Kontrola logu, pomalý start programů po startu PC

Zpráva

rEvoluce · #1 Příspěvek od **rEvoluce** » 18 lis 2011 11:34

Dobrý den, prosím kontrolu logu, děkuji moc. P

Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 182 GB (76%) free of 238 GB
Total RAM: 1023 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:41, on 18.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tenda\W302P\UI.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Pavel\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8921802703
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5695 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\9fc2aam7.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\9fc2aam7.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-07-04 3493720]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-07-29 2554696]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2000-01-01 19556968]
"NVRaidService"=C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [2010-04-09 163944]
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2000-01-01 19968]
""= []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"NWEReboot"= []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-02-23 13880424]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-02-23 111208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
C:\Program Files\SlimDrivers\SlimDrivers.exe [2011-07-14 26441568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tenda_UI]
C:\Program Files\Tenda\W302P\UI.exe [2009-06-29 2125824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Tenda W302P.lnk]
C:\PROGRA~1\Tenda\W302P\UI.exe [2009-06-29 2125824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-11-18 11:33:34 ----D---- C:\rsit
2011-11-18 11:33:34 ----D---- C:\Program Files\trend micro
2011-11-18 11:31:47 ----D---- C:\WINDOWS\pss
2011-11-15 22:14:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2011-11-15 22:13:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-10-23 11:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-23 11:10:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676-v2$
2011-10-23 11:09:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-23 11:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$

======List of files/folders modified in the last 1 month======

2011-11-18 11:33:41 ----D---- C:\WINDOWS\Prefetch
2011-11-18 11:33:35 ----D---- C:\WINDOWS\Temp
2011-11-18 11:33:34 ----RD---- C:\Program Files
2011-11-18 11:31:47 ----D---- C:\WINDOWS
2011-11-18 11:28:26 ----D---- C:\WINDOWS\system32
2011-11-18 11:28:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-18 11:27:09 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-18 11:27:07 ----SD---- C:\WINDOWS\Tasks
2011-11-15 22:15:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-11-15 22:14:55 ----HD---- C:\WINDOWS\inf
2011-11-15 22:14:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-15 22:13:29 ----A---- C:\WINDOWS\system32\MRT.exe
2011-11-15 22:13:24 ----A---- C:\WINDOWS\imsins.BAK
2011-11-15 22:12:45 ----SHD---- C:\WINDOWS\Installer
2011-11-15 22:12:37 ----D---- C:\Program Files\Microsoft Office
2011-11-15 22:11:30 ----D---- C:\Documents and Settings\Pavel\Data aplikací\Skype
2011-11-15 16:55:21 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-23 15:05:45 ----RD---- C:\Program Files\Skype
2011-10-23 15:05:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-10-23 11:54:22 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-23 11:54:14 ----RSD---- C:\WINDOWS\assembly
2011-10-23 11:30:17 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-23 11:18:32 ----D---- C:\Program Files\Mozilla Firefox
2011-10-23 11:13:31 ----D---- C:\WINDOWS\WinSxS
2011-10-23 11:08:55 ----D---- C:\WINDOWS\system32\drivers
2011-10-23 11:08:43 ----D---- C:\Program Files\Internet Explorer
2011-10-23 11:08:28 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-07-29 97504]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2000-01-01 164896]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-07-29 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-07-29 29400]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-01-28 21419]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-28 218688]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2000-01-01 6088296]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2000-01-01 25505]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2000-01-01 70801]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-02-23 9888384]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2000-01-01 67328]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2000-01-01 15872]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2000-01-01 1691480]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2011-04-03 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2011-04-03 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2011-04-03 94064]
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2011-04-03 85408]
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\k510obex.sys [2011-04-03 83344]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2000-01-01 1395800]
S3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-07-29 679680]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-10-14 32000]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-07-29 1793712]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-02-23 156776]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-22 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 18 lis 2011 15:42

Zdravím.

Na první pohled nevidím nic špatného, jen dočištění zbytečností.

Každopádně se mi vůbec nelíbí C:\Program Files\Tenda\W302P\UI.exe - tos instaloval Ty?

Jestli ne, tak mi to projeď zde:

Následující soubory otestuj na Jottiho stránkách.

C:\Program Files\Tenda\W302P\UI.exe
Klikni na Vybrat....
Najdi soubor, který chci otestovat.
Klikni na Odeslat soubor a vyčkej na dokončení scanu.
Výsledek analýzy mi sem vlož (jako odkaz).

