC027EB80B7C77F2AEA -- C:\WINDOWS\system32\ntdos412.sys
[2001.10.25 19:00:00 | 000,029,146 | ---- | M] () MD5=3CFFAEFFF23B0D208214A6D3061A5B1B -- C:\WINDOWS\system32\ntdos804.sys
[2008.04.14 01:19:48 | 000,033,904 | ---- | M] () MD5=8856178A5F96B98C55F3C7987F02F36B -- C:\WINDOWS\system32\ntio.sys
[2008.04.14 01:19:44 | 000,034,560 | ---- | M] () MD5=6F73F50162DEF60C84B725C18CD9140F -- C:\WINDOWS\system32\ntio404.sys
[2008.04.14 01:19:40 | 000,035,648 | ---- | M] () MD5=0FDD5E69C1FF3B58043D44F2CC743D45 -- C:\WINDOWS\system32\ntio411.sys
[2008.04.14 01:19:44 | 000,035,424 | ---- | M] () MD5=8842837C4D8311BF8E72BEE8CCC42217 -- C:\WINDOWS\system32\ntio412.sys
[2008.04.14 01:19:42 | 000,034,560 | ---- | M] () MD5=6B56CEB3C6F9D5CD7293DBD9FE23B311 -- C:\WINDOWS\system32\ntio804.sys
[2008.04.14 03:15:00 | 000,017,664 | ---- | M] (Microsoft Corporation) MD5=9A10AACBFDC4922715375FB4065EC930 -- C:\WINDOWS\system32\watchdog.sys
[2012.11.13 12:55:10 | 001,866,368 | ---- | M] (Microsoft Corporation) MD5=32FD45D6C42F15B888BA9E4840B26BE6 -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /md5 >
[2010.02.12 05:35:01 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=D76E9F5A991458A9F7E28395479B3150 -- C:\WINDOWS\system32\6to4svc.dll
[2001.10.25 19:00:00 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=E37DA3CBBA9DF81CD6DB3B717EEEF0ED -- C:\WINDOWS\system32\aaaamon.dll
[2008.04.14 11:51:36 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=0097E7143F3277A855B614CFA9C5A9D4 -- C:\WINDOWS\system32\aaclient.dll
[2001.10.25 19:00:00 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=97DCE3628947B0F846622EA90B115013 -- C:\WINDOWS\system32\acctres.dll
[2001.10.25 19:00:00 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=5F00FD001E9B2971F677CBD05B4D4CFF -- C:\WINDOWS\system32\acledit.dll
[2008.04.14 11:51:38 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=EBDC055F92A77340D363D44082482AF7 -- C:\WINDOWS\system32\aclui.dll
[2008.04.14 11:51:38 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=28217BEA16EC1790ADF5495BDCD03B35 -- C:\WINDOWS\system32\activeds.dll
[2008.04.14 11:51:38 | 000,098,304 | ---- | M] (Microsoft Corporation) MD5=508B8A0B72953469B3282A495CA6D482 -- C:\WINDOWS\system32\actxprxy.dll
[2009.03.08 04:32:56 | 000,072,704 | ---- | M] (Microsoft Corporation) MD5=6DB2CAE1A84068CEBA0E768BB5C29009 -- C:\WINDOWS\system32\admparse.dll
[2001.10.25 19:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=E1EDE7B582436565034204FA2A54E3F5 -- C:\WINDOWS\system32\adptif.dll
[2008.04.14 11:51:38 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=D95D91A67D4B73D0E5A7C29F91793D33 -- C:\WINDOWS\system32\adsldp.dll
[2008.04.14 11:51:38 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=B88893C7FB9671C84DBF6400CD2170CD -- C:\WINDOWS\system32\adsldpc.dll
[2008.04.14 11:51:38 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=BD1423117D1F2C93CBF7565421966B8E -- C:\WINDOWS\system32\adsmsext.dll
[2001.10.25 19:00:00 | 000,162,304 | ---- | M] (Microsoft Corporation) MD5=8ED684735C8610E887A7BAE2442B5FDE -- C:\WINDOWS\system32\adsnds.dll
[2008.04.14 11:51:38 | 000,263,680 | ---- | M] (Microsoft Corporation) MD5=42B0246C08FE46774E0E23C00824DFFC -- C:\WINDOWS\system32\adsnt.dll
[2008.04.14 11:51:38 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=40100FD6351B337C9B7C66005F0C0134 -- C:\WINDOWS\system32\adsnw.dll
[2009.02.09 11:56:05 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=0171CFF34BBA8C5977F18C48D8AEF8C6 -- C:\WINDOWS\system32\advapi32.dll
[2009.03.08 04:32:48 | 000,128,512 | ---- | M] (Microsoft Corporation) MD5=8FED1E0A491D4990853D23F21C59C730 -- C:\WINDOWS\system32\advpack.dll
[2008.04.14 11:51:38 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=E0A6FA244B8624D78FE5FF6F56A33BAE -- C:\WINDOWS\system32\alrsvc.dll
[2008.04.14 11:51:38 | 000,070,656 | ---- | M] () MD5=0F071004BEE60743E887550FC298C3DE -- C:\WINDOWS\system32\amstream.dll
[2001.10.25 19:00:00 | 000,102,912 | ---- | M] (Microsoft Corporation) MD5=B4EC770C5E4B4BDB3DB41F2BABA45321 -- C:\WINDOWS\system32\apcups.dll
[2008.04.14 11:51:38 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=11882C729C6B2E2E045F8B93BDB69295 -- C:\WINDOWS\system32\apphelp.dll
[2008.04.14 11:51:38 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=6B8E7A90E576D4FE308F97C69060A171 -- C:\WINDOWS\system32\appmgmts.dll
[2008.04.14 11:51:38 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=25F783627FC2E9A667F07EF019A98DBE -- C:\WINDOWS\system32\appmgr.dll
[2008.04.27 14:19:30 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=209A8C29E633276A64F43D26EDE54456 -- C:\WINDOWS\system32\asferror.dll
[2010.03.05 15:42:09 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=B467FBA0BE03649B8C3416362DC9D910 -- C:\WINDOWS\system32\asycfilt.dll
[2001.10.25 19:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=4C0523315AEADA87DC6FD2F308CC51AC -- C:\WINDOWS\system32\atkctrs.dll
[2009.07.17 20:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AC531D7E51B7B5FB52D7585935222DE6 -- C:\WINDOWS\system32\atl.dll
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) MD5=C11D10A3C164AC222BC9AAB3650A88B3 -- C:\WINDOWS\system32\atmfd.dll
[2008.04.14 11:51:38 | 000,030,208 | ---- | M] (Adobe Systems) MD5=31385658D16F50715D6F825FA07CE872 -- C:\WINDOWS\system32\atmlib.dll
[2001.10.25 19:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=0604C35EAA2C7CDDBEE606C910237BA8 -- C:\WINDOWS\system32\atmpvcno.dll
[2001.10.25 19:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=0262C9C910167F1117CF74923EA1F443 -- C:\WINDOWS\system32\atrace.dll
[2008.04.27 14:19:02 | 000,276,992 | ---- | M] (Microsoft Corporation) MD5=4C48F1B30A82583CAEE0DA02DD7259EE -- C:\WINDOWS\system32\audiodev.dll
[2008.04.14 11:51:38 | 000,042,496 | ---- | M] (Microsoft Corporation) MD5=DE31B88962A8645DBA5A37B993E7B0F1 -- C:\WINDOWS\system32\audiosrv.dll
[2008.04.14 11:51:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=DEA06DA25BB393E0A69C6E71BE5681DC -- C:\WINDOWS\system32\authz.dll
[2001.10.25 19:00:00 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=CC216AD11703B444B5D7EF64FEF3A4F7 -- C:\WINDOWS\system32\autodisc.dll
[2001.10.25 19:00:00 | 000,070,272 | ---- | M] (Microsoft Corporation) MD5=ADC26F33E41434D781824E8A9B65B247 -- C:\WINDOWS\system32\avicap.dll
[2001.10.25 19:00:00 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=3AEDA2898ED4A0EDF6A2626AB6EFD26F -- C:\WINDOWS\system32\avicap32.dll
[2009.11.27 17:09:42 | 000,084,992 | ---- | M] (Microsoft Corporation) MD5=E0D95FEA7F12175A77E08AB8D52359A4 -- C:\WINDOWS\system32\avifil32.dll
[2001.10.25 19:00:00 | 000,109,456 | ---- | M] (Microsoft Corporation) MD5=CC574ADC56476DA2B9EC6F3697D25AA6 -- C:\WINDOWS\system32\avifile.dll
[2001.10.25 19:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=02DED0C91B39C6DB2D14A1F905CD5C07 -- C:\WINDOWS\system32\avmeter.dll
[2001.10.25 19:00:00 | 000,228,864 | ---- | M] (Microsoft Corporation) MD5=1E8E1C74507878833C6B0DBC6674A3A7 -- C:\WINDOWS\system32\avtapi.dll
[2001.10.25 19:00:00 | 000,073,216 | ---- | M] (Microsoft Corporation) MD5=EB9BEA5F8864E40A51D71937A178A577 -- C:\WINDOWS\system32\avwav.dll
[2008.04.14 11:51:38 | 000,233,472 | ---- | M] (Microsoft Corporation) MD5=073E0E71D9200CD05E08E227ACA3B24A -- C:\WINDOWS\system32\azroles.dll
[2008.04.14 11:51:38 | 000,052,736 | ---- | M] (Microsoft Corporation) MD5=F36278E42C8C5DF03CE17DAC8231C91C -- C:\WINDOWS\system32\basesrv.dll
[2008.04.14 11:51:38 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=E868299439DCBFD5117A2FEB90217C84 -- C:\WINDOWS\system32\batmeter.dll
[2008.04.14 11:51:38 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=83FE9014478DF98905DF268CE421732D -- C:\WINDOWS\system32\batt.dll
[2008.04.14 11:51:38 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=90549E8A74806EDBD0E6495FD3867BC5 -- C:\WINDOWS\system32\bidispl.dll
[2008.04.14 11:51:38 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=86278AFE565DF6C70C249AC9E18905B0 -- C:\WINDOWS\system32\bitsprx2.dll
[2008.04.14 11:51:38 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=21163275699B2EEB43889F5C90E239BE -- C:\WINDOWS\system32\bitsprx3.dll
[2008.04.14 11:51:38 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=B1EA6F52633E1BA24354CD0EFDA25B0A -- C:\WINDOWS\system32\bitsprx4.dll
[2008.04.27 14:19:30 | 000,542,720 | ---- | M] (Microsoft Corporation) MD5=CA4603AB0CB1C86736302BAA0AB5177C -- C:\WINDOWS\system32\blackbox.dll
[2001.10.25 19:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=CC306BF581446D5E443EAE5B3BB900F0 -- C:\WINDOWS\system32\bootvid.dll
[2008.04.14 10:44:44 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=C73590BBD367FF6F45D3457D2C4CC169 -- C:\WINDOWS\system32\browselc.dll
[2012.07.06 14:58:55 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=89E739BBA5F636297EA5B5F811189E06 -- C:\WINDOWS\system32\browser.dll
