Pomalé PC

Zpráva

Masek33 · #1 Příspěvek od **Masek33** » 07 črc 2012 22:03

Dobrý večer,
včera při bouřce jsem nestihl vypnout PC a ve městě vypadl proud. Když jsem poté pc zapnul, tak od té doby se mi windows načítá asi 5 minut, což dříve takto dlouho netrvalo a všeobecně je PC pomalé. Puštění mozilly trva asi minutu, když přejíždím myší přes obrazovku, tak se seká a PC je všobecně pomalé. Provedl jsem scandisk, vyčistil PC pomocí CCleaneru, defragmentoval disky a pořád nic. Proto jsem se chtěl obrátit na Vás, jestli by jste mi s tím nemohli poradit. Pomůžete mi prosím?
Přikládám log z RSTI:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-07-07 23:00:11
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 23 GB (64%) free of 36 GB
Total RAM: 3071 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:48, on 7.7.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\totalcmd\TOTALCMD.EXE
D:\Petr\_PROGRAMY\RSIT\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 3279 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\wrvg0wlf.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732]
"Description"=6.0.12.732
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\wrvg0wlf.default\extensions\
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 6749512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-01-10 2779824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-01-10 3621040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^RVS 2010.lnk]
C:\PROGRA~1\Returnil\RVS3\rvsgui.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WINDOW~4\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\HRY\TmNationsForever\TmForever.exe"="D:\HRY\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\HRY\Call of Duty 2\CoD2MP_s.exe"="D:\HRY\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\HRY\Call of Duty 4\iw3mp.exe"="D:\HRY\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\HRY\WoW\World of Warcraft\Launcher.exe"="D:\HRY\WoW\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.XFR1"=xfcodec.dll
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2012-07-07 13:43:03 ----D---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2012-07-07 23:00:44 ----D---- C:\Program Files\trend micro
2012-07-07 22:59:17 ----D---- C:\WINDOWS\Prefetch
2012-07-07 22:52:50 ----A---- C:\WINDOWS\wincmd.ini
2012-07-07 22:35:55 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-07 22:32:01 ----D---- C:\WINDOWS\temp
2012-07-07 14:54:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-07 13:59:10 ----D---- C:\WINDOWS\system32\config
2012-07-07 13:58:01 ----D---- C:\WINDOWS\system32\wbem
2012-07-07 13:57:56 ----D---- C:\WINDOWS\Registration
2012-07-07 13:55:16 ----D---- C:\WINDOWS\system32
2012-07-07 13:55:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent
2012-07-07 13:43:06 ----D---- C:\Program Files\LogMeIn Hamachi
2012-07-07 13:43:03 ----SHD---- C:\WINDOWS\Installer
2012-07-07 13:41:46 ----D---- C:\WINDOWS\system32\Restore
2012-07-07 13:34:20 ----RD---- C:\Program Files
2012-07-07 11:18:25 ----D---- C:\WINDOWS
2012-06-27 14:09:20 ----D---- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
2012-06-27 14:01:55 ----D---- C:\WINDOWS\system32\drivers
2012-06-23 19:08:35 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-06-22 12:46:53 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-06-19 08:45:11 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-06-18 18:59:59 ----D---- C:\Program Files\Mozilla Firefox
2012-06-16 18:39:25 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2012-06-16 18:34:29 ----A---- C:\WINDOWS\system32\PnkBstrA.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\System32\DRIVERS\gagp30kx.sys [2004-08-03 46464]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-03-11 97760]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-10 691696]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2012-03-11 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-03-11 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-03-11 31704]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-10-05 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-10-05 18048]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 af1989po;af1989po; C:\WINDOWS\system32\drivers\af1989po.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 GMSIPCI;GMSIPCI; \??\J:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 1983232]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-01-10 482992]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
S3 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-06-16 75064]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2012-06-16 214520]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-09-24 72704]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 08 črc 2012 07:19

Zdravim

Nejdrive zkuste obnovu systemu k datu, kdy jeste fungoval normalne.