Zbytek scriptů pro dočištění napíšu až po výsledku.

rEvoluce · #3 Příspěvek od **rEvoluce** » 18 lis 2011 17:46

Ahoj,

jj, to jsem instaloval já, to je soft pro wifi kartu,kterou tedy už nepoužívám. Původně jsem PC koupil wifi kartu, ale spojení slabý, tak jsem kartu zakázal a používám kabel. Začínám si myslet, že možná PC zpomaluje právě karta.

rEvoluce · #4 Příspěvek od **rEvoluce** » 18 lis 2011 17:47

jo a dík za kontrolu.

#5 Příspěvek od **Mc_Murphy** » 18 lis 2011 21:34

Tak to nevím, jestli to může dělat karta, ale nějaké zbytečnosti Ti povypínám, tak uvidíme potom, zda se PC trošku zrychlí.

Jedna věc mě ještě napadá - Comodo máš spuštěné jen jako firewall nebo i jako antivir? Jestli i jako antivir, pak to může či spíše bude způsobovat kolize systému. A možná bych asi vypnul Windows Defender, když máš Avast! a Comodo.

Fixni v HJT tyto položky:

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Pavel.exe

Po fixnutí mi udělej ještě scan s OTL, protože vidím nějaké zbytky po toolbarech a další věci, které jinak nesmažu.

Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů.
Do spodního okénka Vlastní skenování/opravy vlož tento script:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
*legalizator* /s
*registration* /s
*Office 2010* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko Prohledat.
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

rEvoluce · #6 Příspěvek od **rEvoluce** » 19 lis 2011 18:34

OTL logfile created on: 19.11.2011 18:05:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Pavel\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,36 Mb Total Physical Memory | 467,56 Mb Available Physical Memory | 45,69% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 78,97% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 178,01 Gb Free Space | 76,44% Space Free | Partition Type: NTFS

Computer Name: PAOLO | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.11.19 18:03:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Dokumenty\Stažené soubory\OTL.exe
PRC - [2011.09.29 08:07:25 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.07.29 20:58:09 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
PRC - [2011.07.29 20:58:02 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2011.07.04 12:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.07.04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.09 02:42:28 | 000,163,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
PRC - [2010.02.19 17:00:24 | 000,148,744 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO livePCsupport\CLPSLS.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.03 18:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006.11.03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2004.01.08 09:50:00 | 000,037,888 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE

========== Modules (No Company Name) ==========

MOD - [2011.11.19 09:48:56 | 001,618,432 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11111900\algo.dll
MOD - [2011.11.15 12:59:54 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11111900\aswRep.dll
MOD - [2011.10.23 11:31:35 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.09.29 08:07:25 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.07.29 20:58:02 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.07.04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.02.19 17:00:24 | 000,148,744 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe -- (CLPSLS)
SRV - [2006.11.03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011.07.29 20:59:38 | 000,097,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011.07.29 20:59:37 | 000,242,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.07.29 20:59:37 | 000,029,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.07.04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.07.04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.07.04 12:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.07.04 12:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.07.04 12:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.07.04 12:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.07.04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.04.03 19:54:55 | 000,094,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2011.04.03 19:54:55 | 000,085,408 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM)
DRV - [2011.04.03 19:54:55 | 000,083,344 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex)
DRV - [2011.04.03 19:54:55 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2011.04.03 19:54:54 | 000,058,288 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM)
DRV - [2011.01.28 21:00:48 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2009.10.14 19:08:32 | 000,032,000 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2008.07.29 11:52:46 | 000,679,680 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2007.04.16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2001.08.17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2000.01.01 01:00:00 | 006,088,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2000.01.01 01:00:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2000.01.01 01:00:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2000.01.01 01:00:00 | 000,164,896 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2000.01.01 01:00:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2000.01.01 01:00:00 | 000,067,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2000.01.01 01:00:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2000.01.01 01:00:00 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-527237240-1844823847-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.23 11:18:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.23 11:18:29 | 000,000,000 | ---D | M]

[2011.01.28 20:42:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Extensions
[2011.11.18 20:41:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\9fc2aam7.default\extensions
[2011.08.07 09:08:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\9fc2aam7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.10.23 11:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.10.23 15:05:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PAVEL\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\9FC2AAM7.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PAVEL\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\9FC2AAM7.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PAVEL\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\9FC2AAM7.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM.XPI
[2011.09.29 08:07:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.29 02:30:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.29 02:30:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.29 02:30:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.29 02:30:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.29 02:30:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.03.02 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-1844823847-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 8921802703 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2393E6B8-3067-4241-9A05-7A7CF02F28A7}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.28 19:24:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: CLPSLS - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: CLPSLS - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.11.18 11:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.18 11:33:34 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.18 11:31:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.11.19 18:07:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.19 18:00:03 | 000,441,226 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.19 18:00:03 | 000,437,660 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.11.19 18:00:03 | 000,082,474 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.11.19 18:00:03 | 000,071,162 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.19 17:58:54 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011.11.19 17:55:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.19 17:29:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.18 20:39:08 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.11.15 22:13:24 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