[2008.04.14 11:51:38 | 001,025,024 | ---- | M] (Společnost Microsoft) MD5=E45ECB5A023F77F813CD0DFF92699B76 -- C:\WINDOWS\system32\browseui.dll
[2008.04.14 11:51:38 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=73F3413997E3E1B9C17C23F95E8944CE -- C:\WINDOWS\system32\browsewm.dll
[2008.04.14 07:51:38 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=4E8F87A600FB3E27D117593AB8D7C6D9 -- C:\WINDOWS\system32\bthci.dll
[2008.04.14 07:51:38 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=70CA4B3F634C9DCA200832F8DA76E009 -- C:\WINDOWS\system32\bthserv.dll
[2008.04.14 11:51:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=15D2E25BEEA853A1CF69CB20F8940303 -- C:\WINDOWS\system32\btpanui.dll
[2008.04.14 11:51:38 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=8702CD069DE8F6B527E92CF55F78D5D2 -- C:\WINDOWS\system32\cabinet.dll
[2010.01.13 15:02:00 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=1D007155DE39C109A08F925B3C724087 -- C:\WINDOWS\system32\cabview.dll
[2008.04.14 11:51:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=2CD6E3FF5AC8D0F9DD9A5B332E95F977 -- C:\WINDOWS\system32\camocx.dll
[2008.04.14 11:51:38 | 000,151,040 | ---- | M] (Microsoft Corporation) MD5=941460A7836FB892136C2A4DC5377072 -- C:\WINDOWS\system32\capesnpn.dll
[2001.10.25 19:00:00 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=AB0A0B1502621A7C729204F5C0964041 -- C:\WINDOWS\system32\cards.dll
[2008.04.14 11:51:38 | 000,226,304 | ---- | M] (Microsoft Corporation) MD5=75C9F0430807CF68D7EAD7F4A877869D -- C:\WINDOWS\system32\catsrv.dll
[2008.04.14 11:51:38 | 000,085,504 | ---- | M] (Microsoft Corporation) MD5=8849D48CA8E28B3098A0FF4586FDD876 -- C:\WINDOWS\system32\catsrvps.dll
[2008.04.14 11:51:38 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=BB21277B582BB7228C39E02CEB633AEA -- C:\WINDOWS\system32\catsrvut.dll
[2001.10.25 19:00:00 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=0562BEC025B5FFED301DA16E30DFA5B0 -- C:\WINDOWS\system32\ccfgnt.dll
[2008.04.14 11:51:38 | 000,151,552 | ---- | M] (Microsoft Corporation) MD5=A83C8D4BFD247FC61E543E870A019032 -- C:\WINDOWS\system32\cdfview.dll
[2012.06.02 14:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) MD5=818ABC21117E07A8A03E9F32E0E388B5 -- C:\WINDOWS\system32\cdm.dll
[2001.10.25 19:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3087166B7C6FE4F3208FDFB037147218 -- C:\WINDOWS\system32\cdmodem.dll
[2008.04.14 11:51:38 | 002,091,520 | ---- | M] (Microsoft Corporation) MD5=30A02A8DA73EBA479930E0473C0FF486 -- C:\WINDOWS\system32\cdosys.dll
[2008.04.14 11:51:38 | 000,196,096 | ---- | M] (Microsoft Corporation) MD5=7BF2BC7728F77838E195743E76727F7B -- C:\WINDOWS\system32\certcli.dll
[2008.04.14 11:51:40 | 000,460,800 | ---- | M] (Microsoft Corporation) MD5=90F297FB739846A77B724D744C0B7BBC -- C:\WINDOWS\system32\certmgr.dll
[2008.04.27 14:19:30 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=402C9D2691AE7B2A8EFDDED9124203B7 -- C:\WINDOWS\system32\cewmdm.dll
[2008.04.14 11:51:40 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=84432993C8A29E98F85394C6BDB309D3 -- C:\WINDOWS\system32\cfgbkend.dll
[2008.04.14 11:38:20 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=F23EB535F0834B3B1E0CDD16DB4ED7A1 -- C:\WINDOWS\system32\cfgmgr32.dll
[2001.10.25 19:00:00 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=DAB03B6BA2E8C7AB75C9187754F45A7C -- C:\WINDOWS\system32\ciadmin.dll
[2008.04.14 11:51:40 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=254F8ECCF9DB3AEEFB5B027AFEA632A7 -- C:\WINDOWS\system32\cic.dll
[2008.04.14 11:51:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=C673C307BA9C3A48265F578DC99F0D6D -- C:\WINDOWS\system32\ciodm.dll
[2001.10.25 19:00:00 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=A4CDADF8BE9ED5C66DC84D74BEF66A4A -- C:\WINDOWS\system32\clb.dll
[2008.04.14 11:51:40 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=CD74923E8249896FD33E55A1C95F3C1F -- C:\WINDOWS\system32\clbcatex.dll
[2008.04.14 11:51:40 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=66DF63A7BAE72033C2E7E9B60A20E05C -- C:\WINDOWS\system32\clbcatq.dll
[2008.04.14 11:51:40 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=C9C771FFB90750B90FD33A1543BE27F4 -- C:\WINDOWS\system32\cliconfg.dll
[2008.04.14 11:51:40 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=F0A0997640611EB605A122023FE47204 -- C:\WINDOWS\system32\clusapi.dll
[2008.04.14 11:51:40 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=DBD64205545047B0F5D475F0092AC89A -- C:\WINDOWS\system32\cmcfg32.dll
[2008.04.14 11:51:40 | 000,346,624 | ---- | M] (Microsoft Corporation) MD5=CF8EFEED513F751546EA0BF88900D4AD -- C:\WINDOWS\system32\cmdial32.dll
[2001.10.25 19:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=76DD2962B83AF7F0065423D661B6F1A5 -- C:\WINDOWS\system32\cmpbk32.dll
[2008.04.14 11:51:40 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=1BB5DAC609F2F768A2DB4513240867F5 -- C:\WINDOWS\system32\cmprops.dll
[2008.04.14 11:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=127945E58C0BC5B99B837A659B6DC1E6 -- C:\WINDOWS\system32\cmsetACL.dll
[2008.04.14 11:51:40 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=2F5B3BB54ED190FACF4D016F5C41CE68 -- C:\WINDOWS\system32\cmutil.dll
[2008.04.27 13:22:26 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=EDB3D87983DA77A0A4CFA046C8BCE5CA -- C:\WINDOWS\system32\cnbjmon.dll
[2001.10.25 19:00:00 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=4EC599B15DA23FE62DCF3105589BFA39 -- C:\WINDOWS\system32\cnetcfg.dll
[2001.10.25 19:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6521ED584C3E12BECFE7D7F8E81BB695 -- C:\WINDOWS\system32\cnvfat.dll
[2008.04.14 11:51:40 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=0892B57DC527FCED9FB02F2E6343C5FF -- C:\WINDOWS\system32\colbact.dll
[2008.04.14 11:51:40 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=071CFFA2446CC6D314AF05B007CF994F -- C:\WINDOWS\system32\comaddin.dll
[2001.10.25 19:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) MD5=8511E433FB0E0EA5D62E94E50CF1CF9B -- C:\WINDOWS\system32\comcat.dll
[2010.08.23 17:12:35 | 000,617,472 | ---- | M] (Microsoft Corporation) MD5=E145ADD7DAEF759C4F5FB80A180A9C30 -- C:\WINDOWS\system32\comctl32.dll
[2008.04.14 11:51:40 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=D6F092E2D661AD284D34189B78FE08E6 -- C:\WINDOWS\system32\comdlg32.dll
[2001.10.25 19:00:00 | 000,033,040 | ---- | M] (Microsoft Corporation) MD5=46576BBC68050ECB3B70BE8EA1FDF5CB -- C:\WINDOWS\system32\commdlg.dll
[2008.04.14 11:51:40 | 000,253,440 | ---- | M] () MD5=AB34EF0BA85F7FC63C77B36EF5578C0F -- C:\WINDOWS\system32\compatUI.dll
[2001.10.25 19:00:00 | 000,030,160 | ---- | M] (Microsoft Corporation) MD5=40F9FC896B2BA69FDC04D75E9D00DD01 -- C:\WINDOWS\system32\compobj.dll
[2008.04.14 11:51:40 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=20670523A556E12B15BB7F670FE817BD -- C:\WINDOWS\system32\compstui.dll
[2008.04.14 11:51:40 | 000,097,792 | ---- | M] (Microsoft Corporation) MD5=776AB9308D6A2004A7115F9ECC57D6CA -- C:\WINDOWS\system32\comrepl.dll
[2008.04.14 11:51:40 | 000,806,912 | ---- | M] (Microsoft Corporation) MD5=E7B375DFFB68A16659CA66474A280C47 -- C:\WINDOWS\system32\comres.dll
[2008.04.14 11:51:40 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AAFF743AFCBD29B59DF61FDD3EA71015 -- C:\WINDOWS\system32\comsnap.dll
[2008.04.14 11:51:40 | 001,267,200 | ---- | M] (Microsoft Corporation) MD5=48D065081DC8666764A903952AD6FB80 -- C:\WINDOWS\system32\comsvcs.dll
[2008.04.14 11:38:58 | 000,539,648 | ---- | M] (Microsoft Corporation) MD5=43A605F5BA233BC3C76BFC7A3ABDC441 -- C:\WINDOWS\system32\comuid.dll
[2008.04.14 11:51:40 | 000,358,400 | ---- | M] (Microsoft Corporation) MD5=C460B9FA682B4A25DE5ABE6207A773F8 -- C:\WINDOWS\system32\confmsp.dll
[2001.10.25 19:00:00 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=6497B3454028C916A3672A7A5FB01A55 -- C:\WINDOWS\system32\console.dll
[2009.03.08 04:33:40 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8FCF03E4D7BE9B5587CCF11719959006 -- C:\WINDOWS\system32\corpol.dll
[2008.04.14 11:51:40 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=5B885D923D5BD8D575F19F31FA7D8B50 -- C:\WINDOWS\system32\credssp.dll
[2008.04.14 11:51:40 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=1D37681166E7B0AE1FABF5676439F924 -- C:\WINDOWS\system32\credui.dll
[2001.10.25 19:00:00 | 000,149,019 | ---- | M] (Microsoft Corporation) MD5=EC847B708A3CB3687989C5AA7A21D9E6 -- C:\WINDOWS\system32\crtdll.dll
[2012.06.01 17:50:13 | 000,604,160 | ---- | M] (Microsoft Corporation) MD5=D9E559D292CCF9531FB1A1A20F04432A -- C:\WINDOWS\system32\crypt32.dll
[2008.04.14 11:51:40 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=EBDD54F4F81658569458E940AB6F875E -- C:\WINDOWS\system32\cryptdlg.dll
[2008.04.14 11:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=6A9BDF7029BD29FBF3BE6EE6CD768013 -- C:\WINDOWS\system32\cryptdll.dll