Masek33 · #3 Příspěvek od **Masek33** » 08 črc 2012 13:49

Dobrý den, ano to jsem tam pozapomněl napsat, že tento pokus byl také bezúspěšný. Windows se startovaly pořád stejně pomalu a problémy přetrvávaly, tak jsem to vrítil zase zpět abych měl alespoň defragmentované disky. Dříve jsem měl pdobné problémy, ale to bylo způsobené mým Antivirem, který byl příliš náročný na mé postarší PC, ale ten antivir již dávno nemám. Nevím co s tím.

#4 Příspěvek od **Márty84** » 08 črc 2012 14:29

Zkuste nainstalovat Service Pack 3, treba se system vzpamatuje.

Masek33 · #5 Příspěvek od **Masek33** » 08 črc 2012 14:41

Nevím proč, ale SP3 mi nejde nainstalovat a to mám XP koupené. Na konci instalace to vyhodí chybu.

#6 Příspěvek od **Márty84** » 08 črc 2012 14:47

Udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte

Masek33 · #7 Příspěvek od **Masek33** » 08 črc 2012 16:56

MBAM zatím ještě běží...

----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP2 [5.1 Build 2600] (x86)
Date : 2012/07/08 17:54:27

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- WDC WD800JD-22LSA0
+ Sekundární kanál IDE (1)
- SAMSUNG HD403LJ
+ Řadič VIA rozhraní IDE ke sběrnici PCI v režimu Bus Master [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- HL-DT-ST DVDRAM GSA-H42L
+ A4REH2D6 IDE Controller [SCSI]
- PMRSLOT PUVOXE7W5EB SCSI CdRom Device
- PMRSLOT PUVOXE7W5EB SCSI CdRom Device
- PMRSLOT PUVOXE7W5EB SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD800JD-22LSA0 : 80.0 GB [0-0-0, pd1]
(2) SAMSUNG HD403LJ : 400.0 GB [1-1-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD800JD-22LSA0
----------------------------------------------------------------------------
Model : WDC WD800JD-22LSA0
Firmware : 06.01D06
Serial Number : WD-WMAM9S176160
Disk Size : 80.0 GB (8.4/80.0/80.0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 156299375
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12963 hod.
Power On Count : 3556 krát
Temparature : 52 C (125 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 184 179 _21 0000000006EF Čas na roztočení ploten
04 _97 _97 __0 000000000DE4 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _83 _83 __0 0000000032A3 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000DE4 Počet cyklů zapnutí zařízení
BE _48 _32 _45 000000000034 Teplota toku vzduchu
C2 _91 _75 __0 000000000034 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000001 Počet podezřelých sektorů
C6 200 200 __0 000000000001 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 4D
020: 39 53 31 37 36 31 36 30 00 00 40 00 00 41 30 36
030: 2E 30 31 44 30 36 57 44 43 20 57 44 38 30 30 4A
040: 44 2D 32 32 4C 53 41 30 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 F0 6F 09 50 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 06 06 00 00 00 40 00 40
0A0: 00 FE 00 00 74 69 7F 01 40 23 74 69 3C 01 40 23
0B0: 40 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 F0 6F 09 50 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 16 58 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B0 A5