rEvoluce · #7 Příspěvek od **rEvoluce** » 19 lis 2011 18:34

[2011.11.19 18:07:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.27 01:02:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.06.30 09:21:25 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\fusioncache.dat
[2011.06.06 20:34:28 | 000,035,538 | ---- | C] () -- C:\WINDOWS\scunin.dat
[2011.01.30 15:59:37 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.01.29 13:50:47 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.01.29 13:49:35 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.28 22:17:14 | 000,005,876 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.01.28 20:42:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.01.28 19:44:45 | 000,014,640 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011.01.28 19:36:01 | 000,252,316 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.01.28 19:35:59 | 000,252,316 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.01.28 19:35:59 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.01.28 19:35:55 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011.01.28 19:25:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.01.28 19:21:52 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.01.28 19:15:08 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.01.28 19:14:07 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.03.02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 13:00:00 | 000,441,226 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 13:00:00 | 000,437,660 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 13:00:00 | 000,082,474 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 13:00:00 | 000,071,162 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011.01.28 19:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.01.28 21:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.04.03 19:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2011.04.23 23:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer
[2011.01.28 20:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer Pro
[2011.01.28 22:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\DAEMON Tools Lite
[2011.04.03 20:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teleca
[2011.08.07 16:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\uTorrent
[2011.11.19 17:58:54 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.01.28 21:13:11 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.01.28 21:13:11 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.01.28 21:13:11 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.01.28 21:13:11 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110128T204813890625\gencdrom\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CSRSS.EXE >
[2006.03.02 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 04:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 04:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NTFS.SYS >
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 20:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2006.03.02 13:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 10:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 11:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2006.03.02 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2006.03.02 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2010.08.17 14:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 04:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 04:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007.04.09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

rEvoluce · #8 Příspěvek od **rEvoluce** » 19 lis 2011 18:35

color=#A23BEC]< %systemroot%\system32\drivers\*.sys /5 >[/color]