[2008.04.14 11:51:40 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=1A10B0ECE239954B352610396986B156 -- C:\WINDOWS\system32\cryptext.dll
[2008.04.14 11:51:40 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=47E827EB2C26A383AD16BF80C0FCA8FA -- C:\WINDOWS\system32\cryptnet.dll
[2008.04.14 11:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 11:51:40 | 000,515,584 | ---- | M] (Microsoft Corporation) MD5=F37A3D11450C4BA9BD862DFF7451728C -- C:\WINDOWS\system32\cryptui.dll
[2008.04.14 11:51:40 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=616A0CC9DA2BAA008306EEA895F8BC0F -- C:\WINDOWS\system32\cscdll.dll
[2008.04.14 11:51:40 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=65DDCE6C4F63C6AAC3D99EFBA4C1E9C4 -- C:\WINDOWS\system32\cscui.dll
[2011.10.28 06:32:18 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=CE440A5DEB0861CC621A6A704EBB1E71 -- C:\WINDOWS\system32\csrsrv.dll
[2001.10.25 19:00:00 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=0085925715B7349B58DDCA7CFDA2668B -- C:\WINDOWS\system32\csseqchk.dll
[2001.10.25 19:00:00 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=17EA3CB4C7480938915A0CA3E8D01672 -- C:\WINDOWS\system32\ctl3d32.dll
[2001.10.25 19:00:00 | 000,027,200 | ---- | M] (Microsoft Corporation) MD5=637D88E7A1BEDC4457C80DBC8BA9F135 -- C:\WINDOWS\system32\ctl3dv2.dll
[2008.04.14 11:51:40 | 001,179,648 | ---- | M] (Microsoft Corporation) MD5=0B5EAD900C1FA4ED9CCE4C1752DF9C35 -- C:\WINDOWS\system32\d3d8.dll
[2008.04.14 11:51:40 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=9C2859570CDF9A161B31A886051FDC3E -- C:\WINDOWS\system32\d3d8thk.dll
[2008.04.14 11:51:40 | 001,689,088 | ---- | M] (Microsoft Corporation) MD5=3B8AE11A3419DF8239183E94888702FA -- C:\WINDOWS\system32\d3d9.dll
[2001.10.25 19:00:00 | 000,436,224 | ---- | M] (Microsoft Corporation) MD5=F5AC66458E8FFDBDFCE6697302001B46 -- C:\WINDOWS\system32\d3dim.dll
[2008.04.14 11:51:40 | 000,824,320 | ---- | M] (Microsoft Corporation) MD5=B52252D209CBB7C5C72E24F09F159FDA -- C:\WINDOWS\system32\d3dim700.dll
[2001.10.25 19:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=F0B54C6C141EF0B6D9DDCB1437FF1F44 -- C:\WINDOWS\system32\d3dpmesh.dll
[2001.10.25 19:00:00 | 000,590,336 | ---- | M] (Microsoft Corporation) MD5=D0C76D4BA41FEEFCF63B6C2047374CFD -- C:\WINDOWS\system32\d3dramp.dll
[2001.10.25 19:00:00 | 000,350,208 | ---- | M] (Microsoft Corporation) MD5=82F4F645939737D4778CA161478E415C -- C:\WINDOWS\system32\d3drm.dll
[2001.10.25 19:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=429A9BBCFF98C7F174ECD9AE65D9D82B -- C:\WINDOWS\system32\d3dxof.dll
[2008.04.14 11:51:40 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=956DA230A0F11BFE4964795BFC7C08CF -- C:\WINDOWS\system32\danim.dll
[2008.04.14 11:51:40 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=F5EB8465F1684F001E37547989D8CFDC -- C:\WINDOWS\system32\dataclen.dll
[2008.04.14 11:51:40 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=C0A5566702B185920997B3DA1833A37C -- C:\WINDOWS\system32\datime.dll
[2008.04.14 11:51:40 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=2B50EA34CBCFAB1B71E66EAFC1F9AB8C -- C:\WINDOWS\system32\davclnt.dll
[2001.10.25 19:00:00 | 000,847,872 | ---- | M] (Microsoft Corporation) MD5=19DA62D84D0FC3A04B6D8704C56049E8 -- C:\WINDOWS\system32\dbgeng.dll
[2008.04.14 11:51:40 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=63C065DAF6710E33DA7976BBDF77CAFC -- C:\WINDOWS\system32\dbghelp.dll
[2008.04.14 11:51:40 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=4F3F89A4D10427BC2FE856B6E0633373 -- C:\WINDOWS\system32\dbmsrpcn.dll
[2008.04.14 11:51:40 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4724343152F548DC68B21022653A0C4C -- C:\WINDOWS\system32\dbnetlib.dll
[2008.04.14 11:51:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=E16F809C2645ABD72ED4D6605A1E4E34 -- C:\WINDOWS\system32\dbnmpntw.dll
[2008.04.14 11:51:40 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=3F3135D4015FD9FEF531CCF8DC4E4FD4 -- C:\WINDOWS\system32\dciman32.dll
[2001.10.25 19:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=CCF9CD57A7E06E13E3F84911CD82DA3A -- C:\WINDOWS\system32\ddeml.dll
[2008.04.14 11:51:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=EDAD701F01FFD9B5799B8FCF1CF6BDA7 -- C:\WINDOWS\system32\ddraw.dll
[2008.04.14 11:51:40 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=E6BA5A680CBEC0D04DDDBE8A950C5664 -- C:\WINDOWS\system32\ddrawex.dll
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) MD5=0686CD90E881F84A2950951A305443E7 -- C:\WINDOWS\system32\deployJava1.dll
[2001.10.25 19:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=B863AABB648A5940121FA6325A0E000E -- C:\WINDOWS\system32\deskadp.dll
[2001.10.25 19:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=9B4DBFD1256E09C45494D9622995633C -- C:\WINDOWS\system32\deskmon.dll
[2001.10.25 19:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=4996DCF939FF146240F39F0D915194D6 -- C:\WINDOWS\system32\deskperf.dll
[2008.04.14 11:51:40 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=EB75522B353F5C141B1B1F1C5940E9DB -- C:\WINDOWS\system32\devenum.dll
[2008.04.14 11:51:40 | 000,283,648 | ---- | M] (Microsoft Corporation) MD5=7EAEB8FBD9B69E393521759CE4C79F9C -- C:\WINDOWS\system32\devmgr.dll
[2001.10.25 19:00:00 | 000,053,760 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) MD5=8FCC7284930FD714352DED243D426492 -- C:\WINDOWS\system32\dfrgres.dll
[2008.04.14 11:51:40 | 000,039,424 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) MD5=5CD3911FA60CF4425C372A8F96EA1AF9 -- C:\WINDOWS\system32\dfrgsnap.dll
[2008.04.14 11:51:40 | 000,124,416 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) MD5=E028E19305A42CCE1A51451B499E68E7 -- C:\WINDOWS\system32\dfrgui.dll
[2009.11.07 00:06:46 | 001,130,824 | ---- | M] (Microsoft Corporation) MD5=41E107E57DD21B2A119709F0BB8CE576 -- C:\WINDOWS\system32\dfshim.dll
[2008.04.14 11:51:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=60D47B50393F0C660A5AAF4ACB984BAC -- C:\WINDOWS\system32\dfsshlex.dll
[2008.04.14 11:51:40 | 000,113,664 | ---- | M] (Microsoft) MD5=D6829B55D55956FDBB13A9FB0B0852B7 -- C:\WINDOWS\system32\dgnet.dll
[2001.10.25 19:00:00 | 000,176,157 | ---- | M] (Digi International, Inc.) MD5=3B44B34F5BBFB1BD8061C67F6D03E89B -- C:\WINDOWS\system32\dgrpsetu.dll
[2001.10.25 19:00:00 | 000,085,020 | ---- | M] (Digi International) MD5=663C8F086E9E1468BCA4AB24BFE688D9 -- C:\WINDOWS\system32\dgsetup.dll
[2008.04.14 11:51:40 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=8C9A53E285AC5E6704844D0459EC85BE -- C:\WINDOWS\system32\dhcpcsvc.dll
[2008.04.14 11:51:40 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=FE9A7A687B9D41097E3A3A3EC6F36201 -- C:\WINDOWS\system32\dhcpmon.dll
[2008.04.14 11:51:40 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=F8D32B7AD69453549C2BD7014F2BACE7 -- C:\WINDOWS\system32\dhcpqec.dll
[2001.10.25 19:00:00 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=32B351296F61664114DC0CC8DE2C7AF9 -- C:\WINDOWS\system32\dhcpsapi.dll
[2001.10.25 19:00:00 | 000,394,752 | ---- | M] (Microsoft Corporation) MD5=B1AA013BF28C6BC68DD8352545AF8DE2 -- C:\WINDOWS\system32\diactfrm.dll
[2008.04.14 11:51:40 | 000,068,608 | ---- | M] (Microsoft Corporation) MD5=50EAEE3F7F79A3206311AD09CB6EE2F1 -- C:\WINDOWS\system32\digest.dll
[2001.10.25 19:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=4CC2BE820AF6C1D3BF6D3BC7806CA1DB -- C:\WINDOWS\system32\dimap.dll
[2008.04.14 11:51:40 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=883E504885373DCC08DFEF30A10E4F12 -- C:\WINDOWS\system32\dimsntfy.dll
[2008.04.14 11:51:40 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=B5415C64D1AAE6917B336D27CD357689 -- C:\WINDOWS\system32\dimsroam.dll
[2008.04.14 11:51:40 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=B732D7E1C442CDBB65A2DA7BAC3580F0 -- C:\WINDOWS\system32\dinput.dll
[2008.04.14 11:51:40 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B660287C9B39EB864B10A73C743D4BAF -- C:\WINDOWS\system32\dinput8.dll
[2008.04.14 11:51:40 | 001,504,768 | ---- | M] (Microsoft Corporation) MD5=86625CA0D28D7D35DB1C843A3C13411E -- C:\WINDOWS\system32\diskcopy.dll
[2008.04.14 11:51:40 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=5B48D34A1541169DD8A3CFEF544CAA8B -- C:\WINDOWS\system32\dispex.dll
[2008.04.14 11:51:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=36B50CFB4AE7C78FEA1472AC13B4FD70 -- C:\WINDOWS\system32\dmband.dll
[2008.04.14 11:51:40 | 000,061,440 | ---- | M] (Microsoft Corporation) MD5=48AB816C295215E4CC7638E281A48FC5 -- C:\WINDOWS\system32\dmcompos.dll
[2001.10.25 19:00:00 | 000,330,752 | ---- | M] (Microsoft Corp., Veritas Software) MD5=2919DAF4AAA4FC4CFB64DD27364FD2A8 -- C:\WINDOWS\system32\dmconfig.dll
[2008.04.14 11:51:40 | 000,285,184 | ---- | M] (Microsoft Corp.) MD5=40A5AD58971D2FE01E739E4F98DCDEF5 -- C:\WINDOWS\system32\dmdlgs.dll
[2008.04.14 11:51:40 | 000,200,704 | ---- | M] (Microsoft Corp.) MD5=6D223388F107CE2B4F58D15FB870E3FB -- C:\WINDOWS\system32\dmdskmgr.dll