----------------------------------------------------------------------------
(2) SAMSUNG HD403LJ
----------------------------------------------------------------------------
Model : SAMSUNG HD403LJ
Firmware : CT100-12
Serial Number : S0NFJ1EPA06880
Disk Size : 400.0 GB (8.4/137.4/400.0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 781422768
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 5630 hod.
Power On Count : 1023 krát
Temparature : 44 C (111 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 100 100 _15 000000001D00 Čas na roztočení ploten
04 _99 _99 __0 000000000724 Počet spuštění/zastavení
05 253 253 _10 000000000000 Počet přemapovaných sektorů
07 253 253 _51 000000000000 Počet chybných hledání
08 253 253 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000015FE Hodin v činnosti
0A 253 253 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000003FF Počet cyklů zapnutí zařízení
0D 100 100 __0 00000029E203 Počet pokusů o softvérové opravení chyb při čtení programů z disku
BB 253 253 __0 000000000000 Ohlášeno neopravitelných chyb
BC 253 253 __0 000000000000 Časový limit příkazu
BE _57 _47 __0 00000000002B Teplota toku vzduchu
C2 106 _76 __0 00000000002C Teplota
C3 100 100 __0 00000029E203 Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 100 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 40 3F FF C8 37 00 10 88 56 02 2A 00 3F 00 00
010: 00 00 00 00 53 30 4E 46 4A 31 45 50 41 30 36 38
020: 38 30 20 20 20 20 20 20 00 03 80 00 00 04 43 54
030: 31 30 30 2D 31 32 53 41 4D 53 55 4E 47 20 48 44
040: 34 30 33 4C 4A 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 4C 00 40
0A0: 01 F8 00 52 74 6B 7F 01 41 23 74 69 BC 01 41 23
0B0: 80 FF 00 46 00 46 00 00 FF FE 00 00 FE 00 00 00
0C0: 00 00 00 00 00 00 00 00 90 B0 2E 93 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 00 0F 00 1B A0 68 80
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 14
0F0: 40 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 FF FF 04 00 0E 00 00 03
120: 00 00 9A 00 03 00 24 00 6B 20 32 31 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0F 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 04 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A1 A5

#8 Příspěvek od **Márty84** » 08 črc 2012 18:14

MBAM stale skenuje?

At uz neco najde, ci ne, vypada to, ze vam odchazi disk

WDC WD800JD-22LSA0
Health Status : Pozor
C5 200 200 __0 000000000001 Počet podezřelých sektorů
C6 200 200 __0 000000000001 Počet neopravitelných sektorů

To muze byt pricina problemu.

Az dobehne MBAM, udelejte jeste test s HD Tune

Stahnete HD Tune http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte.
V tom okne kliknete na posledni zalozku - Error Scan a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Benchmark a Health a opiste mi, co se tam pise

Časť Health - status by mal byť OK
Časť Error scan - mal by prebehnúť bez problémov, žiadne červené polia alebo chyby počas čítania disku
Časť Benchmark - uvedených 6 čísel vložte do vlákna, v ktorom riešite problém s naším radcom

Masek33 · #9 Příspěvek od **Masek33** » 08 črc 2012 19:57

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.07.08.04

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Administrator :: MAZEL [limited]

8.7.2012 17:42:12
mbam-log-2012-07-08 (17-42-12).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 285982
Uplynulý čas: 3 hodin, 3 minut, 43 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#10 Příspěvek od **Márty84** » 09 črc 2012 13:22

Havet tam asi nebude. Udelejte test s tim HD Tune, jak jsem psal. MBAM zase odinstalujte

Masek33 · #11 Příspěvek od **Masek33** » 09 črc 2012 16:47

Dobrý den, bylo tam jedno červené políčko.

HD Tune: WDC WD800JD-22LSA0 Health

ID Current Worst ThresholdData Status
(01) Raw Read Error Rate 200 200 51 0 Ok
(03) Spin Up Time 184 179 21 1775 Ok
(04) Start/Stop Count 97 97 0 3557 Ok
(05) Reallocated Sector Count 200 200 140 0 Ok
(07) Seek Error Rate 200 200 51 0 Ok
(09) Power On Hours Count 83 83 0 12975 Ok
(0A) Spin Retry Count 100 100 51 0 Ok
(0B) Calibration Retry Count 100 100 51 0 Ok
(0C) Power Cycle Count 97 97 0 3557 Ok
(BE) Airflow Temperature 50 32 45 50 Ok
(C2) Temperature 93 75 0 50 Ok
(C4) Reallocated Event Count 200 200 0 0 Ok
(C5) Current Pending Sector 200 200 0 1 Ok
(C6) Offline Uncorrectable 200 200 0 1 Ok
(C7) Ultra DMA CRC Error Count 200 200 0 0 Ok
(C8) Write Error Rate 200 200 51 0 Ok