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 04:21:36 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 04:21:36 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 04:21:36 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 04:21:36 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 04:21:36 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 04:21:36 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 04:21:36 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 04:21:37 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 04:21:37 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 04:21:37 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 04:21:37 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 04:21:37 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 04:21:38 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.17 22:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2005.12.23 10:29:38 | 000,000,441 | R--- | M] () -- C:\WINDOWS\system32\drivers\DriverLanguageMap.xml
[2006.03.02 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2006.03.02 13:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2005.06.03 13:14:38 | 000,009,845 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600bus.cat
[2005.06.03 12:46:30 | 000,006,791 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600bus.inf
[2005.06.03 12:46:34 | 000,023,898 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600comm.vxd
[2005.06.03 13:14:40 | 000,013,215 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdm.cat
[2005.06.03 12:46:38 | 000,013,143 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdm2.inf
[2005.06.03 12:46:38 | 000,018,753 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdmv.inf
[2005.06.03 12:46:40 | 000,005,008 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdmw.inf
[2005.06.03 13:14:40 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mgmt.cat
[2005.06.03 13:14:40 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obex.cat
[2005.06.03 12:46:42 | 000,004,643 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obx2.inf
[2005.06.03 12:46:42 | 000,010,915 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obxv.inf
[2005.06.03 12:46:44 | 000,004,597 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obxw.inf
[2005.06.03 12:46:44 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600sdm2.inf
[2005.06.03 12:46:46 | 000,010,929 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600sdmv.inf
[2005.06.03 12:46:46 | 000,004,662 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600sdmw.inf
[2005.06.03 12:46:48 | 000,013,263 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600vcd.vxd
[2005.06.03 12:46:48 | 000,030,617 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600vcr.vxd
[2005.06.03 12:46:52 | 000,009,845 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750bus.cat
[2005.06.03 12:46:52 | 000,006,785 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750bus.inf
[2005.06.03 12:46:56 | 000,023,894 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750comm.vxd
[2005.06.03 12:46:58 | 000,013,215 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdm.cat
[2005.06.03 12:47:00 | 000,013,133 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdm2.inf
[2005.06.03 12:47:02 | 000,018,748 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdmv.inf
[2005.06.03 12:47:02 | 000,004,987 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdmw.inf
[2005.06.03 12:47:04 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mgmt.cat
[2005.06.03 12:47:04 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obex.cat
[2005.06.03 12:47:06 | 000,004,636 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obx2.inf
[2005.06.03 12:47:08 | 000,010,911 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obxv.inf
[2005.06.03 12:47:08 | 000,004,577 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obxw.inf
[2005.06.03 12:47:10 | 000,004,709 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750sdm2.inf
[2005.06.03 12:47:10 | 000,010,925 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750sdmv.inf
[2005.06.03 12:47:12 | 000,004,642 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750sdmw.inf
[2005.06.03 12:47:12 | 000,013,259 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750vcd.vxd
[2005.06.03 12:47:14 | 000,030,613 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750vcr.vxd
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2000.01.01 01:00:00 | 000,005,876 | ---- | M] () -- C:\WINDOWS\system32\drivers\nvphy.bin
[2008.04.14 04:21:55 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2005.06.03 12:47:16 | 000,009,712 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800bus.cat
[2005.06.03 12:47:16 | 000,007,178 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800bus.inf
[2005.06.03 12:47:20 | 000,023,915 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800comm.vxd
[2005.06.03 12:47:22 | 000,013,082 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdm.cat
[2005.06.03 12:47:24 | 000,013,592 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdm2.inf
[2005.06.03 12:47:26 | 000,018,787 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdmv.inf
[2005.06.03 12:47:26 | 000,004,992 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdmw.inf
[2005.06.03 12:47:28 | 000,012,657 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mgmt.cat
[2005.06.03 12:47:28 | 000,012,657 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obex.cat
[2005.06.03 12:47:30 | 000,004,869 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obx2.inf
[2005.06.03 12:47:32 | 000,011,074 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obxv.inf
[2005.06.03 12:47:32 | 000,004,805 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obxw.inf
[2005.06.03 12:47:34 | 000,004,970 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800sdm2.inf
[2005.06.03 12:47:34 | 000,011,088 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800sdmv.inf
[2005.06.03 12:47:36 | 000,004,870 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800sdmw.inf
[2005.06.03 12:47:36 | 000,013,280 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800vcd.vxd
[2005.06.03 12:47:38 | 000,030,634 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800vcr.vxd
[2008.04.14 04:22:04 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
[2005.07.22 00:30:38 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550bus.cat
[2005.08.01 12:46:40 | 000,006,793 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550bus.inf
[2005.08.01 12:46:42 | 000,023,898 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550comm.vxd
[2005.07.22 00:30:40 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdm.cat
[2005.08.01 12:46:44 | 000,013,195 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdm2.inf
[2005.08.01 12:46:44 | 000,018,773 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdmv.inf
[2005.08.01 12:46:44 | 000,005,020 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdmw.inf
[2005.08.01 13:59:00 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mgmt.cat
[2005.08.01 13:59:32 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obex.cat
[2005.08.01 12:46:46 | 000,004,645 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obx2.inf
[2005.08.01 12:46:46 | 000,010,935 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obxv.inf
[2005.08.01 12:46:46 | 000,004,496 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obxw.inf
[2005.08.01 12:46:48 | 000,004,718 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550sdm2.inf
[2005.08.01 12:46:48 | 000,010,949 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550sdmv.inf
[2005.08.01 12:46:48 | 000,004,561 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550sdmw.inf
[2005.08.01 12:46:50 | 000,013,255 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550vcd.vxd
[2005.08.01 12:46:50 | 000,030,609 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550vcr.vxd
[2005.08.15 14:04:56 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600bus.cat
[2005.08.15 14:04:54 | 000,006,793 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600bus.inf
[2005.08.15 14:04:52 | 000,023,902 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600comm.vxd
[2005.08.15 14:04:50 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdm.cat
[2005.08.15 14:04:48 | 000,013,195 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdm2.inf
[2005.08.15 14:04:46 | 000,018,773 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdmv.inf
[2005.08.15 14:04:46 | 000,005,020 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdmw.inf
[2005.08.15 14:04:46 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mgmt.cat
[2005.08.15 14:04:44 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obex.cat
[2005.08.15 14:04:42 | 000,004,645 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obx2.inf
[2005.08.15 14:04:40 | 000,010,935 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obxv.inf
[2005.08.15 14:04:40 | 000,004,496 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obxw.inf
[2005.08.15 14:04:40 | 000,004,718 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600sdm2.inf
[2005.08.15 14:04:38 | 000,010,949 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600sdmv.inf
[2005.08.15 14:04:36 | 000,004,561 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600sdmw.inf
[2005.08.15 14:04:36 | 000,013,259 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600vcd.vxd
[2005.08.15 14:04:36 | 000,030,613 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600vcr.vxd
[2005.09.07 15:38:28 | 000,009,851 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800bus.cat
[2005.09.07 15:42:44 | 000,006,899 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800bus.inf
[2005.09.07 15:42:46 | 000,023,886 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800comm.vxd
[2005.09.07 15:38:30 | 000,013,221 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdm.cat
[2005.09.07 15:42:48 | 000,013,303 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdm2.inf
[2005.09.07 15:42:48 | 000,018,813 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdmv.inf
[2005.09.07 15:42:50 | 000,005,096 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdmw.inf
[2005.09.07 15:38:30 | 000,012,796 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mgmt.cat
[2005.09.07 15:38:30 | 000,012,796 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obex.cat
[2005.09.07 15:42:50 | 000,004,711 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obx2.inf
[2005.09.07 15:42:52 | 000,010,969 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obxv.inf
[2005.09.07 15:42:52 | 000,004,651 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obxw.inf
[2005.09.07 15:42:52 | 000,004,784 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800sdm2.inf
[2005.09.07 15:42:54 | 000,010,983 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800sdmv.inf
[2005.09.07 15:42:54 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800sdmw.inf
[2005.09.07 15:42:54 | 000,013,251 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800vcd.vxd
[2005.09.07 15:42:54 | 000,030,605 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800vcr.vxd
[2006.02.20 16:59:26 | 000,009,720 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810bus.cat
[2006.02.20 16:59:52 | 000,006,927 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810bus.inf
[2006.02.20 16:59:30 | 000,023,896 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810comm.vxd
[2006.02.20 16:59:32 | 000,013,090 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdm.cat
[2006.02.20 16:59:50 | 000,013,297 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdm2.inf
[2006.02.20 16:59:50 | 000,018,655 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdmv.inf
[2006.02.20 16:59:48 | 000,004,769 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdmw.inf
[2006.02.20 16:59:36 | 000,012,665 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mgmt.cat
[2006.02.20 16:59:38 | 000,012,665 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obex.cat
[2006.02.20 16:59:48 | 000,004,746 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obx2.inf
[2006.02.20 16:59:46 | 000,010,959 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obxv.inf
[2006.02.20 16:59:46 | 000,004,723 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obxw.inf
[2006.02.20 16:59:44 | 000,004,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810sdm2.inf
[2006.02.20 16:59:44 | 000,010,965 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810sdmv.inf
[2006.02.20 16:59:42 | 000,004,692 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810sdmw.inf
[2006.02.20 16:59:38 | 000,013,249 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810vcd.vxd
[2006.02.20 16:59:40 | 000,030,587 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810vcr.vxd
[2005.09.27 09:34:08 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900bus.cat
[2005.09.27 09:34:10 | 000,006,899 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900bus.inf
[2005.09.27 09:34:14 | 000,023,898 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900comm.vxd
[2005.09.27 09:34:16 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdm.cat
[2005.09.27 09:34:18 | 000,013,186 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdm2.inf
[2005.09.27 09:34:20 | 000,018,746 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdmv.inf
[2005.09.27 09:34:20 | 000,005,096 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdmw.inf
[2005.09.27 09:34:22 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mgmt.cat
[2005.09.27 09:34:24 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obex.cat
[2005.09.27 09:34:26 | 000,004,661 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obx2.inf
[2005.09.27 09:34:28 | 000,010,969 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obxv.inf
[2005.09.27 09:34:28 | 000,004,651 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obxw.inf
[2005.09.27 09:34:30 | 000,004,734 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900sdm2.inf
[2005.09.27 09:34:30 | 000,010,983 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900sdmv.inf
[2005.09.27 09:34:32 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900sdmw.inf
[2005.09.27 09:34:32 | 000,013,263 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900vcd.vxd
[2005.09.27 09:34:34 | 000,030,617 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900vcr.vxd
[2005.06.03 12:47:40 | 000,006,973 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2bus.inf
[2005.06.03 12:47:44 | 000,023,878 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2comm.vxd
[2005.06.03 12:47:48 | 000,013,447 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2mdm2.inf
[2005.06.03 12:47:48 | 000,018,906 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2mdmv.inf
[2005.06.03 12:47:50 | 000,004,824 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2mdmw.inf
[2005.06.03 12:47:52 | 000,004,614 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2obx2.inf
[2005.06.03 12:47:52 | 000,010,986 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2obxv.inf
[2005.06.03 12:47:54 | 000,004,679 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2obxw.inf
[2005.06.03 12:47:54 | 000,004,715 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2sdm2.inf
[2005.06.03 12:47:56 | 000,010,992 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2sdmv.inf
[2005.06.03 12:47:56 | 000,004,739 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2sdmw.inf
[2005.06.03 12:47:58 | 000,013,255 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2vcd.vxd
[2005.06.03 12:47:58 | 000,030,097 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2vcr.vxd
[2005.09.07 15:40:34 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520bus.cat
[2005.09.07 15:42:56 | 000,006,866 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520bus.inf
[2005.09.07 15:42:58 | 000,023,895 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520comm.vxd
[2005.09.07 15:40:36 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdm.cat
[2005.09.07 15:43:00 | 000,013,202 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdm2.inf
[2005.09.07 15:43:00 | 000,018,734 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdmv.inf
[2005.09.07 15:43:02 | 000,005,069 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdmw.inf
[2005.09.07 15:40:36 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mgmt.cat
[2005.09.07 15:40:38 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obex.cat
[2005.09.07 15:43:02 | 000,004,687 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obx2.inf
[2005.09.07 15:43:04 | 000,010,956 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obxv.inf
[2005.09.07 15:43:04 | 000,004,633 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obxw.inf
[2005.09.07 15:43:04 | 000,004,760 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520sdm2.inf
[2005.09.07 15:43:06 | 000,010,970 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520sdmv.inf
[2005.09.07 15:43:06 | 000,004,698 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520sdmw.inf
[2005.09.07 15:43:06 | 000,013,260 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520vcd.vxd
[2005.09.07 15:43:08 | 000,030,614 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520vcr.vxd
[2005.11.18 12:26:30 | 000,009,845 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800bus.cat
[2005.11.18 12:26:30 | 000,006,791 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800bus.inf
[2005.11.18 12:26:26 | 000,023,892 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800comm.vxd
[2005.11.18 12:26:22 | 000,013,215 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdm.cat
[2005.11.18 12:26:18 | 000,013,143 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdm2.inf
[2005.11.18 12:26:16 | 000,018,753 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdmv.inf
[2005.11.18 12:26:14 | 000,004,988 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdmw.inf
[2005.11.18 12:26:12 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mgmt.cat
[2005.11.18 12:26:10 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obex.cat
[2005.11.18 12:26:08 | 000,004,643 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obx2.inf
[2005.11.18 12:26:06 | 000,010,915 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obxv.inf
[2005.11.18 12:26:06 | 000,004,583 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obxw.inf
[2005.11.18 12:26:04 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800sdm2.inf
[2005.11.18 12:26:02 | 000,010,929 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800sdmv.inf
[2005.11.18 12:26:02 | 000,004,649 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800sdmw.inf
[2005.11.18 12:26:00 | 000,013,257 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800vcd.vxd
[2005.11.18 12:26:00 | 000,030,611 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800vcr.vxd

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.11.15 22:13:29 | 050,295,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2011.11.19 18:00:03 | 000,082,474 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.11.19 18:00:03 | 000,071,162 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.11.19 18:00:03 | 000,437,660 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.11.19 18:00:03 | 000,441,226 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.11.19 18:00:03 | 001,047,282 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.11.19 17:29:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2011.01.28 19:13:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.01.28 19:13:15 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.01.28 19:13:14 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[12 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\58733582baf5ece2ae0c531334d76e41\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\58733582baf5ece2ae0c531334d76e41\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[7 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.01.28 19:14:44 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.03.30 18:29:02 | 000,319,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\ARM\Reader_10.0.0\15526\AcrobatUpdater.exe
[2011.03.30 18:29:02 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\ARM\Reader_10.0.0\15526\AdobeARM.exe
[2011.03.30 18:29:02 | 000,319,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\ARM\Reader_10.0.0\15526\ReaderUpdater.exe
[2010.11.16 08:44:30 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA0000000001}\setup.exe
[2011.01.28 20:50:08 | 001,510,584 | ---- | M] (COMODO ) -- C:\Documents and Settings\All Users\Data Aplikací\Comodo Downloader\trustconnectclient.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.03.13 20:13:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Adobe
[2011.07.27 01:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Ahead
[2011.04.23 23:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer
[2011.01.28 20:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer Pro
[2011.01.28 22:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\DAEMON Tools Lite
[2011.01.30 16:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Help
[2011.01.28 19:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Identities
[2011.01.28 19:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\InstallShield
[2011.01.28 20:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Macromedia
[2011.07.26 20:01:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel\Data aplikací\Microsoft
[2011.01.28 20:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla
[2011.11.19 00:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Skype
[2011.07.23 08:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\skypePM
[2011.04.03 20:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teleca
[2011.08.07 16:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\uTorrent
[2011.07.23 23:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2011.01.28 19:14:44 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\desktop.ini

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer\Haali media splitter\uninstall.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2002.12.10 21:03:34 | 000,054,883 | ---- | M] () -- \Program Files\Activision\Modern Warfare 2\Redist\DirectX\MView\gxu\crackdecl.cod
[2002.11.12 18:12:26 | 000,012,818 | ---- | M] () -- \Program Files\Activision\Modern Warfare 2\Redist\DirectX\MView\gxu\crackdecl.cpp
[2002.11.12 18:12:26 | 000,026,093 | ---- | M] () -- \Program Files\Activision\Modern Warfare 2\Redist\DirectX\MView\gxu\crackdecl.h
[2002.12.11 08:48:26 | 000,016,120 | ---- | M] () -- \Program Files\Activision\Modern Warfare 2\Redist\DirectX\MView\gxu\gxcrackfvf.h

< *keygen* /s >

< *loader* /s >
[2011.04.03 17:55:11 | 000,000,054 | ---- | M] () -- \Documents and Settings\Pavel\Data aplikací\Macromedia\Flash Player\#SharedObjects\CLRXA5GJ\media.mtvnservices.com\player\loader\loaderLogging.sol
[2011.01.28 21:09:16 | 000,003,208 | ---- | M] () -- \Documents and Settings\Pavel\Local Settings\Temporary Internet Files\Content.IE5\KFOZM385\ajax-loader[1].gif
[2011.07.24 03:03:49 | 000,030,818 | ---- | M] () -- \Documents and Settings\Pavel\Local Settings\Temporary Internet Files\Content.IE5\KFOZM385\sc2downloader[1].jpg
[2006.05.23 12:33:40 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011.07.24 03:06:31 | 000,000,000 | ---- | M] () -- \Program Files\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006.01.30 14:01:18 | 000,495,616 | ---- | M] () -- \Program Files\Sony Ericsson\Mobile2\Sync Station\NotesPimAdaptorLoader.dll
[2010.08.23 19:00:20 | 000,007,928 | ---- | M] () -- \Program Files\Sweet Home 3D\THIRDPARTY-LICENSE-LOADER3DS.TXT
[2010.08.23 19:00:20 | 000,050,157 | ---- | M] () -- \Program Files\Sweet Home 3D\lib\Loader3DS1_2u.jar
[2010.03.15 10:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

rEvoluce · #9 Příspěvek od **rEvoluce** » 19 lis 2011 18:35

< *serial* /s >
[2011.01.29 13:43:07 | 000,000,771 | ---- | M] () -- \Documents and Settings\Pavel\Recent\Office 2003 Professional with SP1,2,3 + Working Serial.lnk
[2011.08.30 16:58:34 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011.10.23 11:15:59 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.03.02 13:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2011.06.24 15:03:03 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.06.27 09:56:07 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.23 11:13:31 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.27 09:54:37 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.23 11:53:22 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.23 11:51:27 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 18:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< *legalizator* /s >

< *registration* /s >
[2011.06.06 20:36:38 | 000,000,097 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Starcraft\Starcraft - Brood War Electronic Registration.url
[2011.06.06 20:34:25 | 000,000,092 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Starcraft\Starcraft Electronic Registration.url
[2010.08.23 19:00:28 | 000,001,440 | ---- | M] () -- \Program Files\Sweet Home 3D\jre6\lib\servicetag\registration.xml
[6 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]

< *Office 2010* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-15 21:14:55

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.19 18:07:11 | 000,000,512 | ---- | M] () MD5=49FA0C81BBE6C9476385DABF4672E103 -- C:\PhysicalMBR.bin

< End of report >

rEvoluce · #10 Příspěvek od **rEvoluce** » 19 lis 2011 18:36

OTL Extras logfile created on: 19.11.2011 18:05:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Pavel\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,36 Mb Total Physical Memory | 467,56 Mb Available Physical Memory | 45,69% Memory free
2,40 Gb Paging File | 1,90 Gb Available in Paging File | 78,97% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 178,01 Gb Free Space | 76,44% Space Free | Partition Type: NTFS

Computer Name: PAOLO | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-527237240-1844823847-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Starcraft\StarCraft.exe" = C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft -- (Blizzard Entertainment)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EA61701-F43C-4758-92AB-0B69A2262027}" = SlimDrivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A31A5DFC-3439-48FC-99BB-5174168AE471}" = COMODO livePCsupport
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X - Czech
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 267.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 267.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A0C307-053A-4335-8B28-60E901DB1029}" = Nero 7 Essentials
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC452A50-5C87-4A1F-B295-445C3C69BF7D}" = NVIDIA MediaShield
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F30C2271-5D81-42DB-81C2-DD7853118F1E}" = W302P
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"Comodo TrustConnect™_is1" = Comodo TrustConnect™ v.1.7.1
"DAEMON Tools Lite" = DAEMON Tools Lite
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Starcraft" = Starcraft
"Sweet Home 3D_is1" = Sweet Home 3D version 2.6
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24.6.2011 8:02:01 | Computer Name = PAOLO | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 24.6.2011 8:19:17 | Computer Name = PAOLO | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 24.6.2011 10:14:16 | Computer Name = PAOLO | Source = MsiInstaller | ID = 11935
Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 - Chyba 1935.
Při instalaci sestavení System.ServiceModel,fileVersion="3.0.4506.2254",culture="neutral",version="3.0.0.0",publicKeyToken="b77a5c561934e089",processorArchitecture="MSIL"
došlo k chybě. Další informace najdete v Nápovědě a odborné pomoci. HRESULT: 0x80070020.
rozhraní sestavení: IAssemblyCacheItem, funkce: Commit, součást: {3642A1B3-C3EB-47DE-B3BE-7DC83A332237}

Error - 24.6.2011 10:14:23 | Computer Name = PAOLO | Source = MsiInstaller | ID = 1023
Description = Aktualizaci KB958483 produktu Microsoft .NET Framework 3.0 Service
Pack 2 nebylo možné nainstalovat. Kód chyby: 1603. Další informace naleznete v
souboru protokolu C:\DOCUME~1\Pavel\LOCALS~1\Temp\Microsoft .NET Framework 3.0-KB958483_20110624_141343000-Msi0.txt.

Error - 24.6.2011 10:14:25 | Computer Name = PAOLO | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb958483,
P2 1029, P3 1603, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
1935.

Error - 21.8.2011 12:08:19 | Computer Name = PAOLO | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 7.9.2011 9:30:49 | Computer Name = PAOLO | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80244022, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 15.11.2011 17:12:37 | Computer Name = PAOLO | Source = MsiInstaller | ID = 11704
Description = Produkt: Microsoft Office Professional Edition 2003 - Chyba 1704.
Instalace produktu Microsoft Office File Validation Add-In je pozastavena. Chcete-li
pokračovat, je nutné vrátit zpět změny provedené při instalaci. Chcete tyto změny
vrátit zpět?

Error - 18.11.2011 6:59:41 | Computer Name = PAOLO | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 7.0.1.4288, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.11.2011 6:59:41 | Computer Name = PAOLO | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 7.0.1.4288, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 31.8.2011 15:36:04 | Computer Name = PAOLO | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 29 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 7.9.2011 9:19:27 | Computer Name = PAOLO | Source = nvgts | ID = 262153
Description = Zařízení \Device\Scsi\nvgts1 neodpovídá v periodě časového limitu.

Error - 7.9.2011 9:19:28 | Computer Name = PAOLO | Source = nvgts | ID = 262149
Description = Na \Device\Scsi\nvgts1 byla zjištěna chyba parity.

Error - 23.10.2011 5:10:01 | Computer Name = PAOLO | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 23.10.2011 5:10:01 | Computer Name = PAOLO | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 23.10.2011 5:10:21 | Computer Name = PAOLO | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 23.10.2011 5:10:21 | Computer Name = PAOLO | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 30.10.2011 11:01:03 | Computer Name = PAOLO | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 30.10.2011 11:01:03 | Computer Name = PAOLO | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 30.10.2011 11:08:13 | Computer Name = PAOLO | Source = nvgts | ID = 262153
Description = Zařízení \Device\Scsi\nvgts1 neodpovídá v periodě časového limitu.

< End of report >

rEvoluce · #11 Příspěvek od **rEvoluce** » 19 lis 2011 18:41

Uff.... to je teda dat

Jinak, Windows Defender má vypnutý celou dobu,což jsem ani nevěděl:) A od Comoda mám jen firewall - složku Defense+ jsem deaktivoval, pro jistotu.

Tak či tak, dík moc.

Pavel

#12 Příspěvek od **Mc_Murphy** » 20 lis 2011 12:02

Co se týče antiviru a firewallu tedy OK.

Ano, dat to je spousta, ale jedině tak se dá "nahlídnout" do počítače, aniž bys u něj seděl a provedl, co potřebuješ.

Ty Office, co máš v počítači nejsou zrovna moc legální, co?

Měl bys je odinstalovat a nahradit nějakým free řešením, nebo si je zakoupit! Obrázek

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:OTL
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [NWEReboot] File not found
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[12 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\58733582baf5ece2ae0c531334d76e41\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\58733582baf5ece2ae0c531334d76e41\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[7 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]

:Services
NBService

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=-

:Files
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\Documents and Settings\Pavel\Recent\Office 2003 Professional with SP1,2,3 + Working Serial.lnk /d
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

rEvoluce · #13 Příspěvek od **rEvoluce** » 20 lis 2011 12:09

Ok dík, provedu. Jen malá otázka, takže jsme něco našli?

Nebo co vlastně dělám?

#14 Příspěvek od **Mc_Murphy** » 20 lis 2011 12:16

Nic nebezpečného jsme nenašli. Tohle jsou jen zbytky, či prázdné klíče registrů, zbytečné služby a tak podobně.

rEvoluce · #15 Příspěvek od **rEvoluce** » 20 lis 2011 12:29

Ok, prima.

VIRY.CZ

Kontrola logu, pomalý start programů po startu PC

Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC

Re: Kontrola logu, pomalý start programů po startu PC