[2001.10.25 19:00:00 | 000,118,784 | ---- | M] (Microsoft Corp.) MD5=0D2C18ACB665624C152A82A0951560D5 -- C:\WINDOWS\system32\dmdskres.dll
[2008.04.14 11:51:40 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=FB12806AAE8627439459780BB8A784BD -- C:\WINDOWS\system32\dmime.dll
[2001.10.25 19:00:00 | 000,018,432 | ---- | M] (Microsoft Corp.) MD5=AC362721CCF916AB65F14E6FB20BFBE2 -- C:\WINDOWS\system32\dmintf.dll
[2008.04.14 11:51:40 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=2C17EBA3FBA3D86149D96C975F0D8B68 -- C:\WINDOWS\system32\dmloader.dll
[2001.10.25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=5847237C0CFDCED02ECA1C77EF56F200 -- C:\WINDOWS\system32\dmocx.dll
[2008.04.14 11:51:40 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=F9CFCCC83C6F8F2088D9143268937ACF -- C:\WINDOWS\system32\dmscript.dll
[2008.04.14 11:51:40 | 000,024,064 | ---- | M] (Microsoft Corp.) MD5=2BFEFE9E865655A76982F050450B9591 -- C:\WINDOWS\system32\dmserver.dll
[2008.04.14 11:51:40 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=E22EFFB6B8FFA89920414DE68974A24B -- C:\WINDOWS\system32\dmstyle.dll
[2008.04.14 11:51:40 | 000,103,424 | ---- | M] (Microsoft Corporation) MD5=1371D287924F8A025FBC3C9CA419B6BE -- C:\WINDOWS\system32\dmsynth.dll
[2008.04.14 11:51:40 | 000,104,448 | ---- | M] (Microsoft Corporation) MD5=3626013731DE00AC8AFC46ADA16EE44D -- C:\WINDOWS\system32\dmusic.dll
[2008.04.27 13:22:26 | 000,051,200 | ---- | M] (Microsoft Corp.) MD5=B3D45350DB6A5E7BE57DCFAE586ED31F -- C:\WINDOWS\system32\dmutil.dll
[2011.03.03 07:54:55 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=443FA2B9D23DAA57077A670E7B14052A -- C:\WINDOWS\system32\dnsapi.dll
[2009.04.20 18:19:42 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=DFAA406BF19F4EE806A6F8D4342137F7 -- C:\WINDOWS\system32\dnsrslvr.dll
[2001.10.25 19:00:00 | 000,046,080 | ---- | M] (Microsoft Corporation) MD5=AC942D420F3EE3571D6E6D5A9AAD4614 -- C:\WINDOWS\system32\docprop.dll
[2008.04.14 11:51:40 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=515F6C95C6960BAF6BC450B0C022DEA5 -- C:\WINDOWS\system32\docprop2.dll
[2008.04.14 11:51:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6011D2787CD0CE16CE6E40C30F13F6F8 -- C:\WINDOWS\system32\dot3api.dll
[2008.04.14 11:51:40 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=69CE634380DB3684C49A7E870F6629CB -- C:\WINDOWS\system32\dot3cfg.dll
[2008.04.14 11:51:40 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=C9AFEA3C13B62701FAE571D8466EB5F6 -- C:\WINDOWS\system32\dot3dlg.dll
[2008.04.14 11:51:40 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=FAD7301867D33E9779B3BD6F08158FE6 -- C:\WINDOWS\system32\dot3gpclnt.dll
[2008.04.14 11:51:40 | 000,056,320 | ---- | M] (Společnost Microsoft) MD5=0E87BAAE073546A4B5DF73EFF4BDA70B -- C:\WINDOWS\system32\dot3msm.dll
[2008.04.14 11:51:40 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=4A3E2BD20157A0946751229E92EB8621 -- C:\WINDOWS\system32\dot3svc.dll
[2008.04.14 11:51:40 | 000,651,264 | ---- | M] (Microsoft Corporation) MD5=43C760FFE0E6A6D225E77C417C5C59B4 -- C:\WINDOWS\system32\dot3ui.dll
[2008.04.14 11:49:50 | 000,102,912 | ---- | M] (Microsoft Corporation) MD5=14E87D5268FFA7F6BF6DC33B40A37866 -- C:\WINDOWS\system32\dpcdll.dll
[2001.10.25 19:00:00 | 000,033,040 | ---- | M] (Společnost Microsoft) MD5=3B6007EC4304AFF73C65F6E2A2129063 -- C:\WINDOWS\system32\dplay.dll
[2008.04.14 11:51:40 | 000,229,888 | ---- | M] (Microsoft Corporation) MD5=5419E85334A40313C801797BC451728C -- C:\WINDOWS\system32\dplayx.dll
[2008.04.14 11:51:40 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=F1AF886AA05F3BC31BE81B7BC0837AAC -- C:\WINDOWS\system32\dpmodemx.dll
[2008.04.14 11:41:00 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=001AC7A00E421F42051688A4B0DCB9F5 -- C:\WINDOWS\system32\dpnaddr.dll
[2012.11.02 03:03:56 | 000,375,296 | ---- | M] (Microsoft Corporation) MD5=5065F7B30B1E2B221887F13A559A901B -- C:\WINDOWS\system32\dpnet.dll
[2008.04.14 11:51:40 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=6A8EDDA4987CF04A4B0CD7F536A0B379 -- C:\WINDOWS\system32\dpnhpast.dll
[2008.04.14 11:51:40 | 000,060,928 | ---- | M] (Microsoft Corporation) MD5=47B073160FF6A8BBD34E06E2AF3A3F02 -- C:\WINDOWS\system32\dpnhupnp.dll
[2008.04.14 11:41:02 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=3D09952D26D7293307BCF37A456B286B -- C:\WINDOWS\system32\dpnlobby.dll
[2001.10.25 19:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=DA6F8E4A326E0E1EA80CEA7DCA669657 -- C:\WINDOWS\system32\dpnmodem.dll
[2001.10.25 19:00:00 | 000,061,952 | ---- | M] (Microsoft Corporation) MD5=17B27EA7F9F37B6F3965468A770604D1 -- C:\WINDOWS\system32\dpnwsock.dll
[2001.10.25 19:00:00 | 000,053,520 | ---- | M] (Společnost Microsoft) MD5=00AF4BF49E1265642040DAF5B73DEDC7 -- C:\WINDOWS\system32\dpserial.dll
[2008.04.14 11:51:40 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=576704FC4724A1FB52BDBA7919A36805 -- C:\WINDOWS\system32\dpvacm.dll
[2008.04.14 11:51:40 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=16C6EE2C5E8E432524256DC7038AFE7C -- C:\WINDOWS\system32\dpvoice.dll
[2008.04.14 11:51:40 | 000,116,736 | ---- | M] (Microsoft Corporation) MD5=D2DE619A95EE3D37E907219CFD86EC8F -- C:\WINDOWS\system32\dpvvox.dll
[2001.10.25 19:00:00 | 000,042,768 | ---- | M] (Microsoft Corporation) MD5=0593E58BAA2EB0BDA9247D5E333422A8 -- C:\WINDOWS\system32\dpwsock.dll
[2008.04.14 11:51:40 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=59F81F1107FE8ABA87206609B453FD9D -- C:\WINDOWS\system32\dpwsockx.dll
[2008.04.14 11:53:10 | 000,299,520 | ---- | M] (Microsoft Corporation) MD5=6B7691E63F3282275C35870ACBA3FF21 -- C:\WINDOWS\system32\drmclien.dll
[2008.04.14 11:51:40 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=2FEA67E09B76BA5592A236B262B29BCE -- C:\WINDOWS\system32\drmstor.dll
[2008.04.27 14:19:32 | 000,991,744 | ---- | M] (Microsoft Corporation) MD5=E989E4BADCCCF78E18AABF3D42B306CE -- C:\WINDOWS\system32\drmv2clt.dll
[2008.04.14 11:51:40 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2695ED5F8A4FAC0B16BA36D28481182D -- C:\WINDOWS\system32\drprov.dll
[2007.04.02 22:35:22 | 000,004,656 | ---- | M] (Microsoft Corporation) MD5=06D51EF74C4B9CE28B39F2D22D2A8608 -- C:\WINDOWS\system32\ds16gt.dLL
[2008.04.14 11:51:40 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=FAA4CA51218BD30123090A79126EBE56 -- C:\WINDOWS\system32\ds32gt.dll
[2001.10.25 19:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=362CFFFBB729374BBEB59BAA2497EDC0 -- C:\WINDOWS\system32\dsauth.dll
[2008.04.14 11:51:42 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=285E4AE9F2C181F304DDDC4FFF2098BC -- C:\WINDOWS\system32\dsdmo.dll
[2008.04.14 11:51:42 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=9398B2383FB648286855311330458A99 -- C:\WINDOWS\system32\dsdmoprp.dll
[2008.04.14 11:51:42 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=C0731C40A7C115D90A031CC707B706C2 -- C:\WINDOWS\system32\dskquota.dll
[2008.04.14 11:51:42 | 000,157,184 | ---- | M] (Microsoft Corporation) MD5=F7DB2C756C0216426ABF4991F760B2CD -- C:\WINDOWS\system32\dskquoui.dll
[2008.04.14 11:51:42 | 000,367,616 | ---- | M] (Microsoft Corporation) MD5=8E009E7AC012823845D5F39A77F4A27F -- C:\WINDOWS\system32\dsound.dll
[2008.04.14 11:51:42 | 001,293,824 | ---- | M] (Microsoft Corporation) MD5=5A700C103ECB9333FC178966367B25BF -- C:\WINDOWS\system32\dsound3d.dll
[2008.04.14 11:51:42 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=87DB402CE033540EA7487B2C816DAA38 -- C:\WINDOWS\system32\dsprop.dll
[2008.04.14 11:03:14 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=3A7B631BFC5C803D3B887D0E5D04B205 -- C:\WINDOWS\system32\dsprpres.dll
[2008.04.14 11:51:42 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=FC76D20FC9C7CFF6B49729E0C7E087B7 -- C:\WINDOWS\system32\dsquery.dll
[2008.04.14 11:51:42 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=A599B5BD6938EEA685E1EBCAC754F17D -- C:\WINDOWS\system32\dssec.dll
[2008.04.14 02:07:58 | 000,138,752 | ---- | M] (Microsoft Corporation) MD5=FEDE68BF80052BAD393AFD5C2E60DCB0 -- C:\WINDOWS\system32\dssenh.dll
[2008.04.14 11:51:42 | 000,113,152 | ---- | M] (Microsoft Corporation) MD5=530E3AC15095508F2519FC0E5AD76A36 -- C:\WINDOWS\system32\dsuiext.dll
[2008.04.14 11:51:42 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=CE66949F942823BDCC86F0D53CE15A16 -- C:\WINDOWS\system32\dswave.dll
[2008.04.14 11:51:42 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=01DEFAA24704069BDB1A559A9C6EBC88 -- C:\WINDOWS\system32\duser.dll
[2008.04.14 11:51:42 | 000,618,496 | ---- | M] (Microsoft Corporation) MD5=4FD27471960DB73B11AC91FB94E2B92F -- C:\WINDOWS\system32\dx7vb.dll
[2008.04.14 11:51:42 | 001,227,264 | ---- | M] (Microsoft Corporation) MD5=8344D60D87F7326E490F84B58E22EA1D -- C:\WINDOWS\system32\dx8vb.dll
[2008.04.14 11:51:42 | 002,113,536 | ---- | M] (Microsoft Corporation) MD5=B052D9006FEEA3AC9E4B8750E3E959F3 -- C:\WINDOWS\system32\dxdiagn.dll
[2008.04.14 11:51:42 | 000,499,254 | ---- | M] (Microsoft Corporation) MD5=9256C0DB88BB4A6DE640309B29DB2CE8 -- C:\WINDOWS\system32\dxmasf.dll
[2009.03.08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) MD5=057D53F1490598D41D9D4DEE9A92B0B1 -- C:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) MD5=5E1A0476E009A1930A524DFF4CA13982 -- C:\WINDOWS\system32\dxtrans.dll
[2008.07.29 21:10:04 | 000,073,720 | ---- | M] (Microsoft Corporation) MD5=ED8B49890D24894167EBB84A235382D4 -- C:\WINDOWS\system32\dxva2.dll
[2008.04.14 11:51:42 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=6E4DFC1D92AD235FC76E8C7EE5544A00 -- C:\WINDOWS\system32\eapolqec.dll
[2008.04.14 11:51:42 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=9D283D4B7A1A6799A2C76665CDB34065 -- C:\WINDOWS\system32\eapp3hst.dll
[2008.04.14 11:51:42 | 000,126,976 | ---- | M] (Microsoft Corporation) MD5=DFBCA5222331A476C42DF1AA3921629E -- C:\WINDOWS\system32\eappcfg.dll
[2008.04.14 11:51:42 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=98CA0BF27F75770905762F4FBB7677A2 -- C:\WINDOWS\system32\eappgnui.dll
[2008.04.14 11:51:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=57A9CDCB54867943F2C2BEC65FA772F7 -- C:\WINDOWS\system32\eapphost.dll
[2008.04.14 11:51:42 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=F6D35EBC8F11300AAFD1D4CA6DC65B9D -- C:\WINDOWS\system32\eappprxy.dll
[2008.04.14 11:51:42 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=D487B71198B6BFEB7924CBE645D7B8E2 -- C:\WINDOWS\system32\eapqec.dll
[2008.04.14 11:51:42 | 000,033,792 | ---- | M] (Microsoft Corporation) MD5=0887D9C2BE8D940778CAD1E3B85F2A41 -- C:\WINDOWS\system32\eapsvc.dll
[2008.04.14 11:51:42 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=46ADB92DCD371A14B4C70F47D2ABB345 -- C:\WINDOWS\system32\efsadu.dll
[2008.04.14 11:51:42 | 000,185,344 | ---- | M] (Microsoft Corporation) MD5=E5EECA74032C3B22F0E09079BBCCCEAE -- C:\WINDOWS\system32\els.dll
[2008.04.14 11:51:42 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=99BFE49E1243B6A50716DA1584CD5AB6 -- C:\WINDOWS\system32\encapi.dll
[2011.10.18 12:13:30 | 000,186,880 | ---- | M] () MD5=6ACEF04C3FA9E231C98B5D57C18144A3 -- C:\WINDOWS\system32\encdec.dll
[2001.10.25 19:00:00 | 000,103,424 | ---- | M] (Equinox Systems Inc.) MD5=3F7D26F2F0A3F54489E86725B138D2A9 -- C:\WINDOWS\system32\EqnClass.Dll
[2008.04.14 11:51:42 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A2A4912798F2BE706ABADD3D30800D16 -- C:\WINDOWS\system32\ersvc.dll
[2008.07.07 21:29:06 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=A371F11EF07653591C8DE26AFB13CE7F -- C:\WINDOWS\system32\es.dll
[2008.04.14 11:51:42 | 001,083,904 | ---- | M] (Microsoft Corporation) MD5=39026490EF6992293A38AA13204BA6F3 -- C:\WINDOWS\system32\esent.dll
[2001.10.25 19:00:00 | 001,114,896 | ---- | M] (Microsoft Corporation) MD5=7D603A2421F02AF885C0DE86D46B9436 -- C:\WINDOWS\system32\esent97.dll
[2001.10.25 19:00:00 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=AC0A428DB233192CFF438E562F339429 -- C:\WINDOWS\system32\esentprf.dll
[2001.10.25 19:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=1EA7D108898EBD95EB20E535337640A4 -- C:\WINDOWS\system32\eventcls.dll
[2008.04.14 11:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2008.07.29 21:10:04 | 000,493,048 | ---- | M] (Microsoft Corporation) MD5=76CADBF5663E357D7FDC99DC0CDDC958 -- C:\WINDOWS\system32\evr.dll
[2008.04.14 11:51:42 | 000,380,445 | ---- | M] (Microsoft Corporation) MD5=B1306CBB694B1FB290C45197918D41DF -- C:\WINDOWS\system32\expsrv.dll
[2009.10.29 08:45:29 | 000,133,120 | ---- | M] (Microsoft Corporation) MD5=4CE00D3D6F187850E7C14CDF0A0CB77D -- C:\WINDOWS\system32\extmgr.dll
[2008.04.14 11:51:42 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=AD5D80319E6A6C2A08B4C39D81E0198E -- C:\WINDOWS\system32\exts.dll
[2008.04.14 11:51:42 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=621EACDD05BEEC6A40D74B9D66E62D7C -- C:\WINDOWS\system32\faultrep.dll
[1998.11.28 05:59:34 | 000,265,216 | ---- | M] (Symantec Corporation) MD5=9519DD29997BA18FA779C3241F63AA62 -- C:\WINDOWS\system32\FAXUTIL.DLL
[1998.11.28 05:59:32 | 000,181,248 | ---- | M] (Symantec Corporation) MD5=74BA78534E6169530FD43E6B24FD723E -- C:\WINDOWS\system32\faxzrh.DLL
[2008.04.14 11:51:42 | 000,124,416 | ---- | M] (Microsoft Corporation) MD5=AFBE3927B3C2ED14D16E80B39E0A2A28 -- C:\WINDOWS\system32\fde.dll
[2008.04.14 11:51:42 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=2CA3D95BA5F7A82675EA69DDB789573A -- C:\WINDOWS\system32\fdeploy.dll
[2008.04.14 11:51:42 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=88BD68BE389C54CADFC260D39D76C3DF -- C:\WINDOWS\system32\feclient.dll
[2008.04.14 11:51:42 | 000,337,920 | ---- | M] (Microsoft Corporation) MD5=68E5E13C23249EBE3462F1F256662BDC -- C:\WINDOWS\system32\filemgmt.dll
[2008.04.14 11:51:42 | 000,087,552 | ---- | M] (Microsoft Corporation) MD5=92F6B4FA80B80B49FC3CE0579EA0CD2A -- C:\WINDOWS\system32\fldrclnr.dll
[2008.04.14 11:51:42 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=C74B93113F4515D8B963E46A589BE85E -- C:\WINDOWS\system32\fltlib.dll
[2011.07.07 01:28:22 | 001,193,320 | ---- | M] (Microsoft Corporation) MD5=09B2ED06BB44815B2B5803F5C67E00E3 -- C:\WINDOWS\system32\FM20.DLL
[2006.10.26 13:10:06 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=F2CE3C8E63F770DB3E59D503CE4CC311 -- C:\WINDOWS\system32\FM20ENU.DLL
[2001.10.25 19:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=D305DC5A86D39D611164E4C078FC940D -- C:\WINDOWS\system32\fmifs.dll
[2008.04.14 11:51:42 | 000,382,976 | ---- | M] (Microsoft Corporation) MD5=354093F5DC474F921509BCECB17C2D78 -- C:\WINDOWS\system32\fontext.dll
[2009.10.15 17:32:57 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=D5D8F92AB79F795B8E6C31F3B5859CCC -- C:\WINDOWS\system32\fontsub.dll
[2008.04.14 11:44:18 | 000,009,344 | ---- | M] (Microsoft Corporation) MD5=9BB4EED8CCB41C276E49746E87FB4FA3 -- C:\WINDOWS\system32\framebuf.dll
[2011.01.10 17:22:45 | 000,000,014 | ---- | M] () MD5=5139484B48E50504319589F4F3EA703A -- C:\WINDOWS\system32\fstextv66.dll
[2009.03.31 09:39:36 | 000,110,592 | ---- | M] () MD5=C83C84DAE3B901BF404D36F304B00FA0 -- C:\WINDOWS\system32\FsUsbExDevice.Dll
[2001.10.25 19:00:00 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=AF1AB8973174CE1DAD7C1D4B446C3D0B -- C:\WINDOWS\system32\fsusd.dll
[2001.10.25 19:00:00 | 000,176,128 | ---- | M] (Microsoft Corporation) MD5=3B0B8D7718B1891E2492A4027AF372C0 -- C:\WINDOWS\system32\ftsrch.dll
[2008.04.14 11:51:42 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=B5C1C8BEB79C17D19E724D3F79728FC5 -- C:\WINDOWS\system32\fwcfg.dll
[2001.10.25 19:00:00 | 000,077,312 | ---- | M] (Microsoft Corporation) MD5=B69D9DF59E72433D16E81DE2800CB5BF -- C:\WINDOWS\system32\gcdef.dll
[2008.10.23 13:42:52 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=90C925765E695AB984BE2E8A21B62AE9 -- C:\WINDOWS\system32\gdi32.dll
[2001.10.25 19:00:00 | 000,670,720 | ---- | M] (Microsoft Corporation) MD5=668D2A1E25115D557449AB2A57A34E5B -- C:\WINDOWS\system32\getuname.dll
[2001.10.25 19:00:00 | 000,285,184 | ---- | M] (Microsoft Corporation) MD5=1A2F29DA0CE996E2B7D3F88A08F03B10 -- C:\WINDOWS\system32\glmf32.dll
[2008.04.14 11:51:42 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=51C2456D72198560D7EEF5BBC4C2EDF8 -- C:\WINDOWS\system32\glu32.dll
[2008.04.14 11:51:44 | 000,568,320 | ---- | M] (Microsoft Corporation) MD5=1FF8FA8810ED7E3E8342DFA741262519 -- C:\WINDOWS\system32\gpedit.dll
[2008.04.14 02:08:00 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=0E13DEAA35E93EA67C84C7C7236722AD -- C:\WINDOWS\system32\gpkcsp.dll
[2008.04.14 10:47:12 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F645B7295BEC2652A9C0990D41CFF8B4 -- C:\WINDOWS\system32\gpkrsrc.dll
[2008.04.14 11:51:44 | 000,200,192 | ---- | M] (Microsoft Corporation) MD5=8BC95A77F69958A02E9F58C69F01D790 -- C:\WINDOWS\system32\gptext.dll
[2008.04.14 11:51:44 | 000,614,912 | ---- | M] (Microsoft Corporation) MD5=0551775C915615CF43486C997185566E -- C:\WINDOWS\system32\h323msp.dll
[2008.04.14 03:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
[2008.04.14 07:51:44 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=406F6F7156E3F7CB360A7E08A3A60DB3 -- C:\WINDOWS\system32\hccoin.dll
[2008.04.14 11:51:44 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=D26E9120335356CFCC47812407D4F73B -- C:\WINDOWS\system32\hhsetup.dll
[2008.04.27 13:22:26 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=FFB0A2D2B73A64979CD29C15B3B0A9D5 -- C:\WINDOWS\system32\hid.dll
[2008.04.14 11:51:44 | 000,072,704 | ---- | M] (Microsoft Corporation) MD5=342CDB3134753EEA731C930D19F438C6 -- C:\WINDOWS\system32\hlink.dll
[2008.04.14 11:51:44 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=ED18ADEE4AA21EB26977260152D7241A -- C:\WINDOWS\system32\hnetcfg.dll
[2001.10.25 19:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=93D326E7790623EF07B9EAC16E1E0D68 -- C:\WINDOWS\system32\hnetmon.dll
[2008.04.14 11:51:44 | 000,330,752 | ---- | M] (Microsoft Corporation) MD5=A68622FC287564058F6649C04DC56A6B -- C:\WINDOWS\system32\hnetwiz.dll
[2008.04.14 11:51:44 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=8AF5246FEA1A21F823104F12EFFE2054 -- C:\WINDOWS\system32\hotplug.dll
[2001.10.25 19:00:00 | 000,044,544 | ---- | M] (Hilgraeve, Inc.) MD5=FA61B6A311D15F4CFBABA6FA61BB67D3 -- C:\WINDOWS\system32\hticons.dll
[2009.10.21 06:40:39 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=655DC214882EF37CBCE107BACB383E43 -- C:\WINDOWS\system32\httpapi.dll
[2008.04.14 11:51:44 | 000,042,496 | ---- | M] (Microsoft Corporation) MD5=BDBD11EF289B7F6FD91734D1C2DC8645 -- C:\WINDOWS\system32\htui.dll
[2008.04.14 11:51:44 | 000,351,232 | ---- | M] (Hilgraeve, Inc.) MD5=A8A312A48529DAA9DDFE804552CA30DD -- C:\WINDOWS\system32\hypertrm.dll
[2012.01.11 20:07:11 | 000,003,072 | ---- | M] () MD5=398F96366356C1BCCF42030D8D99A702 -- C:\WINDOWS\system32\iacenc.dll
[2001.10.25 19:00:00 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=22030620189AFD2E8E6BD49C92B3FA01 -- C:\WINDOWS\system32\iasacct.dll
[2001.10.25 19:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=DB068CDDB8C9E3F55877DE0F96BAE2DC -- C:\WINDOWS\system32\iasads.dll
[2001.10.25 19:00:00 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=F02E83EB63A1738FFAEAFF9BF0D53CFC -- C:\WINDOWS\system32\iashlpr.dll
[2001.10.25 19:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=60AF51A0983D139774729DE7AD5E21AF -- C:\WINDOWS\system32\iasnap.dll
[2001.10.25 19:00:00 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=768E958149E44B61C9108A99EDAD0F06 -- C:\WINDOWS\system32\iaspolcy.dll
[2008.04.14 11:51:44 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=C7629DC9C9B43C6B0396FEB7DC672B14 -- C:\WINDOWS\system32\iasrad.dll
[2001.10.25 19:00:00 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=53522C05698029BDE0EE6FF24837E3A1 -- C:\WINDOWS\system32\iasrecst.dll
[2001.10.25 19:00:00 | 000,086,528 | ---- | M] (Microsoft Corporation) MD5=AF08F4A4DBD70F55D787F1F76C2A83DB -- C:\WINDOWS\system32\iassam.dll
[2001.10.25 19:00:00 | 000,250,368 | ---- | M] (Microsoft Corporation) MD5=8FEFDB16841DE7539ACC4AE6B76165EC -- C:\WINDOWS\system32\iassdo.dll
[2001.10.25 19:00:00 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=BF7CDDB0246E77F441BEA293A8A9348A -- C:\WINDOWS\system32\iassvcs.dll
[2008.04.14 11:51:44 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=72C1FF5AE0330CCF9C35BCBBAD267F3B -- C:\WINDOWS\system32\icaapi.dll
[2009.03.08 04:31:52 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=17A6B9EFC1D37368379F4E77EC3F2761 -- C:\WINDOWS\system32\icardie.dll
[2008.07.29 19:24:50 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=5E9C073D58F2A5F64EBC714E13DF792B -- C:\WINDOWS\system32\icardres.dll
[2010.06.17 15:03:52 | 000,080,384 | ---- | M] (Radius Inc.) MD5=B41E5851B99752814CD52AD470726139 -- C:\WINDOWS\system32\iccvid.dll
[2001.10.25 19:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=8E2B0B71E66931A8C9840B080CB3D1F4 -- C:\WINDOWS\system32\icfgnt5.dll
[2008.04.14 11:51:44 | 000,254,976 | ---- | M] (Microsoft Corporation) MD5=8C3BF1443B7AD6473E5AF75DC09E4B36 -- C:\WINDOWS\system32\icm32.dll
[2008.04.14 11:46:50 | 000,003,584 | ---- | M] (Microsoft Corporation) MD5=D7328628EE47A02CC55CB8BB16D69C34 -- C:\WINDOWS\system32\icmp.dll
[2001.10.25 19:00:00 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=B74DA7CC968685138FB401201E1849AF -- C:\WINDOWS\system32\icmui.dll
[2008.04.14 11:51:44 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=3AB0BF3986F54BDC7BE4693752D098B3 -- C:\WINDOWS\system32\icwdial.dll
[2008.04.14 11:51:44 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=5DBDE28B4DB5AE02F2F018A80F7A4CF6 -- C:\WINDOWS\system32\icwphbk.dll
[2009.01.07 18:20:36 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=C838EF8A3D766B6E0F1F668BE9988D4A -- C:\WINDOWS\system32\idndl.dll
[2008.04.14 11:51:44 | 000,120,832 | ---- | M] (Microsoft Corporation) MD5=25705A1AD3736AFBEF7AE4469F2EDE27 -- C:\WINDOWS\system32\idq.dll
[2009.03.08 04:33:02 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=FCF52888B8AD1BDC80275108172BD76D -- C:\WINDOWS\system32\ieakeng.dll
[2009.03.08 04:33:08 | 000,229,376 | ---- | M] (Microsoft Corporation) MD5=69F138A7E93F2646CDEC3B68CE7011DF -- C:\WINDOWS\system32\ieaksie.dll
[2009.03.08 04:32:52 | 000,163,840 | ---- | M] (Microsoft Corporation) MD5=36A86C1B6406CC493554F16BA13BE7D9 -- C:\WINDOWS\system32\ieakui.dll
[2009.03.08 04:11:12 | 000,445,952 | ---- | M] (Microsoft Corporation) MD5=66F1C930F4572816BB15C3A863590305 -- C:\WINDOWS\system32\ieapfltr.dll
[2012.11.01 13:12:24 | 000,387,584 | ---- | M] (Microsoft Corporation) MD5=7688FBCD76B53C4618B167323131C0C2 -- C:\WINDOWS\system32\iedkcs32.dll
[2009.10.29 08:45:29 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=F8B519ED8ECF4829E545C7A49E25EB08 -- C:\WINDOWS\system32\ieencode.dll
[2012.11.01 17:42:26 | 011,111,424 | ---- | M] (Microsoft Corporation) MD5=991BD4B0D0729056445FEBAF09AACED5 -- C:\WINDOWS\system32\ieframe.dll
[2012.11.01 13:12:24 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=58C628A6DD8D131293064019E85B2872 -- C:\WINDOWS\system32\iepeers.dll
[2009.03.08 04:32:50 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=45814FE9FBD6F569A0468D229455B3A2 -- C:\WINDOWS\system32\iernonce.dll
[2012.11.01 13:12:24 | 002,000,384 | ---- | M] (Microsoft Corporation) MD5=B01E5059EA6DBED14E29322C13042A7E -- C:\WINDOWS\system32\iertutil.dll
[2009.03.08 04:32:50 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=1B6FF5B9A21DE2E89BB014932A414E7E -- C:\WINDOWS\system32\iesetup.dll
[2009.03.08 04:22:46 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=11734790410900D2CD6B7839020E4DD9 -- C:\WINDOWS\system32\ieui.dll
[2008.04.14 11:51:44 | 000,137,216 | ---- | M] (Microsoft Corporation) MD5=B4448DFFCF7949E83FF26BDA95A5705A -- C:\WINDOWS\system32\ifmon.dll
[2001.10.25 19:00:00 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=ACE72381AB9471011C314813B8D6044D -- C:\WINDOWS\system32\ifsutil.dll
[2008.04.14 11:51:44 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=11D02A07D2A283D0DD5AB7771643444C -- C:\WINDOWS\system32\igmpagnt.dll
[2001.10.25 19:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=FF69996C684B6F9507E3CB841DAB1ACC -- C:\WINDOWS\system32\iissuba.dll
[2008.04.14 11:51:44 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=15B404CD9967CC254F97AD08D86FC6E0 -- C:\WINDOWS\system32\ils.dll
[2012.02.29 15:10:19 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=D21DBAA97839B1786E278FDD2F3444AC -- C:\WINDOWS\system32\imagehlp.dll
[2004.07.20 17:24:10 | 001,568,768 | ---- | M] (Pegasus Imaging Corp.) MD5=903DE5707D29A1E034ED40F54571F1B7 -- C:\WINDOWS\system32\ImagX7.dll
[2004.07.20 17:24:10 | 000,476,320 | ---- | M] (Pegasus Imaging Corp.) MD5=8F03FD1C3BD8F6B575E6CF5E0E89FF13 -- C:\WINDOWS\system32\ImagXpr7.dll
[2004.07.20 17:24:10 | 000,262,144 | ---- | M] (Pegasus Imaging Corp.) MD5=97915FBD07E749BCCCF7FFE78E9A7C37 -- C:\WINDOWS\system32\ImagXR7.dll
[2004.07.20 17:24:10 | 000,471,040 | ---- | M] (Pegasus Imaging Corp.) MD5=AC225D792D1A214631BE5FDE7DE9143A -- C:\WINDOWS\system32\ImagXRA7.dll
[2008.04.14 11:51:44 | 000,036,921 | ---- | M] (Microsoft Corporation) MD5=2DB47936816904EC4532801A7BD07F9B -- C:\WINDOWS\system32\imeshare.dll
[2009.03.08 04:31:38 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=42B928FC8518D793BF7A5EAFC57B1D8B -- C:\WINDOWS\system32\imgutil.dll
[2008.04.14 11:51:44 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=6C60CA8AC7470AC01CFD3D24C7283CD1 -- C:\WINDOWS\system32\imm32.dll
[2008.04.14 11:51:44 | 000,274,432 | ---- | M] (Microsoft Corporation) MD5=48B91680AF915F61CB2D30F7FADDD6EC -- C:\WINDOWS\system32\inetcfg.dll
[2011.10.10 15:22:49 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=7672C0A28AD4F40E1E2CFD60AD73735A -- C:\WINDOWS\system32\inetcomm.dll
[2001.10.25 19:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) MD5=B05B0BC79217390657F1F526FF5C64D8 -- C:\WINDOWS\system32\inetcplc.dll
[2008.04.14 11:51:44 | 000,032,768 | ---- | M] (Microsoft Corporation) MD5=CC73F4A119331DE70B951AAD912EF93A -- C:\WINDOWS\system32\inetmib1.dll
[2008.04.14 11:51:46 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=F420C325956CA593679A8796065BFBB6 -- C:\WINDOWS\system32\inetpp.dll
[2008.04.14 11:51:46 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=BD6D3B81188EA3F94773DCCA1A3ECDB0 -- C:\WINDOWS\system32\inetppui.dll
[2008.04.14 10:54:54 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=5C846FE650A4B7E98D0193B2290C14B6 -- C:\WINDOWS\system32\inetres.dll
[2008.07.29 19:24:50 | 000,097,800 | ---- | M] (Microsoft Corporation) MD5=4F782462228CE2E0EBA40D1F519E8A15 -- C:\WINDOWS\system32\infocardapi.dll
[2001.10.25 19:00:00 | 000,450,560 | ---- | M] (Microsoft Corporation) MD5=6329694D12901486E970E28EE53CCD0A -- C:\WINDOWS\system32\infosoft.dll
[2008.04.14 11:51:46 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=3155306CFA3AAD9FF101D816AC43BA7B -- C:\WINDOWS\system32\initpki.dll
[2006.10.26 12:45:04 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=19C17BE6A8FEC40C535E1CB60D784D06 -- C:\WINDOWS\system32\INKED.DLL
[2008.04.14 11:51:46 | 000,124,416 | ---- | M] (Microsoft Corporation) MD5=708F72E0FF668EA245C9EA59AA23AC91 -- C:\WINDOWS\system32\input.dll
[2009.03.08 04:32:46 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=8FAAFF28147935E5847F980607965FFE -- C:\WINDOWS\system32\inseng.dll
[2001.10.25 19:00:00 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=0DB13DA6D57784625E00372156A51DB3 -- C:\WINDOWS\system32\iologmsg.dll
[2008.04.14 11:51:46 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=7A943FB5D0260595A7DA43246F070D2D -- C:\WINDOWS\system32\iphlpapi.dll
[2008.04.14 11:51:46 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=FE6C6885AF3E222EB825ECF34AC8D9AA -- C:\WINDOWS\system32\ipmontr.dll
[2008.04.14 11:51:46 | 000,329,728 | ---- | M] (Microsoft Corporation) MD5=F58FACA9621D2DB01BD0927D9A0A208E -- C:\WINDOWS\system32\ipnathlp.dll
[2008.04.14 11:51:46 | 000,342,528 | ---- | M] (Microsoft Corporation) MD5=7111D4176611956AE457DD9C77D44B41 -- C:\WINDOWS\system32\ippromon.dll
[2001.10.25 19:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) MD5=BD4F71438B80F5BC2B11FB34AAA19861 -- C:\WINDOWS\system32\iprop.dll
[2001.10.25 19:00:00 | 000,004,096 | ---- | M] (Microsoft Corporation) MD5=C339DCAD1FC8C692B57B0B2BD98F9733 -- C:\WINDOWS\system32\iprtprio.dll
[2008.04.14 11:51:46 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=003D35FAA8CDB0407EDA807ACD73B56D -- C:\WINDOWS\system32\iprtrmgr.dll
[2008.04.14 11:51:46 | 000,351,232 | ---- | M] (Microsoft Corporation) MD5=FCFD179649DFD1D4A83B6B8113445679 -- C:\WINDOWS\system32\ipsecsnp.dll
[2008.04.14 11:51:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=D76D39056EF8B8C09BC544754448E48F -- C:\WINDOWS\system32\ipsecsvc.dll
[2008.04.14 11:51:46 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=A04F96DAD5B010B415B25C808188FE5B -- C:\WINDOWS\system32\ipsmsnap.dll
[2008.04.14 11:51:46 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=2360CB6B7B188AB6A86A9201F1999BAB -- C:\WINDOWS\system32\ipv6mon.dll
[2001.10.25 19:00:00 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=34FC9C2A0B99D0F4F3AB233671914137 -- C:\WINDOWS\system32\ipxmontr.dll
[2001.10.25 19:00:00 | 000,071,680 | ---- | M] (Microsoft Corporation) MD5=21DCE7491F770E29DC21FBAF4BE573CD -- C:\WINDOWS\system32\ipxpromn.dll
[2001.10.25 19:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=734A77C93859AA4D46A036B29F756932 -- C:\WINDOWS\system32\ipxrip.dll
[2001.10.25 19:00:00 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=E765195690E3F8422FCE11DEB9EABED0 -- C:\WINDOWS\system32\ipxrtmgr.dll
[2001.10.25 19:00:00 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=85D8C6514BD48DF2CC61DEBE3F879DC0 -- C:\WINDOWS\system32\ipxsap.dll
[2008.04.14 11:51:46 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=9E33277AF4E8992E148CF2576A9CF5FA -- C:\WINDOWS\system32\ipxwan.dll
[2001.10.25 19:00:00 | 000,199,168 | ---- | M] () MD5=FA2F43EC92EA83E839C1FEE8DDCC3D0E -- C:\WINDOWS\system32\ir32_32.dll
[2008.04.14 11:51:46 | 000,120,320 | ---- | M] (Intel Corporation.) MD5=1B757583A1EB7BB99B49B9792A295303 -- C:\WINDOWS\system32\ir41_qc.dll
[2008.04.14 11:51:46 | 000,338,432 | ---- | M] (Intel Corporation.) MD5=665E4ACCF9791CDA42A05D34368DD504 -- C:\WINDOWS\system32\ir41_qcx.dll
[2008.04.14 11:51:46 | 000,755,200 | ---- | M] (Intel Corporation) MD5=EE478EE391967066E2FA9152E90D36AE -- C:\WINDOWS\system32\ir50_32.dll
[2008.04.14 11:51:46 | 000,200,192 | ---- | M] (Intel Corporation.) MD5=0E20AD90892DE0F4B887748FDDCB2BD7 -- C:\WINDOWS\system32\ir50_qc.dll
[2008.04.14 11:51:46 | 000,183,808 | ---- | M] (Intel Corporation.) MD5=79F9D3B6D641065EC21C25F9787A31B8 -- C:\WINDOWS\system32\ir50_qcx.dll
[2001.10.25 19:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=95E8A4A8843DBAA4423F0681EBDB6F82 -- C:\WINDOWS\system32\irclass.dll
[2010.11.18 19:15:47 | 000,081,920 | ---- | M] (Microsoft Corporation) MD5=EDC2AE78B2C8942A1DAD3E7B3DE550D4 -- C:\WINDOWS\system32\isign32.dll
[2008.04.14 11:51:46 | 000,032,768 | ---- | M] (Intel Corporation) MD5=076232A8D577FBD14080503B7E5D7CC9 -- C:\WINDOWS\system32\isrdbg32.dll
[2008.04.14 11:51:46 | 000,155,136 | ---- | M] (Microsoft Corporation) MD5=8D862FB4B6D6F8B59C8B6FAC669CCE4C -- C:\WINDOWS\system32\itircl.dll
[2008.04.14 11:51:46 | 000,138,240 | ---- | M] (Microsoft Corporation) MD5=4C4D95F2A54D460BB42AA06678A79A62 -- C:\WINDOWS\system32\itss.dll
[2008.04.14 11:51:46 | 000,191,488 | ---- | M] (Microsoft Corporation) MD5=27EA6A30DCF990FDBB6AFA2FB197D22B -- C:\WINDOWS\system32\iuengine.dll
[2008.04.14 11:51:46 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=A515D457B754DD862BAD559B4B4E32E6 -- C:\WINDOWS\system32\ixsso.dll
[2009.11.27 17:09:42 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=479B0DCA1542A38EBF7A3040F65A04B5 -- C:\WINDOWS\system32\iyuv_32.dll
[2001.10.25 19:00:00 | 000,362,496 | ---- | M] (Microsoft Corporation) MD5=747367139F73988D30FE0F2166E30B19 -- C:\WINDOWS\system32\jet500.dll
[2001.10.25 19:00:00 | 000,044,544 | ---- | M] (Johnson-Grace Company) MD5=E3E28AD388E036600289EBE43990DF00 -- C:\WINDOWS\system32\jgaw400.dll
[2008.04.14 11:51:46 | 000,163,840 | ---- | M] (America Online) MD5=B1BDACBBB54B78C63C2F0783366FF109 -- C:\WINDOWS\system32\jgdw400.dll
[2001.10.25 19:00:00 | 000,035,840 | ---- | M] (Johnson-Grace Company) MD5=348ACEAF1B257E1610D7509C96AA4D95 -- C:\WINDOWS\system32\jgmd400.dll
[2008.04.14 11:51:46 | 000,027,648 | ---- | M] (Johnson-Grace Company) MD5=6FB1298A7DEC689AAC14FE4B3FB156A7 -- C:\WINDOWS\system32\jgpl400.dll
[2001.10.25 19:00:00 | 000,045,568 | ---- | M] (America Online) MD5=1EA3956977F50541ED17D0372A58914A -- C:\WINDOWS\system32\jgsd400.dll
[2001.10.25 19:00:00 | 000,065,536 | ---- | M] (Johnson-Grace Company) MD5=398046A2608153F0963EA2064C89EC39 -- C:\WINDOWS\system32\jgsh400.dll
[2001.10.25 19:00:00 | 000,048,464 | ---- | M] (Microsoft Corporation) MD5=F12CB2E3F600E2C6B71D96F360A5CE61 -- C:\WINDOWS\system32\jobexec.dll
[2011.03.04 07:36:57 | 000,726,528 | ---- | M] (Microsoft Corporation) MD5=8479C88126FFE6BE958E76A0D0F4F660 -- C:\WINDOWS\system32\jscript.dll
[2001.10.25 19:00:00 | 000,024,623 | ---- | M] (Microsoft Corporation) MD5=08F5B8413F0C7A9BFDB38D44AA518D63 -- C:\WINDOWS\system32\jscs.dll
[2012.11.01 13:12:24 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=5ACC77E7BA2FC4E623C87CC1B00A5CFF -- C:\WINDOWS\system32\jsproxy.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=615DDBB5CBBAE8301C1E7FA95F1E66A3 -- C:\WINDOWS\system32\KBDAL.DLL
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=0304318F189E3CC4A99FCCCB0A68147F -- C:\WINDOWS\system32\kbdaze.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=712A218557F99D136735E0545E5AE223 -- C:\WINDOWS\system32\kbdazel.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=90AA6D58947A68B5D35C3D3905A74BCB -- C:\WINDOWS\system32\kbdbe.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=D916E1B4DF4A5DAC0F3B37D5BAF5FB18 -- C:\WINDOWS\system32\kbdbene.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=BFCF52AD1CB233C7F4C78CEBAF4B809B -- C:\WINDOWS\system32\kbdbhc.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=A1FA7A83F9D98D84419A8E64286284F4 -- C:\WINDOWS\system32\kbdblr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=7806D7CEC1FFED2F6A7C569E38D8232E -- C:\WINDOWS\system32\kbdbr.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=1DF6E4758611E1328567BFE4D1B28E27 -- C:\WINDOWS\system32\kbdbu.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=C068F1EF8F08C4331EC176AAC231FFE3 -- C:\WINDOWS\system32\kbdca.dll
[2001.10.25 19:00:00 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6FC7C2503F3D43B8F493DDA15AA1BC50 -- C:\WINDOWS\system32\kbdcan.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=5B46568257EE49714564511D58E0DE53 -- C:\WINDOWS\system32\kbdcr.dll
[2001.10.25 19:00:00 | 000,007,168 | R--- | M] (Microsoft Corporation) MD5=36E68E02AF2206FC4A8C73CAEABE1FB0 -- C:\WINDOWS\system32\kbdcz.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=AFA30A44ED11A5F9A059A2767AB6A81A -- C:\WINDOWS\system32\kbdcz1.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=90535C13EB54E1F2C95478F1B99DCCEB -- C:\WINDOWS\system32\kbdcz2.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B6AB131E6F77563A74465F5972EF900F -- C:\WINDOWS\system32\kbdda.dll
[2001.10.25 19:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=4B2B6EAB5D350AB95CC56883E01B1DE7 -- C:\WINDOWS\system32\kbddv.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=4B808BAC83B00F3F013DA239E93A416A -- C:\WINDOWS\system32\kbdes.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=BBB6C3346064C6AECEE6AD9F144B1AEA -- C:\WINDOWS\system32\kbdest.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=DE844F425C89EDD0DC61C89D5B2CE15A -- C:\WINDOWS\system32\kbdfc.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B0F5C8342B41FFD484725DFD7E0BE041 -- C:\WINDOWS\system32\kbdfi.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=6578885CF36382879BFA072EB38822D2 -- C:\WINDOWS\system32\kbdfi1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AE72FF8FE49F78838377417C22A92C79 -- C:\WINDOWS\system32\kbdfo.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=C39F03304E24BEADA6DCDE68C1B1269B -- C:\WINDOWS\system32\kbdfr.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=59A8A1F2CE28BDE79BF9018F56B642CC -- C:\WINDOWS\system32\kbdgae.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=A93447C87DDB6B1945F1F5F87EAB68DC -- C:\WINDOWS\system32\kbdgkl.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=3C1708C5C05910FE495D832C6536ED78 -- C:\WINDOWS\system32\kbdgr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=38430C6C194870363AD0CA3B7A18AC7F -- C:\WINDOWS\system32\kbdgr1.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=83C99B438B3D6DBE7B838DA783E173AC -- C:\WINDOWS\system32\kbdhe.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=1E81E1F3D5ACB3371CF73C1DE8F800BF -- C:\WINDOWS\system32\kbdhe220.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=AC81A176BA35D1D7A5CD53137F3160FE -- C:\WINDOWS\system32\kbdhe319.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=D26533FDF72381947F823882BBA4A196 -- C:\WINDOWS\system32\kbdhela2.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=F2312B8A76FD584ACD1D956688BEB6F8 -- C:\WINDOWS\system32\kbdhela3.dll
[2001.10.25 19:00:00 | 000,008,192 | R--- | M] (Microsoft Corporation) MD5=90CC52E8B52F0EC3A41D14FFBE789324 -- C:\WINDOWS\system32\kbdhept.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=CF92D95B5CB6649CB9D7E8D7616487A7 -- C:\WINDOWS\system32\kbdhu.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=F3D1EEC756847C70E65335E8CA1AE64B -- C:\WINDOWS\system32\kbdhu1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=2B83F3461F603D27C765C7BB87E8CD09 -- C:\WINDOWS\system32\kbdic.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B23F3284C95F67D91FDED1BB8642912E -- C:\WINDOWS\system32\kbdinbe1.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=0EE360FED0B779BFE4D72DD32D0C081B -- C:\WINDOWS\system32\kbdinben.dll
[2008.04.14 11:48:12 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=2E702A265D7D020C91AFF06869322561 -- C:\WINDOWS\system32\kbdinmal.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8396B49871EC9E8ED2DAB4341F2B328B -- C:\WINDOWS\system32\kbdir.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=1C62DA8649D73B0DAE915740FE8CF712 -- C:\WINDOWS\system32\kbdit.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=FBB785A6D701CF80DA84C2DEFDBE2D13 -- C:\WINDOWS\system32\kbdit142.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=D8A703E57209A0E544E6B80DB3DE6524 -- C:\WINDOWS\system32\kbdiultn.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=95D9106D39AB410A7F7EE513F181F84C -- C:\WINDOWS\system32\kbdkaz.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=8E6BEE6CA04B58BFD2863904A79C020D -- C:\WINDOWS\system32\kbdkyr.dll
[2001.10.25 19:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=A8470FE45FF308CE53828301976A13CB -- C:\WINDOWS\system32\kbdla.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=F5B3B152A1D2752BC88928EB1E031B7E -- C:\WINDOWS\system32\kbdlt.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=AF05A41DBD1B0424B5CB47092152C7F6 -- C:\WINDOWS\system32\kbdlt1.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=C047165ED75FF85DB5A89EFEE3DA1133 -- C:\WINDOWS\system32\kbdlv.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=27D72BCF2B495FCDA073DBA5F189D7A1 -- C:\WINDOWS\system32\kbdlv1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=885CA7AB8F34EC81493810C40A78DC83 -- C:\WINDOWS\system32\kbdmac.dll
[2008.04.14 11:48:12 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=DCC571DD4F1389FDBA192749521007DD -- C:\WINDOWS\system32\kbdmaori.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=D9A6108E68ADDD2F6308D9FE27ACEE1C -- C:\WINDOWS\system32\kbdmlt47.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=04D8E9F4B9FAA8A8D539592E9CFD3773 -- C:\WINDOWS\system32\kbdmlt48.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=27F33B66806481D822B12007B42AFD53 -- C:\WINDOWS\system32\kbdmon.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=140FE6CAE764C9E8ECCFCB21A19781C5 -- C:\WINDOWS\system32\kbdne.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=8F5874AE69B5E9A7E00A62B7907B697A -- C:\WINDOWS\system32\kbdnec.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=743E8FD3A30ABB931C48B21CA665B569 -- C:\WINDOWS\system32\kbdnepr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=3CBCE11B4B069939E091835694C0567B -- C:\WINDOWS\system32\kbdno.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=00B86A21BC0F2EDF2E8DA82AE934B563 -- C:\WINDOWS\system32\kbdno1.dll
[2008.04.14 11:48:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=5BF5A37F3C46AAE166832E7E9D4B3123 -- C:\WINDOWS\system32\kbdpash.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=D199B05901C2407FC0F87444A24A4F3C -- C:\WINDOWS\system32\kbdpl.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=897663C8606357A8E86E57CDEA8EE219 -- C:\WINDOWS\system32\kbdpl1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=5713A519619FC93C30BF9AB23B14885A -- C:\WINDOWS\system32\kbdpo.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=C2E62748C875A310A6D5B10498238A68 -- C:\WINDOWS\system32\kbdro.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=C6F23BC1411E91C179B0635893BB40A1 -- C:\WINDOWS\system32\kbdru.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=B6E962B7AC1CB4A78876953D369BE6DD -- C:\WINDOWS\system32\kbdru1.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=17733F6AF237E17C2F78528E4068B577 -- C:\WINDOWS\system32\kbdsf.dll
[2001.10.25 19:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=D157764B22473BB55635591DF347074C -- C:\WINDOWS\system32\kbdsg.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=DCCE231E5BDF1401AC0F770EE16902AA -- C:\WINDOWS\system32\kbdsl.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=93033C3EA80FB24B198B24DDECA07D4A -- C:\WINDOWS\system32\kbdsl1.dll
[2008.04.14 11:48:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=E5EDF3F2A1C9C55AB9B8781259D9755B -- C:\WINDOWS\system32\kbdsmsfi.dll
[2008.04.14 11:48:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6CBAFAAD2B5F506CCCD4C204019E587F -- C:\WINDOWS\system32\kbdsmsno.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=79D955C9BDDFD01A7C8D442322222F46 -- C:\WINDOWS\system32\kbdsp.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=28D0AE434F7A8E8B1185AA07DD71AC44 -- C:\WINDOWS\system32\kbdsw.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=F2D1EEF5ADCD5995C015AB3CB15C9415 -- C:\WINDOWS\system32\kbdtat.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=188E56B70419D8353B8D4F3E381D9E52 -- C:\WINDOWS\system32\kbdtuf.dll
[2001.10.25 19:00:00 | 000,006,144 | R--- | M] (Microsoft Corporation) MD5=5D569F2951F878EF01D7723DC08682E9 -- C:\WINDOWS\system32\kbdtuq.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=DAB9952E3626D84E74CBF4958B1B1F52 -- C:\WINDOWS\system32\kbduk.dll
[2008.04.14 11:48:12 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=BF954DAB2C7A3BD3058BAA3793CA6222 -- C:\WINDOWS\system32\kbdukx.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=3DDE3DC57C54452A313DC20F3019F8E3 -- C:\WINDOWS\system32\kbdur.dll
[2001.10.25 19:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=56C5B179FE3308B655EB6208C3256FEC -- C:\WINDOWS\system32\kbdus.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=003D2FBF4C99C63FB1A3739D6F867090 -- C:\WINDOWS\system32\kbdusl.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=93AD90B3BC1F7FD5E333BE61DC010369 -- C:\WINDOWS\system32\kbdusr.dll
[2001.10.25 19:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ECC911343337D8AEE839A14F205AA12A -- C:\WINDOWS\system32\kbdusx.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=4F9CFFBF05831BB81833FC64A5329C36 -- C:\WINDOWS\system32\kbduzb.dll
[2001.10.25 19:00:00 | 000,005,632 | R--- | M] (Microsoft Corporation) MD5=E5D4673C83271FEEE1ED73E1E281A42B -- C:\WINDOWS\system32\kbdycc.dll
[2001.10.25 19:00:00 | 000,006,656 | R--- | M] (Microsoft Corporation) MD5=552221E92D6BF55F8358B927F00696C3 -- C:\WINDOWS\system32\kbdycl.dll
[2008.04.14 03:01:36 | 000,007,424 | ---- | M] (Microsoft Corporation) MD5=F59725CE3A1827B78DA01FBFB0A64005 -- C:\WINDOWS\system32\kd1394.dll
[2001.10.25 19:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) MD5=945FBB881AE927A44DFD96440F2F4F44 -- C:\WINDOWS\system32\kdcom.dll
Přispějete na provoz fóra?