Power On Time : 12975
Health Status : Ok

HD Tune: WDC WD800JD-22LSA0 Benchmark

Transfer Rate Minimum : 2.8 MB/sec
Transfer Rate Maximum : 3.5 MB/sec
Transfer Rate Average : 3.4 MB/sec
Access Time : 14.2 ms
Burst Rate : 3.5 MB/sec
CPU Usage : 98.2%

#12 Příspěvek od **Márty84** » 10 črc 2012 14:53

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Masek33 · #13 Příspěvek od **Masek33** » 10 črc 2012 19:55

Nevím z jakých důvodů ale udělalo mi to jen OTL.txt ten druhý ne.
Jinak jsem ještě zkusil nahrát zálohu disku, která je stará cca půl roku. Bohužel bezúšpěšně.

OTL logfile created on: 10.7.2012 19:11:40 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 82,39% Memory free
4,84 Gb Paging File | 4,40 Gb Available in Paging File | 90,79% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,51 Gb Total Space | 23,59 Gb Free Space | 66,44% Space Free | Partition Type: NTFS
Drive D: | 372,61 Gb Total Space | 25,43 Gb Free Space | 6,82% Space Free | Partition Type: NTFS
Drive E: | 39,01 Gb Total Space | 27,40 Gb Free Space | 70,22% Space Free | Partition Type: FAT32

Computer Name: MAZEL | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.01.10 06:18:44 | 000,482,992 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\st_rsser.exe
PRC - [2012.01.09 17:49:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2012.01.08 15:08:31 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.05.09 23:17:34 | 002,552,648 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.05.09 09:38:44 | 001,779,792 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2007.09.14 07:02:10 | 001,080,264 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2006.08.02 23:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004.08.17 15:49:26 | 000,815,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.01.08 15:08:31 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.05.02 20:35:30 | 000,648,520 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\scrtemu.cav

========== Win32 Services (SafeList) ==========

SRV - [2012.01.10 06:18:44 | 000,482,992 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2011.08.15 16:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.05.09 09:38:44 | 001,779,792 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)

========== Driver Services (SafeList) ==========

DRV - [2011.10.05 16:33:28 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.10.05 16:33:27 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.06.21 12:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.05.07 16:17:56 | 000,097,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011.05.02 20:36:54 | 000,029,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.05.02 20:36:52 | 000,242,472 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.05.02 20:36:52 | 000,017,416 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2010.06.10 20:51:39 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2006.08.18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-583907252-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-583907252-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-583907252-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1085031214-583907252-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1085031214-583907252-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-583907252-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-583907252-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Wikipedie (cs)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.08 15:08:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.21 11:52:29 | 000,000,000 | ---D | M]

[2010.06.11 16:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2012.07.10 19:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\wrvg0wlf.default\extensions
[2012.07.10 18:34:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\wrvg0wlf.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.07.10 19:10:04 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\wrvg0wlf.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.07.10 19:10:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\wrvg0wlf.default\extensions\staged
[2012.01.08 15:08:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.05.21 11:52:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.05.21 11:52:33 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WRVG0WLF.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WRVG0WLF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WRVG0WLF.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WRVG0WLF.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\WRVG0WLF.DEFAULT\EXTENSIONS\CHECK4CHANGE-OWNER@MOZDEV.ORG.XPI
[2012.01.08 15:08:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.01.09 18:58:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.08 15:08:27 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.08 15:08:27 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.01.08 15:08:27 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.08 15:08:27 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.08 15:08:27 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

O1 HOSTS File: ([2012.01.10 22:38:57 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-583907252-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0442A946-A19B-4A83-B4EC-7B5342A96A77}: DhcpNameServer = 192.168.1.1
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Data aplikací\Ashampoo Photo Commander 7\Ashampoo Photo Commander Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Data aplikací\Ashampoo Photo Commander 7\Ashampoo Photo Commander Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.09 22:10:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /p \??\O:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.07.10 19:01:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012.07.10 18:47:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\COMODO
[2012.07.10 18:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
[2012.07.10 18:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO

========== Files - Modified Within 30 Days ==========

[2012.07.10 19:21:28 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2012.07.10 19:14:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.10 19:00:11 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.07.10 18:58:41 | 000,004,783 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012.07.10 18:52:00 | 000,272,291 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012.07.10 18:51:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.10 18:49:00 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO Internet Security.lnk
[2012.07.10 18:46:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.10 18:39:10 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
[2012.07.10 18:34:31 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.10 18:30:57 | 000,413,092 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.07.10 18:30:57 | 000,394,912 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.10 18:30:57 | 000,078,124 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.07.10 18:30:57 | 000,059,810 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2012.07.10 19:14:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.10 18:49:00 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO Internet Security.lnk
[2012.07.10 18:39:10 | 000,000,452 | ---- | C] () -- C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
[2012.01.21 14:50:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.10.05 20:49:11 | 000,001,647 | ---- | C] () -- C:\WINDOWS\System32\.ini
[2011.10.05 16:33:28 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.10.05 16:33:27 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.03.26 17:23:16 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.02.26 03:19:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.12.06 22:35:29 | 000,000,075 | ---- | C] () -- C:\WINDOWS\tmp2Level.ini
[2010.12.06 22:35:29 | 000,000,075 | ---- | C] () -- C:\WINDOWS\level.ini
[2010.11.02 18:03:35 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.08.27 12:56:22 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.07.21 10:24:27 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.21 19:32:42 | 002,293,286 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.06.14 19:41:22 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.14 18:23:11 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\PnkBstrK.sys
[2010.06.14 18:17:48 | 000,271,200 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.06.14 18:17:43 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.06.14 18:17:35 | 000,000,281 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.06.11 16:08:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.10 21:36:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\DriveInfo.dll
[2010.06.10 21:18:46 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.06.10 20:37:31 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.06.10 20:29:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.06.10 20:29:15 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010.06.10 20:29:05 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.06.10 17:01:03 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.06.10 17:01:02 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.06.10 17:01:01 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.06.10 17:01:01 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.06.10 17:01:00 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.06.10 17:00:58 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.06.10 16:21:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010.06.10 16:16:04 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010.06.10 16:16:01 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010.06.10 16:16:00 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2010.06.10 16:16:00 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2010.06.10 16:15:59 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2010.06.10 16:15:59 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2010.06.10 16:15:58 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\sw24.exe
[2010.06.10 00:08:09 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2010.06.09 23:50:59 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.06.09 23:49:52 | 000,172,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.09 23:42:37 | 000,004,783 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.06.09 22:12:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.06.09 22:07:43 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.05.26 22:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008.05.26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.22 18:39:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007.06.25 21:34:26 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002.09.20 20:19:36 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002.03.25 22:02:14 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001.10.25 16:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 16:00:00 | 000,413,092 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 16:00:00 | 000,394,912 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 16:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 16:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 16:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 16:00:00 | 000,078,124 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 16:00:00 | 000,059,810 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 16:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 16:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 16:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 16:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.11 13:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.11 13:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2012.01.10 22:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
[2010.10.08 18:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2010.08.27 15:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo Photo Commander 7
[2011.01.10 17:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canneverbe Limited
[2010.06.10 17:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\COWON
[2012.01.07 23:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2012.01.11 20:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DVDVideoSoft
[2011.10.30 21:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2012.01.12 18:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leawo
[2011.06.01 20:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LolClient
[2010.08.28 23:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2010.06.14 15:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Returnil
[2012.01.21 14:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2012.01.12 18:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\tiger-k
[2012.01.20 23:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TS3Client
[2010.07.27 20:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Uniblue
[2010.09.19 20:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Unigraphics Solutions
[2012.01.08 17:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2011.01.09 19:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VitySoft
[2010.06.10 22:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Windows Desktop Search
[2010.06.11 14:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Windows Search
[2010.06.14 22:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2012.07.10 18:45:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.01.10 17:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2012.07.10 18:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
[2010.06.10 20:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.10.11 17:18:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2011.10.05 20:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fssg
[2010.10.29 09:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.03.26 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2010.06.14 15:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Returnil
[2012.01.21 15:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.06.14 20:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2010.06.09 23:45:15 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012.07.10 18:39:10 | 000,000,452 | ---- | M] () -- C:\WINDOWS\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 03:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2002.09.20 20:05:14 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=82CD2AA659D68781D29BA87421BE0E40 -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2002.08.29 03:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2009.12.22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2009.12.22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2002.09.20 20:03:40 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 20:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2002.09.20 20:05:24 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2004.08.03 22:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2002.08.29 03:05:04 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2002.09.20 20:05:32 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2002.08.29 04:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.20 20:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2002.09.20 20:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2002.09.20 20:05:44 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2001.10.25 16:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2011.12.24 18:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\_OTL\MovedFiles\01102012_213845\C_Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2002.08.29 03:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
[2002.09.20 20:05:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2011.12.24 18:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\_OTL\MovedFiles\01102012_213845\C_Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2002.09.20 20:05:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2001.10.25 16:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[11 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.01.10 22:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
[2010.11.04 19:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2010.10.08 18:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2010.08.27 15:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo Photo Commander 7
[2011.01.10 17:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canneverbe Limited
[2010.06.10 17:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\COWON
[2012.01.07 23:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2012.01.11 20:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DVDVideoSoft
[2011.10.30 21:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICQ
[2010.06.09 22:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2010.06.10 17:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
[2012.01.12 18:58:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leawo
[2011.06.01 20:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LolClient
[2010.06.14 17:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2010.06.10 17:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2011.07.20 20:30:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.06.11 16:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.08.28 23:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2011.12.14 17:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Real
[2010.06.14 15:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Returnil
[2012.01.15 17:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2012.01.14 14:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2012.01.21 14:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2011.01.09 18:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2012.01.12 18:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\tiger-k
[2012.01.20 23:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TS3Client
[2010.07.27 20:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Uniblue
[2010.09.19 20:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Unigraphics Solutions
[2012.01.08 17:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2011.01.09 19:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VitySoft
[2010.06.10 22:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Windows Desktop Search
[2010.06.11 14:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Windows Search
[2011.03.26 14:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Xfire

