VIRY.CZ

dobrý den mam v pc vir policie čr. zkoušel jsem kaspersky rescue 10 a ten nic nenasel.
nouzový rezim nejde zpustit restartuje se co stim. ted mam nabootovanej ubuntu z externího disku.

Zdravím!
Jaký máte operační systém?

dobrý den mam win xp a ěd jedu na ubuntu 13.10 32bit

OK.Restartujte a při novém startu těsně po skončení úvodních postů tiskněte klávesu >F8<. V menu, které se objeví, šipkami zvýrazněte >Nouzový režim s příkazovým řádkem MSDOS< a odentrujte. Do přík. řádku zadejte:

%Systemroot%/system32/restore/rstrui.exe

Odentrujte a vyberte datum bodu obnovy před nákazou. Opět >Enter< a vyčjkejte, až obnova proběhne. Restartujte pak do normálního, nebo (v příápadě problémů) do nouzového režimu.

kdyz dam nouzovi rezim s ms-dos tak se to restartuje

nevadí klidně vstupujte

SATA

tak konečně se to povedlo doufám že to bude ono

jak v tom prostredi spustim internet? nejak to nefacha

ani flashku to nečte

jsem tam

mam pripojit datový kabel?

ComboFix 13-12-21.01 - Administrator 22.12.2013 15:20:40.1.2 - x86 NETWORK
Spuštěný z: c:\documents and settings\Administrator.HP66811255121\Dokumenty\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-22 do 2013-12-22 )))))))))))))))))))))))))))))))
.
.
2013-12-22 17:08 . 2013-12-22 17:57 512 ----a-w- C:\Physical0MBR.bin
2013-12-22 14:13 . 2013-12-22 14:13 -------- d---a-w- c:\program files\SafePCRepair_89EI
2013-12-22 06:43 . 2013-12-22 14:10 -------- d-----w- c:\documents and settings\Administrator.HP66811255121
2013-12-21 22:36 . 2013-12-22 07:42 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-16 18:35 . 2013-08-15 16:39 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-16 18:35 . 2013-08-15 16:39 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-16 18:35 . 2013-08-15 16:39 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-16 18:35 . 2012-05-09 17:20 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-16 18:35 . 2012-05-09 17:20 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-16 18:35 . 2012-05-09 17:20 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-16 18:35 . 2012-05-09 17:20 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-16 18:35 . 2012-05-09 17:20 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-12-16 18:35 . 2012-05-09 17:20 43152 ----a-w- c:\windows\avastSS.scr
2013-12-16 18:35 . 2012-05-09 17:20 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-11 16:18 . 2012-05-10 18:56 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 16:18 . 2012-05-10 18:56 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2013-05-20 09:21 231712 ----a-w- c:\program files\BS_Player\prxtbBS_2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_2.dll" [2013-05-20 231712]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-16 18:35 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"Zástupce stránky vlastností sběrnice High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-03-08 13924864]
"PTHOSTTR"="c:\program files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2005-10-04 86016]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"LayoutM"="KLayMgr.exe" [2004-08-16 45056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-06-06 1564872]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-16 3568312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-12-16 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-12-16 403440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-12-16 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-12-16 70384]
S1 aswKbd;aswKbd; [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 19:07 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 16:19]
.
2013-12-22 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-18 06:45]
.
2013-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-09 17:20]
.
2013-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-09 17:20]
.
2013-12-22 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2012-06-06 20:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.hp.com
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-hpqSRMon - (no file)
AddRemove-Software Setup - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-22 15:26
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-600682357-420316650-2637938586-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c7,cb,b9,16,9d,38,95,4f,a1,c2,9b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c7,cb,b9,16,9d,38,95,4f,a1,c2,9b,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-12-22 15:27:45
ComboFix-quarantined-files.txt 2013-12-22 14:27
.
Před spuštěním: Volných bajtů: 23 451 348 992
Po spuštění: Volných bajtů: 23 581 138 944
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 3D83C9FF63A20487487B368995EF35C0
A36C5E4F47E84449FF07ED3517B43A31

vše v poradku ale vsehny fotky atd mi zmizeli.

nic cele xp je jako kdyz to zapnu poprve a jsou tam jen ty zakladni a jden nebo dva skeny

OTL logfile created on: 12/22/2013 12:56:32 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 85.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 20.22 Gb Free Space | 27.13% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2013/12/18 11:10:04 | 000,188,904 | ---- | M] (Initex) [Auto] -- C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss -- (winmgmt)
SRV - [2013/12/16 13:35:30 | 000,050,344 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/11 11:19:00 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/18 12:54:28 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/12/16 13:35:35 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/12/16 13:35:35 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/12/16 13:35:35 | 000,178,304 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/12/16 13:35:35 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/12/16 13:35:35 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/12/16 13:35:35 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/12/16 13:35:35 | 000,049,944 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/12/16 13:35:35 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2005/04/08 00:25:34 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/03/04 17:04:00 | 002,538,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/03/04 08:21:36 | 000,065,664 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2005/01/07 13:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/03 19:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 19:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 19:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 19:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 19:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 19:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 19:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 19:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 19:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 19:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 19:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 19:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 19:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 19:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 19:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2002/04/04 00:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator.HP66811255121_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
IE - HKU\Administrator.HP66811255121_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2012/07/25 11:50:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/12/16 13:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/11/18 12:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/18 12:54:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2006/03/02 02:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O2 - BHO: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (BS Player ControlBar Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\d2a60f10-d905-42a4-886f-f2fa1754091f.exe (AVAST Software)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LayoutM] C:\WINDOWS\KLayMgr.exe (Chicony)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] C:\WINDOWS\System32\hdashcut.exe (Windows (R) Server 2003 DDK provider)
O4 - Startup: C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění\qerj0hb.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator.HP66811255121_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: winmgmt - C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss (Initex)

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WinMgmt - C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss (Initex)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinMgmt - C:\DOCUME~1\ALLUSE~1\DATAAP~1\bh0jreq.jss (Initex)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
PhysicalDisk0 MBR saved to C:\Physical0MBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/12/22 01:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Adobe
[2013/12/22 01:46:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\AVAST Software
[2013/12/22 01:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\AskToolbar
[2013/12/22 01:43:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.HP66811255121\IETldCache
[2013/12/22 01:43:31 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft
[2013/12/22 01:43:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací
[2013/12/22 01:43:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Dokumenty\Obrázky
[2013/12/22 01:43:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Dokumenty\Hudba
[2013/12/22 01:43:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Dokumenty
[2013/12/22 01:43:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.HP66811255121\Cookies
[2013/12/22 01:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\Microsoft
[2013/12/22 01:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Identities
[2013/12/22 01:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\ApplicationHistory
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Příslušenství
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Oblíbené položky
[2013/12/22 01:43:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start
[2013/12/22 01:43:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Okolní tiskárny
[2013/12/22 01:43:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Okolní síť
[2013/12/22 01:43:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings
[2013/12/22 01:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Plocha
[2013/12/22 01:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2013/12/22 01:43:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\SendTo
[2013/12/22 01:43:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Recent
[2013/12/22 01:43:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.HP66811255121\Šablony
[2013/12/21 17:36:05 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2013/12/18 11:10:04 | 000,188,904 | ---- | C] (Initex) -- C:\Documents and Settings\All Users\Data aplikací\bh0jreq.jss
[2013/12/16 13:35:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/22 12:57:04 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin
[2013/12/22 06:40:56 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/22 06:40:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/22 06:40:36 | 1601,617,920 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/22 05:27:45 | 095,025,368 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.fee
[2013/12/22 05:26:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/12/22 05:16:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/22 05:11:06 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/22 05:10:44 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/12/22 05:09:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.odd
[2013/12/22 02:35:44 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
[2013/12/22 01:45:46 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk
[2013/12/22 01:45:43 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 01:44:12 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění\qerj0hb.lnk
[2013/12/21 18:28:34 | 000,000,057 | ---- | M] () -- C:\.directory
[2013/12/18 14:06:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/18 11:13:24 | 000,000,387 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.reg
[2013/12/18 11:10:04 | 000,188,904 | ---- | M] (Initex) -- C:\Documents and Settings\All Users\Data aplikací\bh0jreq.jss
[2013/12/16 13:35:52 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013/12/16 13:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
[2013/12/16 13:35:35 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/12/16 13:35:35 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/12/16 13:35:35 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/12/16 13:35:35 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/12/16 13:35:35 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/12/16 13:35:35 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/12/16 13:35:35 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/12/16 13:35:35 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/12/16 13:35:34 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/12/16 13:35:34 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/12/16 13:32:03 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/12/11 11:18:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/11 11:18:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/12/05 14:10:21 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/22 12:08:20 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin
[2013/12/22 06:39:51 | 1601,617,920 | -HS- | C] () -- C:\hiberfil.sys
[2013/12/22 01:45:46 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Internet Explorer.lnk
[2013/12/22 01:45:43 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/22 01:44:36 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Windows Media Player.lnk
[2013/12/22 01:44:12 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Po spuštění\qerj0hb.lnk
[2013/12/22 01:43:33 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk
[2013/12/22 01:43:33 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Local Settings\Data aplikací\fusioncache.dat
[2013/12/22 01:43:33 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Zobrazit plochu.scf
[2013/12/22 01:43:32 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2013/12/22 01:43:32 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator.HP66811255121\Nabídka Start\Programy\Outlook Express.lnk
[2013/12/21 18:28:34 | 000,000,057 | ---- | C] () -- C:\.directory
[2013/12/18 11:10:55 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.reg
[2013/12/18 11:10:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.odd
[2013/12/18 11:10:10 | 095,025,368 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\qerj0hb.fee
[2013/08/15 11:39:10 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/15 11:39:10 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/07/25 11:07:42 | 000,185,579 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2012/07/25 11:07:41 | 000,000,796 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2012/05/21 14:09:13 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/05/21 14:09:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2012/05/21 14:08:58 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/05/21 14:08:57 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/05/21 14:08:55 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/02/02 15:34:33 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2012/02/02 15:34:01 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2012/02/02 15:33:56 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2012/02/02 15:33:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2012/02/02 15:31:17 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2012/02/02 15:18:07 | 000,000,794 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2012/02/02 07:04:06 | 000,000,133 | ---- | C] () -- C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\fusioncache.dat
[2012/02/02 06:59:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2012/02/02 06:56:33 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012/02/02 06:52:10 | 000,001,996 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2012/02/02 06:52:08 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2012/02/02 06:52:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/05/16 11:01:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/05/04 17:29:02 | 000,441,260 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/05/04 17:29:02 | 000,437,832 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006/05/04 17:29:02 | 000,082,552 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006/05/04 17:29:02 | 000,071,196 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/05/04 17:24:52 | 000,123,728 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/05/04 17:17:14 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/05/04 17:12:10 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/10/18 09:54:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/07/17 13:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/10/24 13:29:46 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001/10/24 13:29:46 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001/08/17 23:30:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/17 23:30:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/17 23:15:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/07/22 00:36:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/07/22 00:36:06 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

========== LOP Check ==========

[2013/12/22 01:46:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.HP66811255121\Data aplikací\AVAST Software
[2012/05/14 10:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ask
[2013/12/16 13:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012/06/11 00:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2013/09/18 14:38:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013/12/22 05:10:44 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013/12/22 05:26:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

========== Custom Scans ==========

< DRIVES >

========== Restore Points Found ==========
[2013/12/18 13:22:10 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP186\snapshot
[2013/12/16 13:32:46 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP185\snapshot
[2013/12/12 11:12:11 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP184\snapshot
[2013/12/11 00:15:57 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP183\snapshot
[2013/12/09 11:37:09 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP182\snapshot
[2013/12/05 14:13:41 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP181\snapshot
[2013/12/04 13:07:03 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP180\snapshot
[2013/12/03 11:15:23 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP179\snapshot
[2013/11/25 12:26:29 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP178\snapshot
[2013/11/18 13:02:12 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP177\snapshot
[2013/11/14 14:00:14 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP176\snapshot
[2013/11/14 12:46:54 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP175\snapshot
[2013/11/13 12:24:58 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP174\snapshot
[2013/11/12 11:10:29 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP173\snapshot
[2013/11/08 03:34:33 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP172\snapshot
[2013/11/06 14:19:06 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP171\snapshot
[2013/11/04 14:27:53 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP170\snapshot
[2013/11/04 14:27:01 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP169\snapshot
[2013/11/04 13:48:45 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{EAE0B337-6EFF-4E83-916B-17B10367CCD1}\RP168\snapshot

< MD5 for: ACPI.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:acpi.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:acpi.sys
[2008/04/13 21:05:40 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=4FE34F1F3126B61FCC6B2043AA8112C9 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\acpi.sys
[2004/08/17 17:43:12 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\system32\drivers\acpi.sys

< MD5 for: AFD.SYS >
[2008/04/13 14:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\afd.sys
[2008/08/14 05:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008/08/14 04:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\system32\dllcache\afd.sys
[2008/08/14 04:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\system32\drivers\afd.sys
[2004/08/04 01:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2008/08/14 04:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2008/08/14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2008/06/20 05:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2008/06/20 06:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008/06/20 05:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
[2008/06/20 06:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys

< MD5 for: AGP440.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys

< MD5 for: ATAPI.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008/04/13 22:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2006/03/02 07:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\i386\AUTOCHK.EXE
[2006/03/02 07:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/04/13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2004/08/04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CHANGER.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008/04/13 13:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys

< MD5 for: CMD.EXE >
[2004/08/17 17:49:24 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=4E5BE66CD70D52637589E9C3E2C1696D -- C:\WINDOWS\system32\cmd.exe
[2008/04/13 22:22:15 | 000,390,144 | ---- | M] (Microsoft Corporation) MD5=58A4129B7AB2CF2E7F00256F7EDAEAC2 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cmd.exe

< MD5 for: CRYPTSVC.DLL >
[2004/08/17 17:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2008/04/13 22:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2004/08/17 17:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\system32\csrss.exe
[2008/04/13 22:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008/04/13 22:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2004/08/17 17:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/13 22:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004/08/17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe

< MD5 for: FASTFAT.SYS >
[2004/08/04 01:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008/04/13 14:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\fastfat.sys

< MD5 for: HAL.DLL >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:hal.dll
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008/04/13 13:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004/08/03 16:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: I8042PRT.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:i8042prt.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2004/08/17 17:44:12 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=0F42DE9909B5DBF2C48DD1A79D491AF5 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2008/04/13 21:21:15 | 000,052,096 | ---- | M] (Microsoft Corporation) MD5=C528E27945367191E7BAE364930B6932 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\i8042prt.sys

< MD5 for: ISAPNP.SYS >
[2001/10/24 05:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001/10/24 05:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001/10/24 13:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys
[2008/04/13 21:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys

< MD5 for: KBDCLASS.SYS >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:kbdclass.sys
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2008/04/13 21:29:06 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1B6162FE7F66B1A71A4B70F941C4AA9B -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\kbdclass.sys
[2004/08/17 17:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=6F877BF8DC01A550CD666F3BEDB2213C -- C:\WINDOWS\system32\drivers\kbdclass.sys

< MD5 for: LSASS.EXE >
[2004/08/17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2008/04/13 22:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe

< MD5 for: NDIS.SYS >
[2008/04/13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2004/08/04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/02/06 13:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/17 17:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008/04/13 22:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll

< MD5 for: NTFS.SYS >
[2008/04/13 14:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntfs.sys
[2006/03/02 07:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\i386\NTFS.SYS
[2006/03/02 07:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\system32\drivers\ntfs.sys

< MD5 for: NTKRNLPA.EXE >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:ntkrnlpa.exe
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntkrnlpa.exe
[2010/02/16 14:34:49 | 002,060,544 | ---- | M] (Microsoft Corporation) MD5=27DE458FE1E1A618836ADB61873BC9E8 -- C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
[2010/02/16 14:34:49 | 002,060,544 | ---- | M] (Microsoft Corporation) MD5=27DE458FE1E1A618836ADB61873BC9E8 -- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
[2009/02/09 06:52:22 | 002,017,792 | ---- | M] (Microsoft Corporation) MD5=2A10C3D1EFA71B00EADF711EEE9F94B5 -- C:\WINDOWS\$NtUninstallKB979683$\ntkrnlpa.exe
[2008/04/13 21:36:32 | 002,067,968 | ---- | M] (Microsoft Corporation) MD5=4DEE41C45E803DB91A72FD1BA69C05EE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntkrnlpa.exe
[2010/02/16 14:09:02 | 002,068,992 | ---- | M] (Microsoft Corporation) MD5=6C31566C176BC28C7D73BC6332642A58 -- C:\WINDOWS\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[2004/08/17 09:45:32 | 002,017,280 | ---- | M] (Microsoft Corporation) MD5=7715EDDD01EDFEF9EF335D29C6DFE212 -- C:\WINDOWS\$NtUninstallKB956572$\ntkrnlpa.exe
[2010/02/17 07:26:56 | 002,065,920 | ---- | M] (Microsoft Corporation) MD5=7F87EDF3C7C626D336533D2580940A00 -- C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[2009/02/09 06:44:58 | 002,065,152 | ---- | M] (Microsoft Corporation) MD5=BB64DC108F8C4EE4D4B7998AA19E5FA7 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[2010/02/16 14:34:37 | 002,018,816 | ---- | M] (Microsoft Corporation) MD5=D28D685746FCC801DB0E8474FB835B03 -- C:\WINDOWS\system32\ntkrnlpa.exe
[2009/02/10 12:09:12 | 002,068,224 | ---- | M] (Microsoft Corporation) MD5=D721665942F74CA7FF4162A0761CBB0A -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[2010/02/16 14:02:20 | 002,069,120 | ---- | M] (Microsoft Corporation) MD5=DCC3D91A3DEDBBA9ECFFA6028D872CF5 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[2009/02/09 06:19:06 | 002,068,352 | ---- | M] (Microsoft Corporation) MD5=FF8A3F180A224AA27EBAB937CA027F4D -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

< MD5 for: NTOSKRNL.EXE >
[2006/03/02 07:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:ntoskrnl.exe
[2006/03/02 02:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:ntoskrnl.exe
[2010/02/16 14:34:37 | 002,139,136 | ---- | M] (Microsoft Corporation) MD5=0AA7367A01044B4114F5B58DE132C385 -- C:\WINDOWS\system32\ntoskrnl.exe
[2010/02/17 07:09:02 | 002,192,128 | ---- | M] (Microsoft Corporation) MD5=4E8268B816B2D27E711A688D6FD0E319 -- C:\WINDOWS\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[2010/02/16 14:02:19 | 002,192,256 | ---- | M] (Microsoft Corporation) MD5=6B2312D847BA95F4E858CB4C3B5F51E1 -- C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[2004/08/17 09:45:30 | 002,150,400 | ---- | M] (Microsoft Corporation) MD5=84FEF6BE553ACC66729F5D4113F53310 -- C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe
[2009/02/10 12:18:42 | 002,191,360 | ---- | M] (Microsoft Corporation) MD5=97480EBFE1D4B547657BAD75AAAB1325 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[2010/02/16 14:26:52 | 002,189,056 | ---- | M] (Microsoft Corporation) MD5=AEDD2FE6BEC6FB4E3B25DB1E15C97560 -- C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[2008/04/13 21:37:08 | 002,191,104 | ---- | M] (Microsoft Corporation) MD5=C1536014AC1CB1D5397E31D9735E6571 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntoskrnl.exe
[2009/02/09 06:44:53 | 002,188,288 | ---- | M] (Microsoft Corporation) MD5=C424407DDD99223BF3248044CBBE91F6 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[2009/02/09 06:52:15 | 002,138,112 | ---- | M] (Microsoft Corporation) MD5=E4CB0FFB4C55DB2268B93F4A17EACBF2 -- C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe
[2010/02/16 14:34:49 | 002,183,552 | ---- | M] (Microsoft Corporation) MD5=F24D47F956B2527F8771E38AFE750743 -- C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
[2010/02/16 14:34:49 | 002,183,552 | ---- | M] (Microsoft Corporation) MD5=F24D47F956B2527F8771E38AFE750743 -- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
[2009/02/09 06:26:15 | 002,191,232 | ---- | M] (Microsoft Corporation) MD5=F48662F55CD8DDD4DBBBCB69DE197725 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe

< MD5 for: REGEDIT.EXE >
[2006/03/02 07:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\i386\REGEDIT.EXE
[2006/03/02 07:00:00 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=CB5A91928D94224E7E30EE277B45E8A3 -- C:\WINDOWS\regedit.exe
[2008/04/13 22:22:42 | 000,147,968 | ---- | M] (Microsoft Corporation) MD5=FDEB1D02CAE38665CBF114F44E6B997E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\regedit.exe

< MD5 for: SCECLI.DLL >
[2004/08/17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 22:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/02/09 04:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/09 06:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/09 05:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/09 05:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\services.exe
[2004/08/17 17:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/09 06:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2008/04/13 22:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\services.exe

< MD5 for: SMSS.EXE >
[2004/08/17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2008/04/13 22:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2006/03/02 07:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\i386\SYSTEM32\SMSS.EXE

< MD5 for: SPOOLSV.EXE >
[2004/08/17 17:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\system32\spoolsv.exe
[2008/04/13 22:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 22:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2004/08/17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: SYMMPI.SYS >
[2002/04/04 00:32:06 | 000,028,416 | R--- | M] (LSI Logic) MD5=F2B7E8416F508368AC6730E2AE1C614F -- C:\WINDOWS\system32\drivers\symmpi.sys

< MD5 for: TCPIP.SYS >
[2008/06/20 05:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 05:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 05:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008/04/13 14:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004/08/04 01:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/06/20 06:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USER32.DLL >
[2004/08/17 17:49:20 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1B4CCC59980DA34E75F20E42B283B027 -- C:\WINDOWS\system32\user32.dll
[2008/04/13 22:22:04 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=E16E0990967374E76F3E40CACAFD3D53 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\user32.dll

< MD5 for: USERINIT.EXE >
[2008/04/13 22:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2004/08/17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WIN32K.SYS >
[2005/01/14 12:39:16 | 001,836,160 | ---- | M] (Microsoft Corporation) MD5=0A8206089EAF3FF903670BD566BA9822 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2008/04/13 21:15:34 | 001,845,632 | ---- | M] (Microsoft Corporation) MD5=16AA352EC7D8E6D9DE50265BF0F9E016 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\win32k.sys
[2010/05/02 03:03:50 | 001,860,352 | ---- | M] (Microsoft Corporation) MD5=8402F80D7FCA8CD3A4BCF027773CAD34 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2010/05/02 03:09:42 | 001,851,264 | ---- | M] (Microsoft Corporation) MD5=8DFA2A74176D58E671C7FD9F8966DE99 -- C:\WINDOWS\$hf_mig$\KB979559\SP3GDR\win32k.sys
[2010/05/02 02:58:05 | 001,859,968 | ---- | M] (Microsoft Corporation) MD5=DC54910D95B0046F3567F38613DD35A9 -- C:\WINDOWS\system32\dllcache\win32k.sys
[2010/05/02 02:58:05 | 001,859,968 | ---- | M] (Microsoft Corporation) MD5=DC54910D95B0046F3567F38613DD35A9 -- C:\WINDOWS\system32\win32k.sys

< MD5 for: WINLOGON.EXE >
[2004/08/17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 22:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe

< MD5 for: WINSRV.DLL >
[2008/04/13 22:22:05 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=77A41C497ADB0C96D1E8DF6F71D843C0 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winsrv.dll
[2004/08/17 17:49:22 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=E4E57FBA176F2752527B1D53A663D2D7 -- C:\WINDOWS\system32\winsrv.dll

< MD5 for: WS2_32.DLL >
[2004/08/17 17:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008/04/13 22:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll

< MD5 for: WSCRIPT.EXE >
[2008/04/13 22:22:55 | 000,155,648 | ---- | M] (Microsoft Corporation) MD5=279C5962E62940A62C7DC4EEA707CD5D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\wscript.exe
[2004/08/17 17:49:30 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=8570AC76924CE5444AB664462DE8FFE5 -- C:\WINDOWS\system32\wscript.exe

< %systemroot%\system32\logevent.dll /md5 >

< %systemroot%\system32\sceclt.dll /md5 >

< %systemroot%\system32\ntelogon.dll /md5 >

< %systemroot%\system32\consrv.dll /md5 >

< %systemroot%\system32\logevent.dll /md5 /64 >

< %systemroot%\system32\sceclt.dll /md5 /64 >

< %systemroot%\system32\ntelogon.dll /md5 /64 >

< %systemroot%\system32\consrv.dll /md5 /64 >

< %systemroot%\system32\drivers\*.sys /md5 >
[2001/08/17 17:20:04 | 000,096,256 | ---- | M] (Intel Corporation) MD5=0F2D66D5F08EBE2F77BB904288DCF6F0 -- C:\WINDOWS\system32\drivers\ac97intc.sys
[2004/08/17 17:43:12 | 000,188,288 | ---- | M] (Microsoft Corporation) MD5=FA2FBCDA96D2385F773B059FE5A125A6 -- C:\WINDOWS\system32\drivers\acpi.sys
[2001/10/24 13:42:34 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=AFDFF022A01F0B11C776F0860C3B282F -- C:\WINDOWS\system32\drivers\acpiec.sys
[2001/08/18 00:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=9A11864873DA202C996558B2106B0BBC -- C:\WINDOWS\system32\drivers\adpu160m.sys
[2002/05/08 19:44:42 | 000,105,472 | ---- | M] (Adaptec, Inc.) MD5=0EA9B1F0C6C90A509C8603775366ADB7 -- C:\WINDOWS\system32\drivers\adpu320.sys
[2004/08/03 19:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\system32\drivers\aec.sys
[2008/08/14 04:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\system32\drivers\afd.sys
[2001/08/18 00:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) MD5=19DD0FB48B0C18892F70E2E7D61A1529 -- C:\WINDOWS\system32\drivers\aic78u2.sys
[2001/08/18 00:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) MD5=B7FE594A7468AA0132DEB03FB8E34326 -- C:\WINDOWS\system32\drivers\aic78xx.sys
[2006/03/02 04:00:00 | 000,040,832 | ---- | M] (Microsoft Corporation) MD5=F4E1072598A00A5FB74FC08BC97E33DE -- C:\WINDOWS\system32\drivers\amdk6.sys
[2006/03/02 04:00:00 | 000,041,216 | ---- | M] (Microsoft Corporation) MD5=2CC3BF45AC3180FE29C199BD95F09601 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2006/03/02 04:00:00 | 000,060,800 | ---- | M] (Microsoft Corporation) MD5=F0D692B0BFFB46E30EB3CEA168BBC49F -- C:\WINDOWS\system32\drivers\arp1394.sys
[2013/12/16 13:35:35 | 000,035,656 | ---- | M] (AVAST Software) MD5=74202D5A696A412733B387BD18400E4C -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2013/05/09 03:59:09 | 000,021,576 | ---- | M] (AVAST Software) MD5=3FCA5C1A8F33CF9857220CC3A3076A3E -- C:\WINDOWS\system32\drivers\aswKbd.sys
[2013/12/16 13:35:35 | 000,070,384 | ---- | M] (AVAST Software) MD5=AA3397F034871DE76A74585774029580 -- C:\WINDOWS\system32\drivers\aswMonFlt.sys
[2013/12/16 13:35:35 | 000,054,832 | ---- | M] (AVAST Software) MD5=9F597676EDA29D6619C5E76F523892D7 -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2013/12/16 13:35:35 | 000,049,944 | ---- | M] () MD5=F385467DF95D0A73775CB3B076B8B969 -- C:\WINDOWS\system32\drivers\aswRvrt.sys
[2013/12/16 13:35:35 | 000,774,392 | ---- | M] (AVAST Software) MD5=BB27A67D7F465D2720D74B5223DD91E4 -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2013/12/16 13:35:35 | 000,403,440 | ---- | M] (AVAST Software) MD5=259E864BFB9268CD7CEFA5849A3B374B -- C:\WINDOWS\system32\drivers\aswSP.sys
[2013/12/16 13:35:35 | 000,057,672 | ---- | M] (AVAST Software) MD5=AB499F3325E62E157F8E8302065B1B30 -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2013/12/16 13:35:35 | 000,178,304 | ---- | M] () MD5=BADA8FD627F1D0E22308211C33F0BDB5 -- C:\WINDOWS\system32\drivers\aswVmm.sys
[2004/08/04 01:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=02000ABF34AF4C218C35D257024807D6 -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) MD5=EC88DA854AB7D7752EC8BE11A741BB7F -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2001/08/17 23:46:46 | 000,031,360 | ---- | M] (Microsoft Corporation) MD5=39A0A59180F19946374275745B21AEBA -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2004/08/04 00:58:36 | 000,055,936 | ---- | M] (Microsoft Corporation) MD5=0128E78FE835F074E469F03DB681CA9E -- C:\WINDOWS\system32\drivers\atmlane.sys
[2001/08/17 23:47:02 | 000,352,256 | ---- | M] (Microsoft Corporation) MD5=E7EF69B38D17BA01F914AE8F66216A38 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) MD5=D9F724AA26C010A217C97606B160ED68 -- C:\WINDOWS\system32\drivers\audstub.sys
[2005/04/08 00:25:34 | 000,132,352 | ---- | M] (Broadcom Corporation) MD5=48BF91CFFBCDD12A710207F2A08FEC4D -- C:\WINDOWS\system32\drivers\b57xp32.sys
[2005/03/04 08:21:36 | 000,065,664 | ---- | M] (Broadcom Corporation) MD5=7F72473390FEEE312A66AF045C8EF0F6 -- C:\WINDOWS\system32\drivers\baspxp32.sys
[2001/08/17 23:47:38 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[2004/08/04 00:59:58 | 000,071,552 | ---- | M] (Microsoft Corporation) MD5=E4E6A0922E3D983728C9AD4E8D466954 -- C:\WINDOWS\system32\drivers\bridge.sys
[2008/06/14 13:00:16 | 000,272,128 | ---- | M] (Microsoft Corporation) MD5=28D8EB74C2F2480518C59807A59CD1E2 -- C:\WINDOWS\system32\drivers\bthport.sys
[2001/08/17 23:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) MD5=90A673FC8E12A79AFBED2576F6A7AAF9 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2006/03/02 04:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) MD5=C1B486A7658353D33A10CC15211A873B -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2004/08/04 01:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) MD5=CD7D5152DF32B47F4E36F710B35AAE02 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2004/08/04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006/03/02 04:00:00 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) MD5=30274D9BC25A43BF14891E710216EBC4 -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2004/08/04 01:14:28 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=D86173B401470F06D9810F7962969DDF -- C:\WINDOWS\system32\drivers\classpnp.sys
[2006/03/02 04:00:00 | 000,011,776 | ---- | M] (Compaq Computer Corporation) MD5=9624293E55AD405415862B504CA95B73 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2006/03/02 04:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) MD5=80419D8E6DBDB8C25CBAFC8269243CF7 -- C:\WINDOWS\system32\drivers\crusoe.sys
[2004/08/04 00:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2004/08/04 00:59:54 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=D16C81677A9BE399C63CD2EA486472A5 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2004/08/17 17:45:04 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) MD5=E1968EDEC81C430108FEB23AB07BDB14 -- C:\WINDOWS\system32\drivers\dmboot.sys
[2004/08/17 17:45:06 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) MD5=1B1520A82E396E46B9AE9FA6B03FF6C6 -- C:\WINDOWS\system32\drivers\dmio.sys
[2001/08/17 23:58:20 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.)

VIRY.CZ

vir policie čr

vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr

Re: vir policie čr