< %APPDATA%\*.exe /s >
[2010.10.21 03:00:02 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft\zaloha\Minecraft Updater.exe
[2010.09.25 11:15:25 | 000,232,159 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft\zaloha\Minecraft.exe
[2010.10.11 14:19:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.10 20:51:39 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2010.06.09 23:48:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.06.09 23:48:52 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.06.09 23:48:52 | 000,434,176 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.10 18:34:31 | 000,002,504 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.07.10 18:52:00 | 000,272,291 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2012.07.10 18:30:57 | 000,078,124 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.07.10 18:30:57 | 000,059,810 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.07.10 18:30:57 | 000,413,092 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.07.10 18:30:57 | 000,394,912 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.07.10 18:30:56 | 000,958,948 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.07.10 18:46:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.10 19:14:30 | 000,000,512 | ---- | M] () MD5=D156110CBA20EFDCA8B4F2598E9ACC89 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2005.03.24 13:51:08 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2005.03.16 19:16:50 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.dll
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.tlb
[2011.07.11 17:52:47 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.07.11 17:52:48 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.07.11 17:52:47 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.11 17:55:50 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.07.11 17:55:53 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.07.11 17:55:54 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.07.12 20:23:59 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\rps\preloader02.swf
[2011.07.11 18:03:14 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011.07.12 20:05:56 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\zoopaloola\preloader02.swf
[2010.02.17 05:44:10 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2010.08.28 22:55:03 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.02.17 12:37:14 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.08.28 22:56:01 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.02.18 02:06:56 | 000,003,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2007.04.01 20:31:22 | 000,094,208 | ---- | M] () -- \Program Files\Solid Edge V20\Program\Bmp_Loader.dll
[2007.04.01 20:31:22 | 000,364,544 | ---- | M] () -- \Program Files\Solid Edge V20\Program\CGM_Loader.dll
[2007.04.01 20:31:22 | 000,376,832 | ---- | M] () -- \Program Files\Solid Edge V20\Program\CGM_NIST_Loader.dll
[2007.04.01 20:31:22 | 000,090,112 | ---- | M] () -- \Program Files\Solid Edge V20\Program\Converter_Loader.dll
[2007.04.01 20:31:22 | 000,065,536 | ---- | M] () -- \Program Files\Solid Edge V20\Program\DFT_Loader.dll
[2007.04.01 20:31:22 | 000,512,000 | ---- | M] () -- \Program Files\Solid Edge V20\Program\Dgn_Loader.dll
[2007.04.01 20:31:22 | 000,065,536 | ---- | M] () -- \Program Files\Solid Edge V20\Program\DWF_Loader.dll
[2007.04.01 20:31:24 | 005,304,320 | ---- | M] () -- \Program Files\Solid Edge V20\Program\Dwg_Loader.dll
[2007.04.01 20:31:22 | 000,040,960 | ---- | M] () -- \Program Files\Solid Edge V20\Program\EMF_Loader.dll
[2007.04.01 20:31:22 | 000,086,016 | ---- | M] () -- \Program Files\Solid Edge V20\Program\Gif_Loader.dll
[2007.04.01 20:31:22 | 000,118,784 | ---- | M] () -- \Program Files\Solid Edge V20\Program\Jpeg_Loader.dll
[2007.04.01 20:31:24 | 000,110,592 | ---- | M] () -- \Program Files\Solid Edge V20\Program\LoaderFactory.dll
[2007.04.01 20:31:24 | 000,122,880 | ---- | M] () -- \Program Files\Solid Edge V20\Program\MI_Loader.dll
[2007.04.01 20:31:24 | 000,020,992 | ---- | M] () -- \Program Files\Solid Edge V20\Program\NULL_Loader.dll
[2007.04.01 20:31:24 | 000,057,344 | ---- | M] () -- \Program Files\Solid Edge V20\Program\PLMXMLLoader.dll
[2007.04.01 20:31:24 | 000,028,160 | ---- | M] () -- \Program Files\Solid Edge V20\Program\PRT_Loader.dll
[2007.04.01 20:31:26 | 000,421,888 | ---- | M] () -- \Program Files\Solid Edge V20\Program\Tiff_Loader.dll
[2007.04.01 20:31:28 | 000,053,248 | ---- | M] () -- \Program Files\Solid Edge V20\Program\UGPrtLoader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2002.09.20 20:03:42 | 000,031,744 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2004.08.03 22:59:38 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2004.08.03 22:59:38 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.06.25 21:34:26 | 000,070,400 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll

< *minodlogin* /s >

< *tnod* /s >
[2007.04.01 20:31:48 | 000,000,112 | ---- | M] () -- \Program Files\Solid Edge V20\WebPublish\default\icons\lastnode.gif
[2007.04.01 20:31:50 | 000,000,112 | ---- | M] () -- \Program Files\Solid Edge V20\WebPublish\generic\icons\lastnode.gif

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2010.12.04 03:04:10 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.51204.0\System.Runtime.Serialization.dll
[2011.03.09 19:23:51 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.51204.0\System.Runtime.Serialization.ni.dll
[2002.09.20 19:21:56 | 000,062,208 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2010.06.10 22:15:34 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.10 21:32:43 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2005.09.23 07:28:56 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.12.20 18:13:56 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2004.08.17 15:43:56 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2004.08.17 15:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.07.19 18:54:20 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 16:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 16:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 16:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 16:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2004.08.17 15:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

#14 Příspěvek od **Márty84** » 11 črc 2012 07:52

Zkuste pc spustit v nouzovem rezimu. Je i v nem takhle pomaly?

Masek33 · #15 Příspěvek od **Masek33** » 11 črc 2012 12:53

Bohužel k mé smůle nejde ani nouzový režim spustit. Při souštění BIOSu zmáčnu F9 (F8 nefunguje) a nasledně to načte paměti a pak to vypíše No HPA Enabled Drive, Press Any Key To Boot, ale na žídnou klávesu to nereaguje... Nejsem si vědom, že bych HPA nějakým způsobem odstraňoval z pevného disku.

VIRY.CZ

Pomalé PC

Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC